SUSE 5180 Published by

The following security updates have been released for SUSE Linux:

SUSE-SU-2024:1100-1: moderate: Security update for libvirt
SUSE-SU-2024:1103-1: important: Security update for qemu
SUSE-SU-2024:1101-1: moderate: Security update for xen
SUSE-SU-2024:1136-1: moderate: Security update for c-ares
SUSE-SU-2024:1139-1: moderate: Security update for ucode-intel
SUSE-SU-2024:1102-1: moderate: Security update for xen
SUSE-SU-2024:1133-1: moderate: Security update for ncurses
SUSE-SU-2024:1137-1: moderate: Security update for helm
SUSE-SU-2024:1143-1: important: Security update for buildah
SUSE-SU-2024:1144-1: important: Security update for buildah
SUSE-SU-2024:1145-1: important: Security update for buildah
SUSE-SU-2024:1146-1: important: Security update for podman
SUSE-SU-2024:1151-1: moderate: Security update for curl
SUSE-SU-2024:1152-1: moderate: Security update for xen
SUSE-SU-2024:1154-1: important: Security update for python-Pillow
SUSE-SU-2024:1162-1: important: Security update for python310
SUSE-SU-2024:1129-1: important: Security update for expat
SUSE-SU-2024:1122-1: important: Security update for go1.21
SUSE-SU-2024:1121-1: important: Security update for go1.22




SUSE-SU-2024:1100-1: moderate: Security update for libvirt


# Security update for libvirt

Announcement ID: SUSE-SU-2024:1100-1
Rating: moderate
References:

* bsc#1221749
* bsc#1221815

Cross-References:

* CVE-2024-2494

CVSS scores:

* CVE-2024-2494 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.4
* openSUSE Leap Micro 5.3
* openSUSE Leap Micro 5.4
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for libvirt fixes the following issues:

* CVE-2024-2494: Add a check for negative array lengths before allocation to
prevent potential DoS. (bsc#1221815)

The following non-security bug was fixed:

* Avoid memleak in virNodeDeviceGetPCIVPDDynamicCap() (bsc#1221749).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-1100=1

* openSUSE Leap Micro 5.3
zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1100=1

* openSUSE Leap Micro 5.4
zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1100=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-1100=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-1100=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-1100=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-1100=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1100=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1100=1

* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1100=1

* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1100=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1100=1

* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1100=1

* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2024-1100=1

* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1100=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* libvirt-daemon-driver-lxc-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-qemu-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-secret-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.11.2
* libvirt-daemon-lxc-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nwfilter-debuginfo-8.0.0-150400.7.11.2
* wireshark-plugin-libvirt-debuginfo-8.0.0-150400.7.11.2
* libvirt-nss-debuginfo-8.0.0-150400.7.11.2
* libvirt-client-8.0.0-150400.7.11.2
* libvirt-libs-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-core-debuginfo-8.0.0-150400.7.11.2
* libvirt-lock-sanlock-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-mpath-debuginfo-8.0.0-150400.7.11.2
* libvirt-lock-sanlock-8.0.0-150400.7.11.2
* libvirt-daemon-driver-qemu-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-core-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nodedev-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-direct-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.11.2
* libvirt-libs-debuginfo-8.0.0-150400.7.11.2
* libvirt-nss-8.0.0-150400.7.11.2
* libvirt-daemon-config-nwfilter-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-gluster-8.0.0-150400.7.11.2
* wireshark-plugin-libvirt-8.0.0-150400.7.11.2
* libvirt-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-logical-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-scsi-debuginfo-8.0.0-150400.7.11.2
* libvirt-debugsource-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nodedev-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-disk-8.0.0-150400.7.11.2
* libvirt-daemon-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-config-network-8.0.0-150400.7.11.2
* libvirt-daemon-driver-interface-8.0.0-150400.7.11.2
* libvirt-client-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-8.0.0-150400.7.11.2
* libvirt-daemon-driver-network-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-qemu-8.0.0-150400.7.11.2
* libvirt-daemon-driver-network-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-logical-8.0.0-150400.7.11.2
* libvirt-daemon-driver-secret-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nwfilter-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-gluster-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.11.2
* libvirt-daemon-driver-lxc-8.0.0-150400.7.11.2
* libvirt-daemon-driver-interface-debuginfo-8.0.0-150400.7.11.2
* libvirt-devel-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-disk-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-hooks-8.0.0-150400.7.11.2
* openSUSE Leap 15.4 (x86_64)
* libvirt-client-32bit-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-libxl-8.0.0-150400.7.11.2
* libvirt-daemon-driver-libxl-debuginfo-8.0.0-150400.7.11.2
* libvirt-devel-32bit-8.0.0-150400.7.11.2
* libvirt-daemon-xen-8.0.0-150400.7.11.2
* openSUSE Leap 15.4 (noarch)
* libvirt-doc-8.0.0-150400.7.11.2
* openSUSE Leap 15.4 (aarch64 x86_64)
* libvirt-daemon-driver-storage-rbd-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.11.2
* openSUSE Leap 15.4 (aarch64_ilp32)
* libvirt-client-64bit-debuginfo-8.0.0-150400.7.11.2
* libvirt-devel-64bit-8.0.0-150400.7.11.2
* openSUSE Leap Micro 5.3 (aarch64 x86_64)
* libvirt-daemon-driver-qemu-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-secret-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nwfilter-debuginfo-8.0.0-150400.7.11.2
* libvirt-client-8.0.0-150400.7.11.2
* libvirt-libs-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-core-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-mpath-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-qemu-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-core-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nodedev-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-direct-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.11.2
* libvirt-libs-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-logical-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-scsi-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nodedev-debuginfo-8.0.0-150400.7.11.2
* libvirt-debugsource-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-disk-8.0.0-150400.7.11.2
* libvirt-daemon-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-rbd-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-interface-8.0.0-150400.7.11.2
* libvirt-client-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-8.0.0-150400.7.11.2
* libvirt-daemon-driver-network-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-qemu-8.0.0-150400.7.11.2
* libvirt-daemon-driver-network-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-logical-8.0.0-150400.7.11.2
* libvirt-daemon-driver-secret-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nwfilter-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.11.2
* libvirt-daemon-driver-interface-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-disk-debuginfo-8.0.0-150400.7.11.2
* openSUSE Leap Micro 5.4 (aarch64 s390x x86_64)
* libvirt-daemon-driver-qemu-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-secret-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nwfilter-debuginfo-8.0.0-150400.7.11.2
* libvirt-client-8.0.0-150400.7.11.2
* libvirt-libs-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-core-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-mpath-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-qemu-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-core-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nodedev-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-direct-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.11.2
* libvirt-libs-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-logical-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-scsi-debuginfo-8.0.0-150400.7.11.2
* libvirt-debugsource-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nodedev-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-disk-8.0.0-150400.7.11.2
* libvirt-daemon-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-interface-8.0.0-150400.7.11.2
* libvirt-client-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-8.0.0-150400.7.11.2
* libvirt-daemon-driver-network-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-qemu-8.0.0-150400.7.11.2
* libvirt-daemon-driver-network-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-logical-8.0.0-150400.7.11.2
* libvirt-daemon-driver-secret-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nwfilter-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.11.2
* libvirt-daemon-driver-interface-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-disk-debuginfo-8.0.0-150400.7.11.2
* openSUSE Leap Micro 5.4 (aarch64 x86_64)
* libvirt-daemon-driver-storage-rbd-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.11.2
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* libvirt-daemon-driver-qemu-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-secret-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nwfilter-debuginfo-8.0.0-150400.7.11.2
* libvirt-client-8.0.0-150400.7.11.2
* libvirt-libs-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-core-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-mpath-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-qemu-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-core-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nodedev-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-direct-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.11.2
* libvirt-libs-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-logical-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-scsi-debuginfo-8.0.0-150400.7.11.2
* libvirt-debugsource-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nodedev-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-disk-8.0.0-150400.7.11.2
* libvirt-daemon-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-interface-8.0.0-150400.7.11.2
* libvirt-client-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-8.0.0-150400.7.11.2
* libvirt-daemon-driver-network-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-qemu-8.0.0-150400.7.11.2
* libvirt-daemon-driver-network-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-logical-8.0.0-150400.7.11.2
* libvirt-daemon-driver-secret-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nwfilter-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.11.2
* libvirt-daemon-driver-interface-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-disk-debuginfo-8.0.0-150400.7.11.2
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 x86_64)
* libvirt-daemon-driver-storage-rbd-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.11.2
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* libvirt-daemon-driver-qemu-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-secret-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nwfilter-debuginfo-8.0.0-150400.7.11.2
* libvirt-client-8.0.0-150400.7.11.2
* libvirt-libs-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-core-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-mpath-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-qemu-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-core-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nodedev-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-direct-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.11.2
* libvirt-libs-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-logical-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-scsi-debuginfo-8.0.0-150400.7.11.2
* libvirt-debugsource-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nodedev-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-disk-8.0.0-150400.7.11.2
* libvirt-daemon-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-interface-8.0.0-150400.7.11.2
* libvirt-client-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-8.0.0-150400.7.11.2
* libvirt-daemon-driver-network-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-qemu-8.0.0-150400.7.11.2
* libvirt-daemon-driver-network-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-logical-8.0.0-150400.7.11.2
* libvirt-daemon-driver-secret-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nwfilter-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.11.2
* libvirt-daemon-driver-interface-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-disk-debuginfo-8.0.0-150400.7.11.2
* SUSE Linux Enterprise Micro 5.3 (aarch64 x86_64)
* libvirt-daemon-driver-storage-rbd-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.11.2
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* libvirt-daemon-driver-qemu-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-secret-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nwfilter-debuginfo-8.0.0-150400.7.11.2
* libvirt-client-8.0.0-150400.7.11.2
* libvirt-libs-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-core-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-mpath-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-qemu-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-core-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nodedev-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-direct-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.11.2
* libvirt-libs-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-logical-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-scsi-debuginfo-8.0.0-150400.7.11.2
* libvirt-debugsource-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nodedev-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-disk-8.0.0-150400.7.11.2
* libvirt-daemon-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-interface-8.0.0-150400.7.11.2
* libvirt-client-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-8.0.0-150400.7.11.2
* libvirt-daemon-driver-network-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-qemu-8.0.0-150400.7.11.2
* libvirt-daemon-driver-network-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-logical-8.0.0-150400.7.11.2
* libvirt-daemon-driver-secret-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nwfilter-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.11.2
* libvirt-daemon-driver-interface-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-disk-debuginfo-8.0.0-150400.7.11.2
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 x86_64)
* libvirt-daemon-driver-storage-rbd-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.11.2
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* libvirt-daemon-driver-qemu-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-secret-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nwfilter-debuginfo-8.0.0-150400.7.11.2
* libvirt-client-8.0.0-150400.7.11.2
* libvirt-libs-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-core-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-mpath-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-qemu-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-core-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nodedev-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-direct-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.11.2
* libvirt-libs-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-logical-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-scsi-debuginfo-8.0.0-150400.7.11.2
* libvirt-debugsource-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nodedev-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-disk-8.0.0-150400.7.11.2
* libvirt-daemon-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-interface-8.0.0-150400.7.11.2
* libvirt-client-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-8.0.0-150400.7.11.2
* libvirt-daemon-driver-network-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-qemu-8.0.0-150400.7.11.2
* libvirt-daemon-driver-network-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-logical-8.0.0-150400.7.11.2
* libvirt-daemon-driver-secret-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nwfilter-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.11.2
* libvirt-daemon-driver-interface-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-disk-debuginfo-8.0.0-150400.7.11.2
* SUSE Linux Enterprise Micro 5.4 (aarch64 x86_64)
* libvirt-daemon-driver-storage-rbd-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.11.2
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* libvirt-daemon-driver-qemu-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-secret-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nwfilter-debuginfo-8.0.0-150400.7.11.2
* libvirt-nss-debuginfo-8.0.0-150400.7.11.2
* libvirt-client-8.0.0-150400.7.11.2
* libvirt-libs-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-core-debuginfo-8.0.0-150400.7.11.2
* libvirt-lock-sanlock-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-mpath-debuginfo-8.0.0-150400.7.11.2
* libvirt-lock-sanlock-8.0.0-150400.7.11.2
* libvirt-daemon-driver-qemu-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-core-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nodedev-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-direct-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.11.2
* libvirt-libs-debuginfo-8.0.0-150400.7.11.2
* libvirt-nss-8.0.0-150400.7.11.2
* libvirt-daemon-config-nwfilter-8.0.0-150400.7.11.2
* libvirt-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-logical-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-scsi-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nodedev-debuginfo-8.0.0-150400.7.11.2
* libvirt-debugsource-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-disk-8.0.0-150400.7.11.2
* libvirt-daemon-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-config-network-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-rbd-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-interface-8.0.0-150400.7.11.2
* libvirt-client-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-8.0.0-150400.7.11.2
* libvirt-daemon-driver-network-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-qemu-8.0.0-150400.7.11.2
* libvirt-daemon-driver-network-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-logical-8.0.0-150400.7.11.2
* libvirt-daemon-driver-secret-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nwfilter-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.11.2
* libvirt-daemon-driver-interface-debuginfo-8.0.0-150400.7.11.2
* libvirt-devel-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-disk-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-hooks-8.0.0-150400.7.11.2
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (noarch)
* libvirt-doc-8.0.0-150400.7.11.2
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
* libvirt-daemon-xen-8.0.0-150400.7.11.2
* libvirt-daemon-driver-libxl-8.0.0-150400.7.11.2
* libvirt-daemon-driver-libxl-debuginfo-8.0.0-150400.7.11.2
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* libvirt-daemon-driver-qemu-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-secret-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nwfilter-debuginfo-8.0.0-150400.7.11.2
* libvirt-nss-debuginfo-8.0.0-150400.7.11.2
* libvirt-client-8.0.0-150400.7.11.2
* libvirt-libs-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-core-debuginfo-8.0.0-150400.7.11.2
* libvirt-lock-sanlock-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-mpath-debuginfo-8.0.0-150400.7.11.2
* libvirt-lock-sanlock-8.0.0-150400.7.11.2
* libvirt-daemon-driver-qemu-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-core-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nodedev-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-direct-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.11.2
* libvirt-libs-debuginfo-8.0.0-150400.7.11.2
* libvirt-nss-8.0.0-150400.7.11.2
* libvirt-daemon-config-nwfilter-8.0.0-150400.7.11.2
* libvirt-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-logical-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-scsi-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nodedev-debuginfo-8.0.0-150400.7.11.2
* libvirt-debugsource-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-disk-8.0.0-150400.7.11.2
* libvirt-daemon-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-config-network-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-rbd-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-interface-8.0.0-150400.7.11.2
* libvirt-client-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-8.0.0-150400.7.11.2
* libvirt-daemon-driver-network-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-qemu-8.0.0-150400.7.11.2
* libvirt-daemon-driver-network-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-logical-8.0.0-150400.7.11.2
* libvirt-daemon-driver-secret-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nwfilter-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.11.2
* libvirt-daemon-driver-interface-debuginfo-8.0.0-150400.7.11.2
* libvirt-devel-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-disk-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-hooks-8.0.0-150400.7.11.2
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (noarch)
* libvirt-doc-8.0.0-150400.7.11.2
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
* libvirt-daemon-xen-8.0.0-150400.7.11.2
* libvirt-daemon-driver-libxl-8.0.0-150400.7.11.2
* libvirt-daemon-driver-libxl-debuginfo-8.0.0-150400.7.11.2
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64)
* libvirt-libs-debuginfo-8.0.0-150400.7.11.2
* libvirt-debugsource-8.0.0-150400.7.11.2
* libvirt-libs-8.0.0-150400.7.11.2
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x
x86_64)
* libvirt-daemon-driver-qemu-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-secret-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nwfilter-debuginfo-8.0.0-150400.7.11.2
* libvirt-nss-debuginfo-8.0.0-150400.7.11.2
* libvirt-client-8.0.0-150400.7.11.2
* libvirt-libs-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-core-debuginfo-8.0.0-150400.7.11.2
* libvirt-lock-sanlock-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-mpath-debuginfo-8.0.0-150400.7.11.2
* libvirt-lock-sanlock-8.0.0-150400.7.11.2
* libvirt-daemon-driver-qemu-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-core-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nodedev-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-direct-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.11.2
* libvirt-libs-debuginfo-8.0.0-150400.7.11.2
* libvirt-nss-8.0.0-150400.7.11.2
* libvirt-daemon-config-nwfilter-8.0.0-150400.7.11.2
* libvirt-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-logical-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-scsi-debuginfo-8.0.0-150400.7.11.2
* libvirt-debugsource-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nodedev-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-disk-8.0.0-150400.7.11.2
* libvirt-daemon-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-config-network-8.0.0-150400.7.11.2
* libvirt-daemon-driver-interface-8.0.0-150400.7.11.2
* libvirt-client-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-8.0.0-150400.7.11.2
* libvirt-daemon-driver-network-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-qemu-8.0.0-150400.7.11.2
* libvirt-daemon-driver-network-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-logical-8.0.0-150400.7.11.2
* libvirt-daemon-driver-secret-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nwfilter-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.11.2
* libvirt-daemon-driver-interface-debuginfo-8.0.0-150400.7.11.2
* libvirt-devel-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-disk-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-hooks-8.0.0-150400.7.11.2
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 x86_64)
* libvirt-daemon-driver-storage-rbd-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.11.2
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (noarch)
* libvirt-doc-8.0.0-150400.7.11.2
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64)
* libvirt-daemon-xen-8.0.0-150400.7.11.2
* libvirt-daemon-driver-libxl-8.0.0-150400.7.11.2
* libvirt-daemon-driver-libxl-debuginfo-8.0.0-150400.7.11.2
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* libvirt-daemon-driver-qemu-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-secret-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nwfilter-debuginfo-8.0.0-150400.7.11.2
* libvirt-nss-debuginfo-8.0.0-150400.7.11.2
* libvirt-client-8.0.0-150400.7.11.2
* libvirt-libs-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-core-debuginfo-8.0.0-150400.7.11.2
* libvirt-lock-sanlock-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-mpath-debuginfo-8.0.0-150400.7.11.2
* libvirt-lock-sanlock-8.0.0-150400.7.11.2
* libvirt-daemon-driver-qemu-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-core-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nodedev-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-direct-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.11.2
* libvirt-libs-debuginfo-8.0.0-150400.7.11.2
* libvirt-nss-8.0.0-150400.7.11.2
* libvirt-daemon-config-nwfilter-8.0.0-150400.7.11.2
* libvirt-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-logical-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-scsi-debuginfo-8.0.0-150400.7.11.2
* libvirt-debugsource-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nodedev-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-disk-8.0.0-150400.7.11.2
* libvirt-daemon-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-config-network-8.0.0-150400.7.11.2
* libvirt-daemon-driver-interface-8.0.0-150400.7.11.2
* libvirt-client-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-8.0.0-150400.7.11.2
* libvirt-daemon-driver-network-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-qemu-8.0.0-150400.7.11.2
* libvirt-daemon-driver-network-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-logical-8.0.0-150400.7.11.2
* libvirt-daemon-driver-secret-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nwfilter-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.11.2
* libvirt-daemon-driver-interface-debuginfo-8.0.0-150400.7.11.2
* libvirt-devel-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-disk-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-hooks-8.0.0-150400.7.11.2
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (noarch)
* libvirt-doc-8.0.0-150400.7.11.2
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
* libvirt-daemon-driver-libxl-8.0.0-150400.7.11.2
* libvirt-daemon-driver-libxl-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-rbd-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.11.2
* libvirt-daemon-xen-8.0.0-150400.7.11.2
* SUSE Manager Proxy 4.3 (x86_64)
* libvirt-daemon-driver-qemu-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-secret-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nwfilter-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-libxl-debuginfo-8.0.0-150400.7.11.2
* libvirt-nss-debuginfo-8.0.0-150400.7.11.2
* libvirt-client-8.0.0-150400.7.11.2
* libvirt-libs-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-core-debuginfo-8.0.0-150400.7.11.2
* libvirt-lock-sanlock-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-mpath-debuginfo-8.0.0-150400.7.11.2
* libvirt-lock-sanlock-8.0.0-150400.7.11.2
* libvirt-daemon-driver-qemu-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-core-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nodedev-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-direct-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.11.2
* libvirt-libs-debuginfo-8.0.0-150400.7.11.2
* libvirt-nss-8.0.0-150400.7.11.2
* libvirt-daemon-config-nwfilter-8.0.0-150400.7.11.2
* libvirt-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-logical-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-scsi-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nodedev-debuginfo-8.0.0-150400.7.11.2
* libvirt-debugsource-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-disk-8.0.0-150400.7.11.2
* libvirt-daemon-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-config-network-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-rbd-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-interface-8.0.0-150400.7.11.2
* libvirt-client-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-8.0.0-150400.7.11.2
* libvirt-daemon-driver-network-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-qemu-8.0.0-150400.7.11.2
* libvirt-daemon-driver-network-8.0.0-150400.7.11.2
* libvirt-daemon-xen-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-logical-8.0.0-150400.7.11.2
* libvirt-daemon-driver-secret-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nwfilter-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.11.2
* libvirt-daemon-driver-libxl-8.0.0-150400.7.11.2
* libvirt-daemon-driver-interface-debuginfo-8.0.0-150400.7.11.2
* libvirt-devel-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-disk-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-hooks-8.0.0-150400.7.11.2
* SUSE Manager Proxy 4.3 (noarch)
* libvirt-doc-8.0.0-150400.7.11.2
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* libvirt-daemon-driver-qemu-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-secret-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nwfilter-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-libxl-debuginfo-8.0.0-150400.7.11.2
* libvirt-nss-debuginfo-8.0.0-150400.7.11.2
* libvirt-client-8.0.0-150400.7.11.2
* libvirt-libs-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-core-debuginfo-8.0.0-150400.7.11.2
* libvirt-lock-sanlock-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-mpath-debuginfo-8.0.0-150400.7.11.2
* libvirt-lock-sanlock-8.0.0-150400.7.11.2
* libvirt-daemon-driver-qemu-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-core-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nodedev-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-direct-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.11.2
* libvirt-libs-debuginfo-8.0.0-150400.7.11.2
* libvirt-nss-8.0.0-150400.7.11.2
* libvirt-daemon-config-nwfilter-8.0.0-150400.7.11.2
* libvirt-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-logical-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-scsi-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nodedev-debuginfo-8.0.0-150400.7.11.2
* libvirt-debugsource-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-disk-8.0.0-150400.7.11.2
* libvirt-daemon-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-config-network-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-rbd-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-interface-8.0.0-150400.7.11.2
* libvirt-client-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-8.0.0-150400.7.11.2
* libvirt-daemon-driver-network-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-qemu-8.0.0-150400.7.11.2
* libvirt-daemon-driver-network-8.0.0-150400.7.11.2
* libvirt-daemon-xen-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-logical-8.0.0-150400.7.11.2
* libvirt-daemon-driver-secret-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nwfilter-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.11.2
* libvirt-daemon-driver-libxl-8.0.0-150400.7.11.2
* libvirt-daemon-driver-interface-debuginfo-8.0.0-150400.7.11.2
* libvirt-devel-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-disk-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-hooks-8.0.0-150400.7.11.2
* SUSE Manager Retail Branch Server 4.3 (noarch)
* libvirt-doc-8.0.0-150400.7.11.2
* SUSE Manager Server 4.3 (ppc64le s390x x86_64)
* libvirt-daemon-driver-qemu-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-secret-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nwfilter-debuginfo-8.0.0-150400.7.11.2
* libvirt-nss-debuginfo-8.0.0-150400.7.11.2
* libvirt-client-8.0.0-150400.7.11.2
* libvirt-libs-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-core-debuginfo-8.0.0-150400.7.11.2
* libvirt-lock-sanlock-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-mpath-debuginfo-8.0.0-150400.7.11.2
* libvirt-lock-sanlock-8.0.0-150400.7.11.2
* libvirt-daemon-driver-qemu-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-core-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nodedev-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-iscsi-direct-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.11.2
* libvirt-libs-debuginfo-8.0.0-150400.7.11.2
* libvirt-nss-8.0.0-150400.7.11.2
* libvirt-daemon-config-nwfilter-8.0.0-150400.7.11.2
* libvirt-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-logical-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-scsi-debuginfo-8.0.0-150400.7.11.2
* libvirt-debugsource-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nodedev-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-disk-8.0.0-150400.7.11.2
* libvirt-daemon-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-config-network-8.0.0-150400.7.11.2
* libvirt-daemon-driver-interface-8.0.0-150400.7.11.2
* libvirt-client-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-8.0.0-150400.7.11.2
* libvirt-daemon-driver-network-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-qemu-8.0.0-150400.7.11.2
* libvirt-daemon-driver-network-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-logical-8.0.0-150400.7.11.2
* libvirt-daemon-driver-secret-8.0.0-150400.7.11.2
* libvirt-daemon-driver-nwfilter-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.11.2
* libvirt-daemon-driver-interface-debuginfo-8.0.0-150400.7.11.2
* libvirt-devel-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-disk-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-hooks-8.0.0-150400.7.11.2
* SUSE Manager Server 4.3 (noarch)
* libvirt-doc-8.0.0-150400.7.11.2
* SUSE Manager Server 4.3 (x86_64)
* libvirt-daemon-driver-libxl-8.0.0-150400.7.11.2
* libvirt-daemon-driver-libxl-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-rbd-debuginfo-8.0.0-150400.7.11.2
* libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.11.2
* libvirt-daemon-xen-8.0.0-150400.7.11.2

## References:

* https://www.suse.com/security/cve/CVE-2024-2494.html
* https://bugzilla.suse.com/show_bug.cgi?id=1221749
* https://bugzilla.suse.com/show_bug.cgi?id=1221815



SUSE-SU-2024:1103-1: important: Security update for qemu


# Security update for qemu

Announcement ID: SUSE-SU-2024:1103-1
Rating: important
References:

* bsc#1205316
* bsc#1209554
* bsc#1218484
* bsc#1220062
* bsc#1220065
* bsc#1220134
* jsc#PED-7366
* jsc#PED-8113

Cross-References:

* CVE-2023-1544
* CVE-2023-6693
* CVE-2024-24474
* CVE-2024-26327
* CVE-2024-26328

CVSS scores:

* CVE-2023-1544 ( SUSE ): 7.9 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:H
* CVE-2023-1544 ( NVD ): 6.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H
* CVE-2023-6693 ( SUSE ): 4.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
* CVE-2023-6693 ( NVD ): 5.3 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
* CVE-2024-24474 ( SUSE ): 8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
* CVE-2024-26327 ( SUSE ): 8.2 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
* CVE-2024-26328 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

Affected Products:

* Basesystem Module 15-SP5
* openSUSE Leap 15.5
* Server Applications Module 15-SP5
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Package Hub 15 15-SP5

An update that solves five vulnerabilities, contains two features and has one
security fix can now be installed.

## Description:

This update for qemu fixes the following issues:

* CVE-2024-26327: Fixed buffer overflow via invalid SR/IOV NumVFs value
(bsc#1220062).
* CVE-2024-24474: Fixed integer overflow results in buffer overflow via SCSI
command (bsc#1220134).
* CVE-2023-6693: Fixed stack buffer overflow in virtio_net_flush_tx()
(bsc#1218484).
* CVE-2023-1544: Fixed out-of-bounds read in pvrdma_ring_next_elem_read()
(bsc#1209554).
* CVE-2024-26328: Fixed invalid NumVFs value handled in NVME SR/IOV
implementation (bsc#1220065).

The following non-security bug was fixed:

* Removing in-use mediated device should fail with error message instead of
hang (bsc#1205316).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Package Hub 15 15-SP5
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1103=1

* Server Applications Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-1103=1

* openSUSE Leap 15.5
zypper in -t patch SUSE-2024-1103=1 openSUSE-SLE-15.5-2024-1103=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2024-1103=1

* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1103=1

## Package List:

* SUSE Package Hub 15 15-SP5 (noarch)
* qemu-microvm-7.1.0-150500.49.12.1
* qemu-sgabios-8-150500.49.12.1
* qemu-SLOF-7.1.0-150500.49.12.1
* qemu-seabios-1.16.0_0_gd239552-150500.49.12.1
* qemu-vgabios-1.16.0_0_gd239552-150500.49.12.1
* qemu-skiboot-7.1.0-150500.49.12.1
* SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x x86_64)
* qemu-block-nfs-7.1.0-150500.49.12.1
* qemu-hw-usb-smartcard-debuginfo-7.1.0-150500.49.12.1
* qemu-accel-qtest-debuginfo-7.1.0-150500.49.12.1
* qemu-accel-qtest-7.1.0-150500.49.12.1
* qemu-ivshmem-tools-debuginfo-7.1.0-150500.49.12.1
* qemu-block-dmg-debuginfo-7.1.0-150500.49.12.1
* qemu-audio-oss-debuginfo-7.1.0-150500.49.12.1
* qemu-hw-usb-smartcard-7.1.0-150500.49.12.1
* qemu-extra-debuginfo-7.1.0-150500.49.12.1
* qemu-block-dmg-7.1.0-150500.49.12.1
* qemu-vhost-user-gpu-7.1.0-150500.49.12.1
* qemu-audio-oss-7.1.0-150500.49.12.1
* qemu-audio-jack-debuginfo-7.1.0-150500.49.12.1
* qemu-vhost-user-gpu-debuginfo-7.1.0-150500.49.12.1
* qemu-extra-7.1.0-150500.49.12.1
* qemu-audio-jack-7.1.0-150500.49.12.1
* qemu-block-nfs-debuginfo-7.1.0-150500.49.12.1
* qemu-block-gluster-debuginfo-7.1.0-150500.49.12.1
* qemu-debuginfo-7.1.0-150500.49.12.1
* qemu-ivshmem-tools-7.1.0-150500.49.12.1
* qemu-block-gluster-7.1.0-150500.49.12.1
* qemu-debugsource-7.1.0-150500.49.12.1
* SUSE Package Hub 15 15-SP5 (aarch64 ppc64le s390x)
* qemu-x86-7.1.0-150500.49.12.1
* qemu-x86-debuginfo-7.1.0-150500.49.12.1
* qemu-accel-tcg-x86-7.1.0-150500.49.12.1
* qemu-audio-alsa-debuginfo-7.1.0-150500.49.12.1
* qemu-audio-pa-7.1.0-150500.49.12.1
* qemu-audio-pa-debuginfo-7.1.0-150500.49.12.1
* qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.12.1
* qemu-audio-alsa-7.1.0-150500.49.12.1
* SUSE Package Hub 15 15-SP5 (aarch64 ppc64le)
* qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.12.1
* qemu-hw-display-virtio-gpu-pci-debuginfo-7.1.0-150500.49.12.1
* qemu-hw-display-virtio-gpu-pci-7.1.0-150500.49.12.1
* qemu-hw-display-virtio-gpu-7.1.0-150500.49.12.1
* SUSE Package Hub 15 15-SP5 (aarch64 ppc64le x86_64)
* qemu-s390x-debuginfo-7.1.0-150500.49.12.1
* qemu-hw-s390x-virtio-gpu-ccw-debuginfo-7.1.0-150500.49.12.1
* qemu-s390x-7.1.0-150500.49.12.1
* qemu-hw-s390x-virtio-gpu-ccw-7.1.0-150500.49.12.1
* SUSE Package Hub 15 15-SP5 (aarch64 s390x x86_64)
* qemu-ppc-debuginfo-7.1.0-150500.49.12.1
* qemu-ppc-7.1.0-150500.49.12.1
* SUSE Package Hub 15 15-SP5 (ppc64le s390x x86_64)
* qemu-arm-7.1.0-150500.49.12.1
* qemu-arm-debuginfo-7.1.0-150500.49.12.1
* SUSE Package Hub 15 15-SP5 (s390x)
* qemu-hw-usb-redirect-7.1.0-150500.49.12.1
* qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.12.1
* qemu-ui-opengl-debuginfo-7.1.0-150500.49.12.1
* qemu-hw-display-virtio-vga-7.1.0-150500.49.12.1
* qemu-ui-spice-core-7.1.0-150500.49.12.1
* qemu-ui-spice-core-debuginfo-7.1.0-150500.49.12.1
* qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.12.1
* qemu-ui-opengl-7.1.0-150500.49.12.1
* qemu-ui-gtk-7.1.0-150500.49.12.1
* qemu-ui-spice-app-debuginfo-7.1.0-150500.49.12.1
* qemu-audio-spice-debuginfo-7.1.0-150500.49.12.1
* qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.12.1
* qemu-audio-spice-7.1.0-150500.49.12.1
* qemu-chardev-spice-debuginfo-7.1.0-150500.49.12.1
* qemu-hw-display-qxl-7.1.0-150500.49.12.1
* qemu-ui-gtk-debuginfo-7.1.0-150500.49.12.1
* qemu-ui-spice-app-7.1.0-150500.49.12.1
* qemu-chardev-spice-7.1.0-150500.49.12.1
* Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* qemu-chardev-baum-debuginfo-7.1.0-150500.49.12.1
* qemu-block-iscsi-debuginfo-7.1.0-150500.49.12.1
* qemu-block-rbd-7.1.0-150500.49.12.1
* qemu-ui-curses-debuginfo-7.1.0-150500.49.12.1
* qemu-audio-dbus-7.1.0-150500.49.12.1
* qemu-lang-7.1.0-150500.49.12.1
* qemu-block-curl-debuginfo-7.1.0-150500.49.12.1
* qemu-guest-agent-7.1.0-150500.49.12.1
* qemu-block-iscsi-7.1.0-150500.49.12.1
* qemu-ksm-7.1.0-150500.49.12.1
* qemu-audio-dbus-debuginfo-7.1.0-150500.49.12.1
* qemu-hw-usb-host-7.1.0-150500.49.12.1
* qemu-hw-usb-host-debuginfo-7.1.0-150500.49.12.1
* qemu-ui-dbus-debuginfo-7.1.0-150500.49.12.1
* qemu-block-curl-7.1.0-150500.49.12.1
* qemu-ui-curses-7.1.0-150500.49.12.1
* qemu-block-rbd-debuginfo-7.1.0-150500.49.12.1
* qemu-guest-agent-debuginfo-7.1.0-150500.49.12.1
* qemu-block-ssh-debuginfo-7.1.0-150500.49.12.1
* qemu-7.1.0-150500.49.12.1
* qemu-debuginfo-7.1.0-150500.49.12.1
* qemu-ui-dbus-7.1.0-150500.49.12.1
* qemu-chardev-baum-7.1.0-150500.49.12.1
* qemu-block-ssh-7.1.0-150500.49.12.1
* qemu-debugsource-7.1.0-150500.49.12.1
* Server Applications Module 15-SP5 (aarch64)
* qemu-arm-7.1.0-150500.49.12.1
* qemu-arm-debuginfo-7.1.0-150500.49.12.1
* Server Applications Module 15-SP5 (aarch64 ppc64le x86_64)
* qemu-hw-usb-redirect-7.1.0-150500.49.12.1
* qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.12.1
* qemu-ui-opengl-debuginfo-7.1.0-150500.49.12.1
* qemu-hw-display-virtio-vga-7.1.0-150500.49.12.1
* qemu-ui-spice-core-7.1.0-150500.49.12.1
* qemu-ui-spice-core-debuginfo-7.1.0-150500.49.12.1
* qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.12.1
* qemu-ui-opengl-7.1.0-150500.49.12.1
* qemu-ui-gtk-7.1.0-150500.49.12.1
* qemu-ui-spice-app-debuginfo-7.1.0-150500.49.12.1
* qemu-audio-spice-debuginfo-7.1.0-150500.49.12.1
* qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.12.1
* qemu-audio-spice-7.1.0-150500.49.12.1
* qemu-chardev-spice-debuginfo-7.1.0-150500.49.12.1
* qemu-hw-display-qxl-7.1.0-150500.49.12.1
* qemu-ui-gtk-debuginfo-7.1.0-150500.49.12.1
* qemu-ui-spice-app-7.1.0-150500.49.12.1
* qemu-chardev-spice-7.1.0-150500.49.12.1
* Server Applications Module 15-SP5 (noarch)
* qemu-sgabios-8-150500.49.12.1
* qemu-ipxe-1.0.0+-150500.49.12.1
* qemu-SLOF-7.1.0-150500.49.12.1
* qemu-seabios-1.16.0_0_gd239552-150500.49.12.1
* qemu-vgabios-1.16.0_0_gd239552-150500.49.12.1
* qemu-skiboot-7.1.0-150500.49.12.1
* Server Applications Module 15-SP5 (ppc64le)
* qemu-ppc-debuginfo-7.1.0-150500.49.12.1
* qemu-ppc-7.1.0-150500.49.12.1
* Server Applications Module 15-SP5 (s390x x86_64)
* qemu-hw-display-virtio-gpu-pci-debuginfo-7.1.0-150500.49.12.1
* qemu-hw-display-virtio-gpu-pci-7.1.0-150500.49.12.1
* qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.12.1
* qemu-kvm-7.1.0-150500.49.12.1
* qemu-hw-display-virtio-gpu-7.1.0-150500.49.12.1
* Server Applications Module 15-SP5 (s390x)
* qemu-s390x-debuginfo-7.1.0-150500.49.12.1
* qemu-hw-s390x-virtio-gpu-ccw-debuginfo-7.1.0-150500.49.12.1
* qemu-s390x-7.1.0-150500.49.12.1
* qemu-hw-s390x-virtio-gpu-ccw-7.1.0-150500.49.12.1
* Server Applications Module 15-SP5 (x86_64)
* qemu-x86-7.1.0-150500.49.12.1
* qemu-x86-debuginfo-7.1.0-150500.49.12.1
* qemu-accel-tcg-x86-7.1.0-150500.49.12.1
* qemu-audio-alsa-debuginfo-7.1.0-150500.49.12.1
* qemu-audio-pa-7.1.0-150500.49.12.1
* qemu-audio-pa-debuginfo-7.1.0-150500.49.12.1
* qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.12.1
* qemu-audio-alsa-7.1.0-150500.49.12.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
* qemu-block-iscsi-debuginfo-7.1.0-150500.49.12.1
* qemu-ui-curses-debuginfo-7.1.0-150500.49.12.1
* qemu-audio-dbus-7.1.0-150500.49.12.1
* qemu-s390x-7.1.0-150500.49.12.1
* qemu-ui-opengl-7.1.0-150500.49.12.1
* qemu-accel-qtest-debuginfo-7.1.0-150500.49.12.1
* qemu-guest-agent-7.1.0-150500.49.12.1
* qemu-block-iscsi-7.1.0-150500.49.12.1
* qemu-hw-display-virtio-gpu-pci-7.1.0-150500.49.12.1
* qemu-ksm-7.1.0-150500.49.12.1
* qemu-audio-dbus-debuginfo-7.1.0-150500.49.12.1
* qemu-hw-usb-host-7.1.0-150500.49.12.1
* qemu-audio-alsa-debuginfo-7.1.0-150500.49.12.1
* qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.12.1
* qemu-block-dmg-7.1.0-150500.49.12.1
* qemu-ui-curses-7.1.0-150500.49.12.1
* qemu-arm-7.1.0-150500.49.12.1
* qemu-audio-oss-7.1.0-150500.49.12.1
* qemu-audio-jack-debuginfo-7.1.0-150500.49.12.1
* qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.12.1
* qemu-audio-spice-7.1.0-150500.49.12.1
* qemu-block-nfs-debuginfo-7.1.0-150500.49.12.1
* qemu-block-ssh-7.1.0-150500.49.12.1
* qemu-debugsource-7.1.0-150500.49.12.1
* qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.12.1
* qemu-linux-user-7.1.0-150500.49.12.1
* qemu-hw-usb-smartcard-debuginfo-7.1.0-150500.49.12.1
* qemu-ui-gtk-7.1.0-150500.49.12.1
* qemu-hw-s390x-virtio-gpu-ccw-debuginfo-7.1.0-150500.49.12.1
* qemu-tools-7.1.0-150500.49.12.1
* qemu-audio-oss-debuginfo-7.1.0-150500.49.12.1
* qemu-hw-usb-host-debuginfo-7.1.0-150500.49.12.1
* qemu-ui-dbus-debuginfo-7.1.0-150500.49.12.1
* qemu-ui-opengl-debuginfo-7.1.0-150500.49.12.1
* qemu-ui-spice-core-7.1.0-150500.49.12.1
* qemu-chardev-spice-7.1.0-150500.49.12.1
* qemu-ui-dbus-7.1.0-150500.49.12.1
* qemu-chardev-baum-debuginfo-7.1.0-150500.49.12.1
* qemu-hw-display-virtio-gpu-pci-debuginfo-7.1.0-150500.49.12.1
* qemu-block-nfs-7.1.0-150500.49.12.1
* qemu-arm-debuginfo-7.1.0-150500.49.12.1
* qemu-linux-user-debuginfo-7.1.0-150500.49.12.1
* qemu-audio-spice-debuginfo-7.1.0-150500.49.12.1
* qemu-accel-qtest-7.1.0-150500.49.12.1
* qemu-ivshmem-tools-debuginfo-7.1.0-150500.49.12.1
* qemu-audio-alsa-7.1.0-150500.49.12.1
* qemu-ui-spice-app-7.1.0-150500.49.12.1
* qemu-x86-7.1.0-150500.49.12.1
* qemu-hw-usb-redirect-7.1.0-150500.49.12.1
* qemu-block-dmg-debuginfo-7.1.0-150500.49.12.1
* qemu-extra-debuginfo-7.1.0-150500.49.12.1
* qemu-audio-pa-7.1.0-150500.49.12.1
* qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.12.1
* qemu-linux-user-debugsource-7.1.0-150500.49.12.1
* qemu-ui-spice-core-debuginfo-7.1.0-150500.49.12.1
* qemu-x86-debuginfo-7.1.0-150500.49.12.1
* qemu-accel-tcg-x86-7.1.0-150500.49.12.1
* qemu-chardev-spice-debuginfo-7.1.0-150500.49.12.1
* qemu-extra-7.1.0-150500.49.12.1
* qemu-guest-agent-debuginfo-7.1.0-150500.49.12.1
* qemu-block-gluster-debuginfo-7.1.0-150500.49.12.1
* qemu-chardev-baum-7.1.0-150500.49.12.1
* qemu-block-gluster-7.1.0-150500.49.12.1
* qemu-hw-display-virtio-vga-7.1.0-150500.49.12.1
* qemu-lang-7.1.0-150500.49.12.1
* qemu-block-curl-debuginfo-7.1.0-150500.49.12.1
* qemu-hw-usb-smartcard-7.1.0-150500.49.12.1
* qemu-headless-7.1.0-150500.49.12.1
* qemu-ppc-debuginfo-7.1.0-150500.49.12.1
* qemu-audio-pa-debuginfo-7.1.0-150500.49.12.1
* qemu-tools-debuginfo-7.1.0-150500.49.12.1
* qemu-ppc-7.1.0-150500.49.12.1
* qemu-block-curl-7.1.0-150500.49.12.1
* qemu-vhost-user-gpu-7.1.0-150500.49.12.1
* qemu-s390x-debuginfo-7.1.0-150500.49.12.1
* qemu-ui-spice-app-debuginfo-7.1.0-150500.49.12.1
* qemu-vhost-user-gpu-debuginfo-7.1.0-150500.49.12.1
* qemu-hw-display-qxl-7.1.0-150500.49.12.1
* qemu-hw-display-virtio-gpu-7.1.0-150500.49.12.1
* qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.12.1
* qemu-hw-s390x-virtio-gpu-ccw-7.1.0-150500.49.12.1
* qemu-audio-jack-7.1.0-150500.49.12.1
* qemu-ui-gtk-debuginfo-7.1.0-150500.49.12.1
* qemu-block-ssh-debuginfo-7.1.0-150500.49.12.1
* qemu-7.1.0-150500.49.12.1
* qemu-debuginfo-7.1.0-150500.49.12.1
* qemu-ivshmem-tools-7.1.0-150500.49.12.1
* openSUSE Leap 15.5 (s390x x86_64 i586)
* qemu-kvm-7.1.0-150500.49.12.1
* openSUSE Leap 15.5 (noarch)
* qemu-microvm-7.1.0-150500.49.12.1
* qemu-ipxe-1.0.0+-150500.49.12.1
* qemu-sgabios-8-150500.49.12.1
* qemu-SLOF-7.1.0-150500.49.12.1
* qemu-seabios-1.16.0_0_gd239552-150500.49.12.1
* qemu-vgabios-1.16.0_0_gd239552-150500.49.12.1
* qemu-skiboot-7.1.0-150500.49.12.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* qemu-block-rbd-7.1.0-150500.49.12.1
* qemu-block-rbd-debuginfo-7.1.0-150500.49.12.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64)
* qemu-hw-display-qxl-debuginfo-7.1.0-150500.49.12.1
* qemu-hw-display-virtio-vga-7.1.0-150500.49.12.1
* qemu-ui-opengl-7.1.0-150500.49.12.1
* qemu-audio-spice-debuginfo-7.1.0-150500.49.12.1
* qemu-block-curl-debuginfo-7.1.0-150500.49.12.1
* qemu-guest-agent-7.1.0-150500.49.12.1
* qemu-tools-7.1.0-150500.49.12.1
* qemu-hw-usb-redirect-7.1.0-150500.49.12.1
* qemu-hw-usb-redirect-debuginfo-7.1.0-150500.49.12.1
* qemu-hw-display-virtio-gpu-debuginfo-7.1.0-150500.49.12.1
* qemu-tools-debuginfo-7.1.0-150500.49.12.1
* qemu-ui-opengl-debuginfo-7.1.0-150500.49.12.1
* qemu-ui-spice-core-7.1.0-150500.49.12.1
* qemu-block-curl-7.1.0-150500.49.12.1
* qemu-ui-spice-core-debuginfo-7.1.0-150500.49.12.1
* qemu-audio-spice-7.1.0-150500.49.12.1
* qemu-chardev-spice-debuginfo-7.1.0-150500.49.12.1
* qemu-hw-display-qxl-7.1.0-150500.49.12.1
* qemu-hw-display-virtio-gpu-7.1.0-150500.49.12.1
* qemu-hw-display-virtio-vga-debuginfo-7.1.0-150500.49.12.1
* qemu-guest-agent-debuginfo-7.1.0-150500.49.12.1
* qemu-chardev-spice-7.1.0-150500.49.12.1
* qemu-7.1.0-150500.49.12.1
* qemu-debuginfo-7.1.0-150500.49.12.1
* qemu-debugsource-7.1.0-150500.49.12.1
* SUSE Linux Enterprise Micro 5.5 (aarch64)
* qemu-arm-7.1.0-150500.49.12.1
* qemu-arm-debuginfo-7.1.0-150500.49.12.1
* SUSE Linux Enterprise Micro 5.5 (noarch)
* qemu-sgabios-8-150500.49.12.1
* qemu-ipxe-1.0.0+-150500.49.12.1
* qemu-vgabios-1.16.0_0_gd239552-150500.49.12.1
* qemu-seabios-1.16.0_0_gd239552-150500.49.12.1
* SUSE Linux Enterprise Micro 5.5 (s390x)
* qemu-s390x-debuginfo-7.1.0-150500.49.12.1
* qemu-s390x-7.1.0-150500.49.12.1
* SUSE Linux Enterprise Micro 5.5 (x86_64)
* qemu-x86-7.1.0-150500.49.12.1
* qemu-accel-tcg-x86-7.1.0-150500.49.12.1
* qemu-x86-debuginfo-7.1.0-150500.49.12.1
* qemu-accel-tcg-x86-debuginfo-7.1.0-150500.49.12.1
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* qemu-debuginfo-7.1.0-150500.49.12.1
* qemu-tools-debuginfo-7.1.0-150500.49.12.1
* qemu-debugsource-7.1.0-150500.49.12.1
* qemu-tools-7.1.0-150500.49.12.1

## References:

* https://www.suse.com/security/cve/CVE-2023-1544.html
* https://www.suse.com/security/cve/CVE-2023-6693.html
* https://www.suse.com/security/cve/CVE-2024-24474.html
* https://www.suse.com/security/cve/CVE-2024-26327.html
* https://www.suse.com/security/cve/CVE-2024-26328.html
* https://bugzilla.suse.com/show_bug.cgi?id=1205316
* https://bugzilla.suse.com/show_bug.cgi?id=1209554
* https://bugzilla.suse.com/show_bug.cgi?id=1218484
* https://bugzilla.suse.com/show_bug.cgi?id=1220062
* https://bugzilla.suse.com/show_bug.cgi?id=1220065
* https://bugzilla.suse.com/show_bug.cgi?id=1220134
* https://jira.suse.com/browse/PED-7366
* https://jira.suse.com/browse/PED-8113



SUSE-SU-2024:1101-1: moderate: Security update for xen


# Security update for xen

Announcement ID: SUSE-SU-2024:1101-1
Rating: moderate
References:

* bsc#1221332
* bsc#1221334

Cross-References:

* CVE-2023-28746
* CVE-2024-2193

CVSS scores:

* CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
* CVE-2024-2193 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected Products:

* openSUSE Leap 15.4
* openSUSE Leap Micro 5.3
* openSUSE Leap Micro 5.4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4

An update that solves two vulnerabilities can now be installed.

## Description:

This update for xen fixes the following issues:

* CVE-2023-28746: Register File Data Sampling (bsc#1221332)
* CVE-2024-2193: Fixed GhostRace, a speculative race conditions. (bsc#1221334)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-1101=1

* openSUSE Leap Micro 5.3
zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1101=1

* openSUSE Leap Micro 5.4
zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1101=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-1101=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-1101=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-1101=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-1101=1

## Package List:

* openSUSE Leap 15.4 (aarch64 x86_64 i586)
* xen-libs-4.16.5_14-150400.4.52.1
* xen-tools-domU-4.16.5_14-150400.4.52.1
* xen-tools-domU-debuginfo-4.16.5_14-150400.4.52.1
* xen-libs-debuginfo-4.16.5_14-150400.4.52.1
* xen-debugsource-4.16.5_14-150400.4.52.1
* xen-devel-4.16.5_14-150400.4.52.1
* openSUSE Leap 15.4 (x86_64)
* xen-libs-32bit-4.16.5_14-150400.4.52.1
* xen-libs-32bit-debuginfo-4.16.5_14-150400.4.52.1
* openSUSE Leap 15.4 (aarch64 x86_64)
* xen-doc-html-4.16.5_14-150400.4.52.1
* xen-4.16.5_14-150400.4.52.1
* xen-tools-4.16.5_14-150400.4.52.1
* xen-tools-debuginfo-4.16.5_14-150400.4.52.1
* openSUSE Leap 15.4 (noarch)
* xen-tools-xendomains-wait-disk-4.16.5_14-150400.4.52.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* xen-libs-64bit-4.16.5_14-150400.4.52.1
* xen-libs-64bit-debuginfo-4.16.5_14-150400.4.52.1
* openSUSE Leap Micro 5.3 (x86_64)
* xen-libs-4.16.5_14-150400.4.52.1
* xen-debugsource-4.16.5_14-150400.4.52.1
* xen-libs-debuginfo-4.16.5_14-150400.4.52.1
* openSUSE Leap Micro 5.4 (x86_64)
* xen-libs-4.16.5_14-150400.4.52.1
* xen-debugsource-4.16.5_14-150400.4.52.1
* xen-libs-debuginfo-4.16.5_14-150400.4.52.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64)
* xen-libs-4.16.5_14-150400.4.52.1
* xen-debugsource-4.16.5_14-150400.4.52.1
* xen-libs-debuginfo-4.16.5_14-150400.4.52.1
* SUSE Linux Enterprise Micro 5.3 (x86_64)
* xen-libs-4.16.5_14-150400.4.52.1
* xen-debugsource-4.16.5_14-150400.4.52.1
* xen-libs-debuginfo-4.16.5_14-150400.4.52.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64)
* xen-libs-4.16.5_14-150400.4.52.1
* xen-debugsource-4.16.5_14-150400.4.52.1
* xen-libs-debuginfo-4.16.5_14-150400.4.52.1
* SUSE Linux Enterprise Micro 5.4 (x86_64)
* xen-libs-4.16.5_14-150400.4.52.1
* xen-debugsource-4.16.5_14-150400.4.52.1
* xen-libs-debuginfo-4.16.5_14-150400.4.52.1

## References:

* https://www.suse.com/security/cve/CVE-2023-28746.html
* https://www.suse.com/security/cve/CVE-2024-2193.html
* https://bugzilla.suse.com/show_bug.cgi?id=1221332
* https://bugzilla.suse.com/show_bug.cgi?id=1221334



SUSE-SU-2024:1136-1: moderate: Security update for c-ares


# Security update for c-ares

Announcement ID: SUSE-SU-2024:1136-1
Rating: moderate
References:

* bsc#1220279

Cross-References:

* CVE-2024-25629

CVSS scores:

* CVE-2024-25629 ( SUSE ): 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* Basesystem Module 15-SP5
* openSUSE Leap 15.5
* openSUSE Leap Micro 5.3
* openSUSE Leap Micro 5.4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Micro 5.1
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Micro for Rancher 5.2
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves one vulnerability can now be installed.

## Description:

This update for c-ares fixes the following issues:

* CVE-2024-25629: Fixed out of bounds read in ares__read_line() (bsc#1220279).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap Micro 5.3
zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1136=1

* openSUSE Leap Micro 5.4
zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1136=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1136=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-1136=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-1136=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-1136=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-1136=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2024-1136=1

* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1136=1

* SUSE Linux Enterprise Micro 5.1
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-1136=1

* SUSE Linux Enterprise Micro 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1136=1

* SUSE Linux Enterprise Micro for Rancher 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1136=1

## Package List:

* openSUSE Leap Micro 5.3 (aarch64 x86_64)
* c-ares-debugsource-1.19.1-150000.3.26.1
* libcares2-1.19.1-150000.3.26.1
* libcares2-debuginfo-1.19.1-150000.3.26.1
* openSUSE Leap Micro 5.4 (aarch64 s390x x86_64)
* c-ares-debugsource-1.19.1-150000.3.26.1
* libcares2-1.19.1-150000.3.26.1
* libcares2-debuginfo-1.19.1-150000.3.26.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* c-ares-utils-debuginfo-1.19.1-150000.3.26.1
* c-ares-utils-1.19.1-150000.3.26.1
* c-ares-devel-1.19.1-150000.3.26.1
* libcares2-1.19.1-150000.3.26.1
* libcares2-debuginfo-1.19.1-150000.3.26.1
* c-ares-debugsource-1.19.1-150000.3.26.1
* openSUSE Leap 15.5 (x86_64)
* libcares2-32bit-1.19.1-150000.3.26.1
* libcares2-32bit-debuginfo-1.19.1-150000.3.26.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* c-ares-debugsource-1.19.1-150000.3.26.1
* libcares2-1.19.1-150000.3.26.1
* libcares2-debuginfo-1.19.1-150000.3.26.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* c-ares-debugsource-1.19.1-150000.3.26.1
* libcares2-1.19.1-150000.3.26.1
* libcares2-debuginfo-1.19.1-150000.3.26.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* c-ares-debugsource-1.19.1-150000.3.26.1
* libcares2-1.19.1-150000.3.26.1
* libcares2-debuginfo-1.19.1-150000.3.26.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* c-ares-debugsource-1.19.1-150000.3.26.1
* libcares2-1.19.1-150000.3.26.1
* libcares2-debuginfo-1.19.1-150000.3.26.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64)
* c-ares-debugsource-1.19.1-150000.3.26.1
* libcares2-1.19.1-150000.3.26.1
* libcares2-debuginfo-1.19.1-150000.3.26.1
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* c-ares-devel-1.19.1-150000.3.26.1
* c-ares-debugsource-1.19.1-150000.3.26.1
* libcares2-1.19.1-150000.3.26.1
* libcares2-debuginfo-1.19.1-150000.3.26.1
* SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
* c-ares-debugsource-1.19.1-150000.3.26.1
* libcares2-1.19.1-150000.3.26.1
* libcares2-debuginfo-1.19.1-150000.3.26.1
* SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
* c-ares-debugsource-1.19.1-150000.3.26.1
* libcares2-1.19.1-150000.3.26.1
* libcares2-debuginfo-1.19.1-150000.3.26.1
* SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
* c-ares-debugsource-1.19.1-150000.3.26.1
* libcares2-1.19.1-150000.3.26.1
* libcares2-debuginfo-1.19.1-150000.3.26.1

## References:

* https://www.suse.com/security/cve/CVE-2024-25629.html
* https://bugzilla.suse.com/show_bug.cgi?id=1220279



SUSE-SU-2024:1139-1: moderate: Security update for ucode-intel


# Security update for ucode-intel

Announcement ID: SUSE-SU-2024:1139-1
Rating: moderate
References:

* bsc#1221323

Cross-References:

* CVE-2023-22655
* CVE-2023-28746
* CVE-2023-38575
* CVE-2023-39368
* CVE-2023-43490

CVSS scores:

* CVE-2023-22655 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:H/A:N
* CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
* CVE-2023-38575 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
* CVE-2023-39368 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
* CVE-2023-43490 ( SUSE ): 5.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N

Affected Products:

* Basesystem Module 15-SP5
* openSUSE Leap 15.5
* openSUSE Leap Micro 5.3
* openSUSE Leap Micro 5.4
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP2
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Micro 5.1
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Micro for Rancher 5.2
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP2
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP2
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves five vulnerabilities can now be installed.

## Description:

This update for ucode-intel fixes the following issues:

* Updated to Intel CPU Microcode 20240312 release. (bsc#1221323)
* CVE-2023-39368: Protection mechanism failure of bus lock regulator for some
Intel Processors may allow an unauthenticated user to potentially enable
denial of service via network access
* CVE-2023-38575: Non-transparent sharing of return predictor targets between
contexts in some Intel Processors may allow an authorized user to
potentially enable information disclosure via local access.
* CVE-2023-28746: Information exposure through microarchitectural state after
transient execution from some register files for some Intel Atom Processors
may allow an authenticated user to potentially enable information disclosure
via local access.
* CVE-2023-22655 Protection mechanism failure in some 3rd and 4th Generation
Intel Xeon Processors when using Intel SGX or Intel TDX may allow a
privileged user to potentially enable escalation of privilege via local
access.
* CVE-2023-43490: Incorrect calculation in microcode keying mechanism for some
Intel Xeon D Processors with Intel:registered: SGX may allow a privileged user to
potentially enable information disclosure via local access.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap Micro 5.3
zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1139=1

* openSUSE Leap Micro 5.4
zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1139=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1139=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-1139=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-1139=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-1139=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-1139=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2024-1139=1

* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1139=1

* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1139=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1139=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1139=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1139=1

* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1139=1

* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1139=1

* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1139=1

* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1139=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP2
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1139=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1139=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1139=1

* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1139=1

* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2024-1139=1

* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1139=1

* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2024-1139=1

* SUSE Linux Enterprise Micro 5.1
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-1139=1

* SUSE Linux Enterprise Micro 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1139=1

* SUSE Linux Enterprise Micro for Rancher 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1139=1

## Package List:

* openSUSE Leap Micro 5.3 (x86_64)
* ucode-intel-20240312-150200.38.1
* openSUSE Leap Micro 5.4 (x86_64)
* ucode-intel-20240312-150200.38.1
* openSUSE Leap 15.5 (x86_64)
* ucode-intel-20240312-150200.38.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (x86_64)
* ucode-intel-20240312-150200.38.1
* SUSE Linux Enterprise Micro 5.3 (x86_64)
* ucode-intel-20240312-150200.38.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (x86_64)
* ucode-intel-20240312-150200.38.1
* SUSE Linux Enterprise Micro 5.4 (x86_64)
* ucode-intel-20240312-150200.38.1
* SUSE Linux Enterprise Micro 5.5 (x86_64)
* ucode-intel-20240312-150200.38.1
* Basesystem Module 15-SP5 (x86_64)
* ucode-intel-20240312-150200.38.1
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (x86_64)
* ucode-intel-20240312-150200.38.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (x86_64)
* ucode-intel-20240312-150200.38.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
* ucode-intel-20240312-150200.38.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
* ucode-intel-20240312-150200.38.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64)
* ucode-intel-20240312-150200.38.1
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (x86_64)
* ucode-intel-20240312-150200.38.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (x86_64)
* ucode-intel-20240312-150200.38.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64)
* ucode-intel-20240312-150200.38.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2 (x86_64)
* ucode-intel-20240312-150200.38.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (x86_64)
* ucode-intel-20240312-150200.38.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
* ucode-intel-20240312-150200.38.1
* SUSE Manager Proxy 4.3 (x86_64)
* ucode-intel-20240312-150200.38.1
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* ucode-intel-20240312-150200.38.1
* SUSE Manager Server 4.3 (x86_64)
* ucode-intel-20240312-150200.38.1
* SUSE Enterprise Storage 7.1 (x86_64)
* ucode-intel-20240312-150200.38.1
* SUSE Linux Enterprise Micro 5.1 (x86_64)
* ucode-intel-20240312-150200.38.1
* SUSE Linux Enterprise Micro 5.2 (x86_64)
* ucode-intel-20240312-150200.38.1
* SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64)
* ucode-intel-20240312-150200.38.1

## References:

* https://www.suse.com/security/cve/CVE-2023-22655.html
* https://www.suse.com/security/cve/CVE-2023-28746.html
* https://www.suse.com/security/cve/CVE-2023-38575.html
* https://www.suse.com/security/cve/CVE-2023-39368.html
* https://www.suse.com/security/cve/CVE-2023-43490.html
* https://bugzilla.suse.com/show_bug.cgi?id=1221323



SUSE-SU-2024:1102-1: moderate: Security update for xen


# Security update for xen

Announcement ID: SUSE-SU-2024:1102-1
Rating: moderate
References:

* bsc#1027519
* bsc#1219885
* bsc#1221332
* bsc#1221334

Cross-References:

* CVE-2023-28746
* CVE-2023-46841
* CVE-2024-2193

CVSS scores:

* CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
* CVE-2023-46841 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
* CVE-2024-2193 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected Products:

* Basesystem Module 15-SP5
* openSUSE Leap 15.5
* Server Applications Module 15-SP5
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves three vulnerabilities and has one security fix can now be
installed.

## Description:

This update for xen fixes the following issues:

* CVE-2023-28746: Register File Data Sampling (bsc#1221332)
* CVE-2024-2193: Fixed GhostRace, a speculative race conditions. (bsc#1221334)
* CVE-2023-46841: Hhadow stack vs exceptions from emulation stubs
(bsc#1219885)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1102=1 SUSE-2024-1102=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2024-1102=1

* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1102=1

* Server Applications Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-1102=1

## Package List:

* openSUSE Leap 15.5 (aarch64 x86_64 i586)
* xen-libs-4.17.3_08-150500.3.27.1
* xen-devel-4.17.3_08-150500.3.27.1
* xen-debugsource-4.17.3_08-150500.3.27.1
* xen-tools-domU-debuginfo-4.17.3_08-150500.3.27.1
* xen-tools-domU-4.17.3_08-150500.3.27.1
* xen-libs-debuginfo-4.17.3_08-150500.3.27.1
* openSUSE Leap 15.5 (x86_64)
* xen-libs-32bit-debuginfo-4.17.3_08-150500.3.27.1
* xen-libs-32bit-4.17.3_08-150500.3.27.1
* openSUSE Leap 15.5 (aarch64 x86_64)
* xen-tools-4.17.3_08-150500.3.27.1
* xen-4.17.3_08-150500.3.27.1
* xen-doc-html-4.17.3_08-150500.3.27.1
* xen-tools-debuginfo-4.17.3_08-150500.3.27.1
* openSUSE Leap 15.5 (noarch)
* xen-tools-xendomains-wait-disk-4.17.3_08-150500.3.27.1
* openSUSE Leap 15.5 (aarch64_ilp32)
* xen-libs-64bit-4.17.3_08-150500.3.27.1
* xen-libs-64bit-debuginfo-4.17.3_08-150500.3.27.1
* SUSE Linux Enterprise Micro 5.5 (x86_64)
* xen-debugsource-4.17.3_08-150500.3.27.1
* xen-libs-debuginfo-4.17.3_08-150500.3.27.1
* xen-libs-4.17.3_08-150500.3.27.1
* Basesystem Module 15-SP5 (x86_64)
* xen-libs-4.17.3_08-150500.3.27.1
* xen-debugsource-4.17.3_08-150500.3.27.1
* xen-tools-domU-debuginfo-4.17.3_08-150500.3.27.1
* xen-tools-domU-4.17.3_08-150500.3.27.1
* xen-libs-debuginfo-4.17.3_08-150500.3.27.1
* Server Applications Module 15-SP5 (x86_64)
* xen-devel-4.17.3_08-150500.3.27.1
* xen-4.17.3_08-150500.3.27.1
* xen-debugsource-4.17.3_08-150500.3.27.1
* xen-tools-4.17.3_08-150500.3.27.1
* xen-tools-debuginfo-4.17.3_08-150500.3.27.1
* Server Applications Module 15-SP5 (noarch)
* xen-tools-xendomains-wait-disk-4.17.3_08-150500.3.27.1

## References:

* https://www.suse.com/security/cve/CVE-2023-28746.html
* https://www.suse.com/security/cve/CVE-2023-46841.html
* https://www.suse.com/security/cve/CVE-2024-2193.html
* https://bugzilla.suse.com/show_bug.cgi?id=1027519
* https://bugzilla.suse.com/show_bug.cgi?id=1219885
* https://bugzilla.suse.com/show_bug.cgi?id=1221332
* https://bugzilla.suse.com/show_bug.cgi?id=1221334



SUSE-SU-2024:1133-1: moderate: Security update for ncurses


# Security update for ncurses

Announcement ID: SUSE-SU-2024:1133-1
Rating: moderate
References:

* bsc#1220061

Cross-References:

* CVE-2023-45918

CVSS scores:

* CVE-2023-45918 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

Affected Products:

* Basesystem Module 15-SP5
* Development Tools Module 15-SP5
* Legacy Module 15-SP5
* openSUSE Leap 15.5
* openSUSE Leap Micro 5.3
* openSUSE Leap Micro 5.4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Micro 5.1
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Micro for Rancher 5.2
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves one vulnerability can now be installed.

## Description:

This update for ncurses fixes the following issues:

* CVE-2023-45918: Fixed NULL pointer dereference via corrupted xterm-256color
file (bsc#1220061).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap Micro 5.3
zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1133=1

* openSUSE Leap Micro 5.4
zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1133=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1133=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-1133=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-1133=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-1133=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-1133=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2024-1133=1

* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1133=1

* Development Tools Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-1133=1

* Legacy Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Legacy-15-SP5-2024-1133=1

* SUSE Linux Enterprise Micro 5.1
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-1133=1

* SUSE Linux Enterprise Micro 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1133=1

* SUSE Linux Enterprise Micro for Rancher 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1133=1

## Package List:

* openSUSE Leap Micro 5.3 (aarch64 x86_64)
* terminfo-base-6.1-150000.5.24.1
* ncurses-debugsource-6.1-150000.5.24.1
* libncurses6-6.1-150000.5.24.1
* ncurses-utils-6.1-150000.5.24.1
* terminfo-6.1-150000.5.24.1
* libncurses6-debuginfo-6.1-150000.5.24.1
* ncurses-utils-debuginfo-6.1-150000.5.24.1
* openSUSE Leap Micro 5.4 (aarch64 s390x x86_64)
* terminfo-base-6.1-150000.5.24.1
* ncurses-debugsource-6.1-150000.5.24.1
* libncurses6-6.1-150000.5.24.1
* ncurses-utils-6.1-150000.5.24.1
* terminfo-6.1-150000.5.24.1
* libncurses6-debuginfo-6.1-150000.5.24.1
* ncurses-utils-debuginfo-6.1-150000.5.24.1
* openSUSE Leap 15.5 (x86_64)
* ncurses-devel-32bit-debuginfo-6.1-150000.5.24.1
* libncurses5-32bit-debuginfo-6.1-150000.5.24.1
* ncurses5-devel-32bit-6.1-150000.5.24.1
* libncurses5-32bit-6.1-150000.5.24.1
* ncurses-devel-32bit-6.1-150000.5.24.1
* libncurses6-32bit-debuginfo-6.1-150000.5.24.1
* libncurses6-32bit-6.1-150000.5.24.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* ncurses-devel-6.1-150000.5.24.1
* ncurses5-devel-6.1-150000.5.24.1
* tack-debuginfo-6.1-150000.5.24.1
* terminfo-base-6.1-150000.5.24.1
* ncurses-debugsource-6.1-150000.5.24.1
* tack-6.1-150000.5.24.1
* libncurses6-6.1-150000.5.24.1
* libncurses5-6.1-150000.5.24.1
* ncurses-utils-6.1-150000.5.24.1
* libncurses5-debuginfo-6.1-150000.5.24.1
* ncurses-utils-debuginfo-6.1-150000.5.24.1
* ncurses-devel-debuginfo-6.1-150000.5.24.1
* terminfo-iterm-6.1-150000.5.24.1
* terminfo-screen-6.1-150000.5.24.1
* terminfo-6.1-150000.5.24.1
* libncurses6-debuginfo-6.1-150000.5.24.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* terminfo-base-6.1-150000.5.24.1
* ncurses-debugsource-6.1-150000.5.24.1
* libncurses6-6.1-150000.5.24.1
* ncurses-utils-6.1-150000.5.24.1
* terminfo-6.1-150000.5.24.1
* libncurses6-debuginfo-6.1-150000.5.24.1
* ncurses-utils-debuginfo-6.1-150000.5.24.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* terminfo-base-6.1-150000.5.24.1
* ncurses-debugsource-6.1-150000.5.24.1
* libncurses6-6.1-150000.5.24.1
* ncurses-utils-6.1-150000.5.24.1
* terminfo-6.1-150000.5.24.1
* libncurses6-debuginfo-6.1-150000.5.24.1
* ncurses-utils-debuginfo-6.1-150000.5.24.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* terminfo-base-6.1-150000.5.24.1
* ncurses-debugsource-6.1-150000.5.24.1
* libncurses6-6.1-150000.5.24.1
* ncurses-utils-6.1-150000.5.24.1
* terminfo-6.1-150000.5.24.1
* libncurses6-debuginfo-6.1-150000.5.24.1
* ncurses-utils-debuginfo-6.1-150000.5.24.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* terminfo-base-6.1-150000.5.24.1
* ncurses-debugsource-6.1-150000.5.24.1
* libncurses6-6.1-150000.5.24.1
* ncurses-utils-6.1-150000.5.24.1
* terminfo-6.1-150000.5.24.1
* libncurses6-debuginfo-6.1-150000.5.24.1
* ncurses-utils-debuginfo-6.1-150000.5.24.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64)
* terminfo-base-6.1-150000.5.24.1
* ncurses-debugsource-6.1-150000.5.24.1
* libncurses6-6.1-150000.5.24.1
* ncurses-utils-6.1-150000.5.24.1
* terminfo-6.1-150000.5.24.1
* libncurses6-debuginfo-6.1-150000.5.24.1
* ncurses-utils-debuginfo-6.1-150000.5.24.1
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* ncurses-devel-6.1-150000.5.24.1
* terminfo-base-6.1-150000.5.24.1
* tack-debuginfo-6.1-150000.5.24.1
* ncurses-debugsource-6.1-150000.5.24.1
* tack-6.1-150000.5.24.1
* libncurses6-6.1-150000.5.24.1
* ncurses-utils-6.1-150000.5.24.1
* ncurses-utils-debuginfo-6.1-150000.5.24.1
* ncurses-devel-debuginfo-6.1-150000.5.24.1
* terminfo-iterm-6.1-150000.5.24.1
* terminfo-screen-6.1-150000.5.24.1
* terminfo-6.1-150000.5.24.1
* libncurses6-debuginfo-6.1-150000.5.24.1
* Basesystem Module 15-SP5 (x86_64)
* libncurses6-32bit-debuginfo-6.1-150000.5.24.1
* libncurses6-32bit-6.1-150000.5.24.1
* Development Tools Module 15-SP5 (x86_64)
* ncurses-devel-32bit-debuginfo-6.1-150000.5.24.1
* ncurses-devel-32bit-6.1-150000.5.24.1
* Legacy Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* ncurses-debugsource-6.1-150000.5.24.1
* libncurses5-debuginfo-6.1-150000.5.24.1
* ncurses5-devel-6.1-150000.5.24.1
* libncurses5-6.1-150000.5.24.1
* Legacy Module 15-SP5 (x86_64)
* libncurses5-32bit-debuginfo-6.1-150000.5.24.1
* libncurses5-32bit-6.1-150000.5.24.1
* SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
* terminfo-base-6.1-150000.5.24.1
* ncurses-debugsource-6.1-150000.5.24.1
* libncurses6-6.1-150000.5.24.1
* ncurses-utils-6.1-150000.5.24.1
* terminfo-6.1-150000.5.24.1
* libncurses6-debuginfo-6.1-150000.5.24.1
* ncurses-utils-debuginfo-6.1-150000.5.24.1
* SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
* terminfo-base-6.1-150000.5.24.1
* ncurses-debugsource-6.1-150000.5.24.1
* libncurses6-6.1-150000.5.24.1
* ncurses-utils-6.1-150000.5.24.1
* terminfo-6.1-150000.5.24.1
* libncurses6-debuginfo-6.1-150000.5.24.1
* ncurses-utils-debuginfo-6.1-150000.5.24.1
* SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
* terminfo-base-6.1-150000.5.24.1
* ncurses-debugsource-6.1-150000.5.24.1
* libncurses6-6.1-150000.5.24.1
* ncurses-utils-6.1-150000.5.24.1
* terminfo-6.1-150000.5.24.1
* libncurses6-debuginfo-6.1-150000.5.24.1
* ncurses-utils-debuginfo-6.1-150000.5.24.1

## References:

* https://www.suse.com/security/cve/CVE-2023-45918.html
* https://bugzilla.suse.com/show_bug.cgi?id=1220061



SUSE-SU-2024:1137-1: moderate: Security update for helm


# Security update for helm

Announcement ID: SUSE-SU-2024:1137-1
Rating: moderate
References:

* bsc#1219969
* bsc#1220207

Cross-References:

* CVE-2024-25620
* CVE-2024-26147

CVSS scores:

* CVE-2024-25620 ( SUSE ): 6.4 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
* CVE-2024-26147 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* Containers Module 15-SP5
* openSUSE Leap 15.5
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Package Hub 15 15-SP5

An update that solves two vulnerabilities can now be installed.

## Description:

This update for helm fixes the following issues:

* CVE-2024-25620: Fixed with dependency management path traversal
(bsc#1219969).
* CVE-2024-26147: Fixed uninitialized variable in yaml parsing (bsc#1220207).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1137=1

* Containers Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-1137=1

* SUSE Package Hub 15 15-SP5
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1137=1

## Package List:

* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* helm-3.13.3-150000.1.32.1
* helm-debuginfo-3.13.3-150000.1.32.1
* openSUSE Leap 15.5 (noarch)
* helm-zsh-completion-3.13.3-150000.1.32.1
* helm-bash-completion-3.13.3-150000.1.32.1
* helm-fish-completion-3.13.3-150000.1.32.1
* Containers Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* helm-3.13.3-150000.1.32.1
* helm-debuginfo-3.13.3-150000.1.32.1
* Containers Module 15-SP5 (noarch)
* helm-zsh-completion-3.13.3-150000.1.32.1
* helm-bash-completion-3.13.3-150000.1.32.1
* SUSE Package Hub 15 15-SP5 (noarch)
* helm-fish-completion-3.13.3-150000.1.32.1

## References:

* https://www.suse.com/security/cve/CVE-2024-25620.html
* https://www.suse.com/security/cve/CVE-2024-26147.html
* https://bugzilla.suse.com/show_bug.cgi?id=1219969
* https://bugzilla.suse.com/show_bug.cgi?id=1220207



SUSE-SU-2024:1143-1: important: Security update for buildah


# Security update for buildah

Announcement ID: SUSE-SU-2024:1143-1
Rating: important
References:

* bsc#1219563
* bsc#1220568
* bsc#1221677

Cross-References:

* CVE-2024-1753

CVSS scores:

* CVE-2024-1753 ( SUSE ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Affected Products:

* Containers Module 15-SP5
* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves one vulnerability and has two security fixes can now be
installed.

## Description:

This update for buildah fixes the following issues:

* CVE-2024-1753: Fixed an issue to prevent a full container escape at build
time. (bsc#1221677)
* Update to version 1.34.1 for compatibility with Docker 25.0 (which is not in
SLES yet, but will eventually be) (bsc#1219563). See the corresponding
release notes:
* https://github.com/containers/buildah/releases/tag/v1.34.1
* https://github.com/containers/buildah/releases/tag/v1.34.0
* https://github.com/containers/buildah/releases/tag/v1.33.0
* https://github.com/containers/buildah/releases/tag/v1.32.0
* https://github.com/containers/buildah/releases/tag/v1.31.0
* https://github.com/containers/buildah/releases/tag/v1.30.0

* Require cni-plugins (bsc#1220568)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2024-1143=1 openSUSE-SLE-15.5-2024-1143=1

* Containers Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-1143=1

## Package List:

* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
* buildah-1.34.1-150500.3.7.1
* Containers Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* buildah-1.34.1-150500.3.7.1

## References:

* https://www.suse.com/security/cve/CVE-2024-1753.html
* https://bugzilla.suse.com/show_bug.cgi?id=1219563
* https://bugzilla.suse.com/show_bug.cgi?id=1220568
* https://bugzilla.suse.com/show_bug.cgi?id=1221677



SUSE-SU-2024:1144-1: important: Security update for buildah


# Security update for buildah

Announcement ID: SUSE-SU-2024:1144-1
Rating: important
References:

* bsc#1219563
* bsc#1220568
* bsc#1221677

Cross-References:

* CVE-2024-1753

CVSS scores:

* CVE-2024-1753 ( SUSE ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Affected Products:

* openSUSE Leap 15.4
* openSUSE Leap Micro 5.3
* openSUSE Leap Micro 5.4
* Public Cloud Module 15-SP2
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise High Performance Computing 15 SP2
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Micro 5.1
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro for Rancher 5.2
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Server 15 SP2
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP2
* SUSE Linux Enterprise Server for SAP Applications 15 SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Manager Proxy 4.1
* SUSE Manager Retail Branch Server 4.1
* SUSE Manager Server 4.1

An update that solves one vulnerability and has two security fixes can now be
installed.

## Description:

This update for buildah fixes the following issues:

* CVE-2024-1753: Fixed an issue to prevent a full container escape at build
time. (bsc#1221677)
* Update to version 1.34.1 for compatibility with Docker 25.0 (which is not in
SLES yet, but will eventually be) (bsc#1219563). See the corresponding
release notes:
* https://github.com/containers/buildah/releases/tag/v1.34.1
* https://github.com/containers/buildah/releases/tag/v1.34.0
* https://github.com/containers/buildah/releases/tag/v1.33.0
* https://github.com/containers/buildah/releases/tag/v1.32.0
* https://github.com/containers/buildah/releases/tag/v1.31.0
* https://github.com/containers/buildah/releases/tag/v1.30.0

* Require cni-plugins (bsc#1220568)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-1144=1

* openSUSE Leap Micro 5.3
zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1144=1

* openSUSE Leap Micro 5.4
zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1144=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-1144=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-1144=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-1144=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-1144=1

* Public Cloud Module 15-SP2
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP2-2024-1144=1

* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-1144=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1144=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1144=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1144=1

* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2
zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-1144=1

* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1144=1

* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1144=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP2
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2024-1144=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1144=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1144=1

* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2024-1144=1

* SUSE Linux Enterprise Micro 5.1
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-1144=1

* SUSE Linux Enterprise Micro 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1144=1

* SUSE Linux Enterprise Micro for Rancher 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1144=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* buildah-1.34.1-150400.3.27.1
* openSUSE Leap Micro 5.3 (aarch64 x86_64)
* cni-plugins-0.8.6-150100.3.22.3
* cni-0.7.1-150100.3.18.1
* openSUSE Leap Micro 5.4 (aarch64 s390x x86_64)
* cni-plugins-0.8.6-150100.3.22.3
* cni-0.7.1-150100.3.18.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* cni-plugins-0.8.6-150100.3.22.3
* cni-0.7.1-150100.3.18.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* cni-plugins-0.8.6-150100.3.22.3
* cni-0.7.1-150100.3.18.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* cni-plugins-0.8.6-150100.3.22.3
* cni-0.7.1-150100.3.18.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* cni-plugins-0.8.6-150100.3.22.3
* cni-0.7.1-150100.3.18.1
* Public Cloud Module 15-SP2 (aarch64 ppc64le s390x x86_64)
* cni-plugins-0.8.6-150100.3.22.3
* cni-0.7.1-150100.3.18.1
* SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64
x86_64)
* cni-plugins-0.8.6-150100.3.22.3
* cni-0.7.1-150100.3.18.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* cni-plugins-0.8.6-150100.3.22.3
* cni-0.7.1-150100.3.18.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* cni-plugins-0.8.6-150100.3.22.3
* cni-0.7.1-150100.3.18.1
* buildah-1.34.1-150400.3.27.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* cni-plugins-0.8.6-150100.3.22.3
* cni-0.7.1-150100.3.18.1
* buildah-1.34.1-150400.3.27.1
* SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x
x86_64)
* cni-plugins-0.8.6-150100.3.22.3
* cni-0.7.1-150100.3.18.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x
x86_64)
* cni-plugins-0.8.6-150100.3.22.3
* cni-0.7.1-150100.3.18.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x
x86_64)
* cni-plugins-0.8.6-150100.3.22.3
* cni-0.7.1-150100.3.18.1
* buildah-1.34.1-150400.3.27.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64)
* cni-plugins-0.8.6-150100.3.22.3
* cni-0.7.1-150100.3.18.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* cni-plugins-0.8.6-150100.3.22.3
* cni-0.7.1-150100.3.18.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* cni-plugins-0.8.6-150100.3.22.3
* cni-0.7.1-150100.3.18.1
* buildah-1.34.1-150400.3.27.1
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* cni-plugins-0.8.6-150100.3.22.3
* cni-0.7.1-150100.3.18.1
* SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64)
* cni-plugins-0.8.6-150100.3.22.3
* cni-0.7.1-150100.3.18.1
* SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64)
* cni-plugins-0.8.6-150100.3.22.3
* cni-0.7.1-150100.3.18.1
* SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64)
* cni-plugins-0.8.6-150100.3.22.3
* cni-0.7.1-150100.3.18.1

## References:

* https://www.suse.com/security/cve/CVE-2024-1753.html
* https://bugzilla.suse.com/show_bug.cgi?id=1219563
* https://bugzilla.suse.com/show_bug.cgi?id=1220568
* https://bugzilla.suse.com/show_bug.cgi?id=1221677



SUSE-SU-2024:1145-1: important: Security update for buildah


# Security update for buildah

Announcement ID: SUSE-SU-2024:1145-1
Rating: important
References:

* bsc#1219563
* bsc#1220568
* bsc#1221677

Cross-References:

* CVE-2024-1753

CVSS scores:

* CVE-2024-1753 ( SUSE ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Affected Products:

* openSUSE Leap 15.3
* SUSE Enterprise Storage 7.1
* SUSE Linux Enterprise High Performance Computing 15 SP3
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
* SUSE Linux Enterprise Server 15 SP3
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
* SUSE Linux Enterprise Server for SAP Applications 15 SP3

An update that solves one vulnerability and has two security fixes can now be
installed.

## Description:

This update for buildah fixes the following issues:

* CVE-2024-1753: Fixed an issue to prevent a full container escape at build
time. (bsc#1221677)
* Update to version 1.34.1 for compatibility with Docker 25.0 (which is not in
SLES yet, but will eventually be) (bsc#1219563). See the corresponding
release notes:
* https://github.com/containers/buildah/releases/tag/v1.34.1
* https://github.com/containers/buildah/releases/tag/v1.34.0
* https://github.com/containers/buildah/releases/tag/v1.33.0
* https://github.com/containers/buildah/releases/tag/v1.32.0
* https://github.com/containers/buildah/releases/tag/v1.31.0
* https://github.com/containers/buildah/releases/tag/v1.30.0

* Require cni-plugins (bsc#1220568)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.3
zypper in -t patch SUSE-2024-1145=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3
zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-1145=1

* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3
zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-1145=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP3
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2024-1145=1

* SUSE Enterprise Storage 7.1
zypper in -t patch SUSE-Storage-7.1-2024-1145=1

## Package List:

* openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
* buildah-1.34.1-150300.8.22.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64
x86_64)
* buildah-1.34.1-150300.8.22.1
* SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x
x86_64)
* buildah-1.34.1-150300.8.22.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64)
* buildah-1.34.1-150300.8.22.1
* SUSE Enterprise Storage 7.1 (aarch64 x86_64)
* buildah-1.34.1-150300.8.22.1

## References:

* https://www.suse.com/security/cve/CVE-2024-1753.html
* https://bugzilla.suse.com/show_bug.cgi?id=1219563
* https://bugzilla.suse.com/show_bug.cgi?id=1220568
* https://bugzilla.suse.com/show_bug.cgi?id=1221677



SUSE-SU-2024:1146-1: important: Security update for podman


# Security update for podman

Announcement ID: SUSE-SU-2024:1146-1
Rating: important
References:

* bsc#1221677

Cross-References:

* CVE-2024-1753

CVSS scores:

* CVE-2024-1753 ( SUSE ): 8.6 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

Affected Products:

* Containers Module 15-SP5
* openSUSE Leap 15.5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves one vulnerability can now be installed.

## Description:

This update for podman fixes the following issues:

* CVE-2024-1753: Fixed an issue to prevent a full container escape at build
time. (bsc#1221677)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2024-1146=1 openSUSE-SLE-15.5-2024-1146=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2024-1146=1

* Containers Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Containers-15-SP5-2024-1146=1

## Package List:

* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
* podman-remote-debuginfo-4.8.3-150500.3.9.1
* podman-remote-4.8.3-150500.3.9.1
* podman-4.8.3-150500.3.9.1
* podmansh-4.8.3-150500.3.9.1
* podman-debuginfo-4.8.3-150500.3.9.1
* openSUSE Leap 15.5 (noarch)
* podman-docker-4.8.3-150500.3.9.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64)
* podman-remote-debuginfo-4.8.3-150500.3.9.1
* podman-remote-4.8.3-150500.3.9.1
* podman-4.8.3-150500.3.9.1
* podmansh-4.8.3-150500.3.9.1
* podman-debuginfo-4.8.3-150500.3.9.1
* SUSE Linux Enterprise Micro 5.5 (noarch)
* podman-docker-4.8.3-150500.3.9.1
* Containers Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* podman-remote-debuginfo-4.8.3-150500.3.9.1
* podman-remote-4.8.3-150500.3.9.1
* podman-4.8.3-150500.3.9.1
* podmansh-4.8.3-150500.3.9.1
* podman-debuginfo-4.8.3-150500.3.9.1
* Containers Module 15-SP5 (noarch)
* podman-docker-4.8.3-150500.3.9.1

## References:

* https://www.suse.com/security/cve/CVE-2024-1753.html
* https://bugzilla.suse.com/show_bug.cgi?id=1221677



SUSE-SU-2024:1151-1: moderate: Security update for curl


# Security update for curl

Announcement ID: SUSE-SU-2024:1151-1
Rating: moderate
References:

* bsc#1221665
* bsc#1221667

Cross-References:

* CVE-2024-2004
* CVE-2024-2398

CVSS scores:

* CVE-2024-2004 ( SUSE ): 3.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N
* CVE-2024-2398 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* Basesystem Module 15-SP5
* openSUSE Leap 15.4
* openSUSE Leap 15.5
* openSUSE Leap Micro 5.3
* openSUSE Leap Micro 5.4
* SUSE Linux Enterprise Desktop 15 SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves two vulnerabilities can now be installed.

## Description:

This update for curl fixes the following issues:

* CVE-2024-2004: Fix the uUsage of disabled protocol logic. (bsc#1221665)
* CVE-2024-2398: Fix HTTP/2 push headers memory-leak. (bsc#1221667)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-1151=1

* openSUSE Leap Micro 5.3
zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1151=1

* openSUSE Leap Micro 5.4
zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1151=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1151=1

* SUSE Linux Enterprise High Performance Computing 15 SP4
zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-1151=1

* SUSE Linux Enterprise Server 15 SP4
zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-1151=1

* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-1151=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-1151=1

* SUSE Linux Enterprise Desktop 15 SP4
zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-1151=1

* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-1151=1

* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-INSTALLER-15-SP4-2024-1151=1

* SUSE Linux Enterprise High Performance Computing 15 SP5
zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-1151=1

* SUSE Linux Enterprise Server 15 SP5
zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-1151=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP5
zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-1151=1

* SUSE Linux Enterprise Desktop 15 SP5
zypper in -t patch SUSE-SLE-INSTALLER-15-SP5-2024-1151=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-1151=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-1151=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-1151=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-1151=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2024-1151=1

* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1151=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* libcurl4-debuginfo-8.0.1-150400.5.44.1
* curl-8.0.1-150400.5.44.1
* libcurl4-8.0.1-150400.5.44.1
* libcurl-devel-8.0.1-150400.5.44.1
* curl-debugsource-8.0.1-150400.5.44.1
* curl-debuginfo-8.0.1-150400.5.44.1
* openSUSE Leap 15.4 (x86_64)
* libcurl-devel-32bit-8.0.1-150400.5.44.1
* libcurl4-32bit-8.0.1-150400.5.44.1
* libcurl4-32bit-debuginfo-8.0.1-150400.5.44.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* libcurl-devel-64bit-8.0.1-150400.5.44.1
* libcurl4-64bit-8.0.1-150400.5.44.1
* libcurl4-64bit-debuginfo-8.0.1-150400.5.44.1
* openSUSE Leap Micro 5.3 (aarch64 x86_64)
* libcurl4-debuginfo-8.0.1-150400.5.44.1
* curl-8.0.1-150400.5.44.1
* libcurl4-8.0.1-150400.5.44.1
* curl-debugsource-8.0.1-150400.5.44.1
* curl-debuginfo-8.0.1-150400.5.44.1
* openSUSE Leap Micro 5.4 (aarch64 s390x x86_64)
* libcurl4-debuginfo-8.0.1-150400.5.44.1
* curl-8.0.1-150400.5.44.1
* libcurl4-8.0.1-150400.5.44.1
* curl-debugsource-8.0.1-150400.5.44.1
* curl-debuginfo-8.0.1-150400.5.44.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* libcurl4-debuginfo-8.0.1-150400.5.44.1
* curl-8.0.1-150400.5.44.1
* libcurl4-8.0.1-150400.5.44.1
* libcurl-devel-8.0.1-150400.5.44.1
* curl-debugsource-8.0.1-150400.5.44.1
* curl-debuginfo-8.0.1-150400.5.44.1
* openSUSE Leap 15.5 (x86_64)
* libcurl-devel-32bit-8.0.1-150400.5.44.1
* libcurl4-32bit-8.0.1-150400.5.44.1
* libcurl4-32bit-debuginfo-8.0.1-150400.5.44.1
* SUSE Linux Enterprise High Performance Computing 15 SP4 (aarch64 x86_64)
* libcurl4-8.0.1-150400.5.44.1
* SUSE Linux Enterprise Server 15 SP4 (aarch64 ppc64le s390x x86_64)
* libcurl4-8.0.1-150400.5.44.1
* SUSE Manager Server 4.3 (ppc64le s390x x86_64)
* libcurl4-8.0.1-150400.5.44.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* libcurl4-8.0.1-150400.5.44.1
* SUSE Linux Enterprise Desktop 15 SP4 (x86_64)
* libcurl4-8.0.1-150400.5.44.1
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* libcurl4-8.0.1-150400.5.44.1
* SUSE Manager Proxy 4.3 (x86_64)
* libcurl4-8.0.1-150400.5.44.1
* SUSE Linux Enterprise High Performance Computing 15 SP5 (aarch64 x86_64)
* libcurl4-8.0.1-150400.5.44.1
* SUSE Linux Enterprise Server 15 SP5 (aarch64 ppc64le s390x x86_64)
* libcurl4-8.0.1-150400.5.44.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP5 (ppc64le x86_64)
* libcurl4-8.0.1-150400.5.44.1
* SUSE Linux Enterprise Desktop 15 SP5 (x86_64)
* libcurl4-8.0.1-150400.5.44.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* libcurl4-debuginfo-8.0.1-150400.5.44.1
* curl-8.0.1-150400.5.44.1
* libcurl4-8.0.1-150400.5.44.1
* curl-debugsource-8.0.1-150400.5.44.1
* curl-debuginfo-8.0.1-150400.5.44.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* libcurl4-debuginfo-8.0.1-150400.5.44.1
* curl-8.0.1-150400.5.44.1
* libcurl4-8.0.1-150400.5.44.1
* curl-debugsource-8.0.1-150400.5.44.1
* curl-debuginfo-8.0.1-150400.5.44.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* libcurl4-debuginfo-8.0.1-150400.5.44.1
* curl-8.0.1-150400.5.44.1
* libcurl4-8.0.1-150400.5.44.1
* curl-debugsource-8.0.1-150400.5.44.1
* curl-debuginfo-8.0.1-150400.5.44.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* libcurl4-debuginfo-8.0.1-150400.5.44.1
* curl-8.0.1-150400.5.44.1
* libcurl4-8.0.1-150400.5.44.1
* curl-debugsource-8.0.1-150400.5.44.1
* curl-debuginfo-8.0.1-150400.5.44.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64)
* libcurl4-debuginfo-8.0.1-150400.5.44.1
* curl-8.0.1-150400.5.44.1
* libcurl4-8.0.1-150400.5.44.1
* curl-debugsource-8.0.1-150400.5.44.1
* curl-debuginfo-8.0.1-150400.5.44.1
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* libcurl4-debuginfo-8.0.1-150400.5.44.1
* curl-8.0.1-150400.5.44.1
* libcurl4-8.0.1-150400.5.44.1
* libcurl-devel-8.0.1-150400.5.44.1
* curl-debugsource-8.0.1-150400.5.44.1
* curl-debuginfo-8.0.1-150400.5.44.1
* Basesystem Module 15-SP5 (x86_64)
* libcurl4-32bit-8.0.1-150400.5.44.1
* libcurl4-32bit-debuginfo-8.0.1-150400.5.44.1

## References:

* https://www.suse.com/security/cve/CVE-2024-2004.html
* https://www.suse.com/security/cve/CVE-2024-2398.html
* https://bugzilla.suse.com/show_bug.cgi?id=1221665
* https://bugzilla.suse.com/show_bug.cgi?id=1221667



SUSE-SU-2024:1152-1: moderate: Security update for xen


# Security update for xen

Announcement ID: SUSE-SU-2024:1152-1
Rating: moderate
References:

* bsc#1221332
* bsc#1221334

Cross-References:

* CVE-2023-28746
* CVE-2024-2193

CVSS scores:

* CVE-2023-28746 ( SUSE ): 6.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
* CVE-2024-2193 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected Products:

* openSUSE Leap 15.3
* SUSE Linux Enterprise Micro 5.1
* SUSE Linux Enterprise Micro 5.2
* SUSE Linux Enterprise Micro for Rancher 5.2

An update that solves two vulnerabilities can now be installed.

## Description:

This update for xen fixes the following issues:

* CVE-2023-28746: Register File Data Sampling (bsc#1221332)
* CVE-2024-2193: Fixed GhostRace, a speculative race conditions. (bsc#1221334)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise Micro 5.1
zypper in -t patch SUSE-SUSE-MicroOS-5.1-2024-1152=1

* SUSE Linux Enterprise Micro 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1152=1

* SUSE Linux Enterprise Micro for Rancher 5.2
zypper in -t patch SUSE-SUSE-MicroOS-5.2-2024-1152=1

* openSUSE Leap 15.3
zypper in -t patch SUSE-2024-1152=1

## Package List:

* SUSE Linux Enterprise Micro 5.1 (x86_64)
* xen-debugsource-4.14.6_12-150300.3.69.1
* xen-libs-debuginfo-4.14.6_12-150300.3.69.1
* xen-libs-4.14.6_12-150300.3.69.1
* SUSE Linux Enterprise Micro 5.2 (x86_64)
* xen-debugsource-4.14.6_12-150300.3.69.1
* xen-libs-debuginfo-4.14.6_12-150300.3.69.1
* xen-libs-4.14.6_12-150300.3.69.1
* SUSE Linux Enterprise Micro for Rancher 5.2 (x86_64)
* xen-debugsource-4.14.6_12-150300.3.69.1
* xen-libs-debuginfo-4.14.6_12-150300.3.69.1
* xen-libs-4.14.6_12-150300.3.69.1
* openSUSE Leap 15.3 (aarch64 x86_64 i586)
* xen-debugsource-4.14.6_12-150300.3.69.1
* xen-devel-4.14.6_12-150300.3.69.1
* xen-tools-domU-debuginfo-4.14.6_12-150300.3.69.1
* xen-libs-debuginfo-4.14.6_12-150300.3.69.1
* xen-libs-4.14.6_12-150300.3.69.1
* xen-tools-domU-4.14.6_12-150300.3.69.1
* openSUSE Leap 15.3 (x86_64)
* xen-libs-32bit-debuginfo-4.14.6_12-150300.3.69.1
* xen-libs-32bit-4.14.6_12-150300.3.69.1
* openSUSE Leap 15.3 (aarch64 x86_64)
* xen-tools-4.14.6_12-150300.3.69.1
* xen-4.14.6_12-150300.3.69.1
* xen-tools-debuginfo-4.14.6_12-150300.3.69.1
* xen-doc-html-4.14.6_12-150300.3.69.1
* openSUSE Leap 15.3 (noarch)
* xen-tools-xendomains-wait-disk-4.14.6_12-150300.3.69.1
* openSUSE Leap 15.3 (aarch64_ilp32)
* xen-libs-64bit-4.14.6_12-150300.3.69.1
* xen-libs-64bit-debuginfo-4.14.6_12-150300.3.69.1

## References:

* https://www.suse.com/security/cve/CVE-2023-28746.html
* https://www.suse.com/security/cve/CVE-2024-2193.html
* https://bugzilla.suse.com/show_bug.cgi?id=1221332
* https://bugzilla.suse.com/show_bug.cgi?id=1221334



SUSE-SU-2024:1154-1: important: Security update for python-Pillow


# Security update for python-Pillow

Announcement ID: SUSE-SU-2024:1154-1
Rating: important
References:

* bsc#1222262

Cross-References:

* CVE-2024-28219

CVSS scores:

* CVE-2024-28219 ( SUSE ): 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

Affected Products:

* openSUSE Leap 15.3
* openSUSE Leap 15.5

An update that solves one vulnerability can now be installed.

## Description:

This update for python-Pillow fixes the following issues:

* CVE-2024-28219: Fixed buffer overflow in _imagingcms.c (bsc#1222262)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.3
zypper in -t patch SUSE-2024-1154=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1154=1

## Package List:

* openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64 i586)
* python-Pillow-debuginfo-7.2.0-150300.3.9.1
* python-Pillow-debugsource-7.2.0-150300.3.9.1
* python3-Pillow-7.2.0-150300.3.9.1
* python3-Pillow-tk-7.2.0-150300.3.9.1
* python3-Pillow-debuginfo-7.2.0-150300.3.9.1
* python3-Pillow-tk-debuginfo-7.2.0-150300.3.9.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* python-Pillow-debuginfo-7.2.0-150300.3.9.1
* python-Pillow-debugsource-7.2.0-150300.3.9.1
* python3-Pillow-7.2.0-150300.3.9.1
* python3-Pillow-tk-7.2.0-150300.3.9.1
* python3-Pillow-debuginfo-7.2.0-150300.3.9.1
* python3-Pillow-tk-debuginfo-7.2.0-150300.3.9.1

## References:

* https://www.suse.com/security/cve/CVE-2024-28219.html
* https://bugzilla.suse.com/show_bug.cgi?id=1222262



SUSE-SU-2024:1162-1: important: Security update for python310


# Security update for python310

Announcement ID: SUSE-SU-2024:1162-1
Rating: important
References:

* bsc#1189495
* bsc#1211301
* bsc#1219559
* bsc#1219666
* bsc#1221854

Cross-References:

* CVE-2023-52425
* CVE-2023-6597
* CVE-2024-0450

CVSS scores:

* CVE-2023-52425 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52425 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-6597 ( SUSE ): 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-0450 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.4
* openSUSE Leap 15.5
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP4

An update that solves three vulnerabilities and has two security fixes can now
be installed.

## Description:

This update for python310 fixes the following issues:

* CVE-2024-0450: Fixed "quoted-overlap" in zipfile module is python310
(bsc#1221854)
* CVE-2023-52425: Fixed denial of service caused by processing large tokens in
expat module in python310 (bsc#1219559)
* CVE-2023-6597: Fixed tempfile.TemporaryDirectory fails on removing dir in
some edge cases related to symlinks in python310 (bsc#1219666)

Other changes:

* Revert %autopatch due to missing parameter support (bsc#1189495)

* Extended crypto-policies support (bsc#1211301)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-1162=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1162=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1162=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1162=1

* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1162=1

* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1162=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1162=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* python310-devel-3.10.14-150400.4.45.1
* python310-debugsource-3.10.14-150400.4.45.1
* python310-dbm-3.10.14-150400.4.45.1
* python310-tools-3.10.14-150400.4.45.1
* libpython3_10-1_0-debuginfo-3.10.14-150400.4.45.1
* python310-idle-3.10.14-150400.4.45.1
* python310-tk-3.10.14-150400.4.45.1
* python310-tk-debuginfo-3.10.14-150400.4.45.1
* python310-curses-debuginfo-3.10.14-150400.4.45.1
* python310-debuginfo-3.10.14-150400.4.45.1
* python310-curses-3.10.14-150400.4.45.1
* python310-doc-devhelp-3.10.14-150400.4.45.1
* python310-base-debuginfo-3.10.14-150400.4.45.1
* python310-testsuite-debuginfo-3.10.14-150400.4.45.1
* python310-dbm-debuginfo-3.10.14-150400.4.45.1
* libpython3_10-1_0-3.10.14-150400.4.45.1
* python310-testsuite-3.10.14-150400.4.45.1
* python310-doc-3.10.14-150400.4.45.1
* python310-3.10.14-150400.4.45.1
* python310-core-debugsource-3.10.14-150400.4.45.1
* python310-base-3.10.14-150400.4.45.1
* openSUSE Leap 15.4 (x86_64)
* python310-32bit-debuginfo-3.10.14-150400.4.45.1
* libpython3_10-1_0-32bit-debuginfo-3.10.14-150400.4.45.1
* libpython3_10-1_0-32bit-3.10.14-150400.4.45.1
* python310-32bit-3.10.14-150400.4.45.1
* python310-base-32bit-3.10.14-150400.4.45.1
* python310-base-32bit-debuginfo-3.10.14-150400.4.45.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* python310-base-64bit-3.10.14-150400.4.45.1
* python310-base-64bit-debuginfo-3.10.14-150400.4.45.1
* python310-64bit-debuginfo-3.10.14-150400.4.45.1
* libpython3_10-1_0-64bit-debuginfo-3.10.14-150400.4.45.1
* python310-64bit-3.10.14-150400.4.45.1
* libpython3_10-1_0-64bit-3.10.14-150400.4.45.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* python310-devel-3.10.14-150400.4.45.1
* python310-debugsource-3.10.14-150400.4.45.1
* python310-dbm-3.10.14-150400.4.45.1
* python310-tools-3.10.14-150400.4.45.1
* libpython3_10-1_0-debuginfo-3.10.14-150400.4.45.1
* python310-idle-3.10.14-150400.4.45.1
* python310-tk-3.10.14-150400.4.45.1
* python310-tk-debuginfo-3.10.14-150400.4.45.1
* python310-curses-debuginfo-3.10.14-150400.4.45.1
* python310-debuginfo-3.10.14-150400.4.45.1
* python310-curses-3.10.14-150400.4.45.1
* python310-doc-devhelp-3.10.14-150400.4.45.1
* python310-base-debuginfo-3.10.14-150400.4.45.1
* python310-testsuite-debuginfo-3.10.14-150400.4.45.1
* libpython3_10-1_0-3.10.14-150400.4.45.1
* python310-dbm-debuginfo-3.10.14-150400.4.45.1
* python310-doc-3.10.14-150400.4.45.1
* python310-testsuite-3.10.14-150400.4.45.1
* python310-3.10.14-150400.4.45.1
* python310-core-debugsource-3.10.14-150400.4.45.1
* python310-base-3.10.14-150400.4.45.1
* openSUSE Leap 15.5 (x86_64)
* python310-32bit-debuginfo-3.10.14-150400.4.45.1
* libpython3_10-1_0-32bit-debuginfo-3.10.14-150400.4.45.1
* libpython3_10-1_0-32bit-3.10.14-150400.4.45.1
* python310-32bit-3.10.14-150400.4.45.1
* python310-base-32bit-3.10.14-150400.4.45.1
* python310-base-32bit-debuginfo-3.10.14-150400.4.45.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* python310-devel-3.10.14-150400.4.45.1
* libpython3_10-1_0-debuginfo-3.10.14-150400.4.45.1
* python310-debugsource-3.10.14-150400.4.45.1
* libpython3_10-1_0-3.10.14-150400.4.45.1
* python310-curses-3.10.14-150400.4.45.1
* python310-dbm-debuginfo-3.10.14-150400.4.45.1
* python310-idle-3.10.14-150400.4.45.1
* python310-3.10.14-150400.4.45.1
* python310-core-debugsource-3.10.14-150400.4.45.1
* python310-dbm-3.10.14-150400.4.45.1
* python310-tools-3.10.14-150400.4.45.1
* python310-base-3.10.14-150400.4.45.1
* python310-tk-3.10.14-150400.4.45.1
* python310-tk-debuginfo-3.10.14-150400.4.45.1
* python310-curses-debuginfo-3.10.14-150400.4.45.1
* python310-debuginfo-3.10.14-150400.4.45.1
* python310-base-debuginfo-3.10.14-150400.4.45.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* python310-devel-3.10.14-150400.4.45.1
* libpython3_10-1_0-debuginfo-3.10.14-150400.4.45.1
* python310-debugsource-3.10.14-150400.4.45.1
* libpython3_10-1_0-3.10.14-150400.4.45.1
* python310-curses-3.10.14-150400.4.45.1
* python310-dbm-debuginfo-3.10.14-150400.4.45.1
* python310-idle-3.10.14-150400.4.45.1
* python310-3.10.14-150400.4.45.1
* python310-core-debugsource-3.10.14-150400.4.45.1
* python310-dbm-3.10.14-150400.4.45.1
* python310-tools-3.10.14-150400.4.45.1
* python310-base-3.10.14-150400.4.45.1
* python310-tk-3.10.14-150400.4.45.1
* python310-tk-debuginfo-3.10.14-150400.4.45.1
* python310-curses-debuginfo-3.10.14-150400.4.45.1
* python310-debuginfo-3.10.14-150400.4.45.1
* python310-base-debuginfo-3.10.14-150400.4.45.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64)
* python310-devel-3.10.14-150400.4.45.1
* libpython3_10-1_0-debuginfo-3.10.14-150400.4.45.1
* python310-debugsource-3.10.14-150400.4.45.1
* libpython3_10-1_0-3.10.14-150400.4.45.1
* python310-curses-3.10.14-150400.4.45.1
* python310-dbm-debuginfo-3.10.14-150400.4.45.1
* python310-idle-3.10.14-150400.4.45.1
* python310-3.10.14-150400.4.45.1
* python310-core-debugsource-3.10.14-150400.4.45.1
* python310-dbm-3.10.14-150400.4.45.1
* python310-tools-3.10.14-150400.4.45.1
* python310-base-3.10.14-150400.4.45.1
* python310-tk-3.10.14-150400.4.45.1
* python310-tk-debuginfo-3.10.14-150400.4.45.1
* python310-curses-debuginfo-3.10.14-150400.4.45.1
* python310-debuginfo-3.10.14-150400.4.45.1
* python310-base-debuginfo-3.10.14-150400.4.45.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x
x86_64)
* python310-devel-3.10.14-150400.4.45.1
* libpython3_10-1_0-debuginfo-3.10.14-150400.4.45.1
* python310-debugsource-3.10.14-150400.4.45.1
* libpython3_10-1_0-3.10.14-150400.4.45.1
* python310-curses-3.10.14-150400.4.45.1
* python310-dbm-debuginfo-3.10.14-150400.4.45.1
* python310-idle-3.10.14-150400.4.45.1
* python310-3.10.14-150400.4.45.1
* python310-core-debugsource-3.10.14-150400.4.45.1
* python310-dbm-3.10.14-150400.4.45.1
* python310-tools-3.10.14-150400.4.45.1
* python310-base-3.10.14-150400.4.45.1
* python310-tk-3.10.14-150400.4.45.1
* python310-tk-debuginfo-3.10.14-150400.4.45.1
* python310-curses-debuginfo-3.10.14-150400.4.45.1
* python310-debuginfo-3.10.14-150400.4.45.1
* python310-base-debuginfo-3.10.14-150400.4.45.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* python310-devel-3.10.14-150400.4.45.1
* libpython3_10-1_0-debuginfo-3.10.14-150400.4.45.1
* python310-debugsource-3.10.14-150400.4.45.1
* libpython3_10-1_0-3.10.14-150400.4.45.1
* python310-curses-3.10.14-150400.4.45.1
* python310-dbm-debuginfo-3.10.14-150400.4.45.1
* python310-idle-3.10.14-150400.4.45.1
* python310-3.10.14-150400.4.45.1
* python310-core-debugsource-3.10.14-150400.4.45.1
* python310-dbm-3.10.14-150400.4.45.1
* python310-tools-3.10.14-150400.4.45.1
* python310-base-3.10.14-150400.4.45.1
* python310-tk-3.10.14-150400.4.45.1
* python310-tk-debuginfo-3.10.14-150400.4.45.1
* python310-curses-debuginfo-3.10.14-150400.4.45.1
* python310-debuginfo-3.10.14-150400.4.45.1
* python310-base-debuginfo-3.10.14-150400.4.45.1

## References:

* https://www.suse.com/security/cve/CVE-2023-52425.html
* https://www.suse.com/security/cve/CVE-2023-6597.html
* https://www.suse.com/security/cve/CVE-2024-0450.html
* https://bugzilla.suse.com/show_bug.cgi?id=1189495
* https://bugzilla.suse.com/show_bug.cgi?id=1211301
* https://bugzilla.suse.com/show_bug.cgi?id=1219559
* https://bugzilla.suse.com/show_bug.cgi?id=1219666
* https://bugzilla.suse.com/show_bug.cgi?id=1221854



SUSE-SU-2024:1129-1: important: Security update for expat


# Security update for expat

Announcement ID: SUSE-SU-2024:1129-1
Rating: important
References:

* bsc#1219559
* bsc#1221289

Cross-References:

* CVE-2023-52425
* CVE-2024-28757

CVSS scores:

* CVE-2023-52425 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
* CVE-2023-52425 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-28757 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* Basesystem Module 15-SP5
* openSUSE Leap 15.4
* openSUSE Leap 15.5
* openSUSE Leap Micro 5.3
* openSUSE Leap Micro 5.4
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves two vulnerabilities can now be installed.

## Description:

This update for expat fixes the following issues:

* CVE-2023-52425: Fixed a DoS caused by processing large tokens. (bsc#1219559)
* CVE-2024-28757: Fixed an XML Entity Expansion. (bsc#1221289)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-1129=1

* openSUSE Leap Micro 5.3
zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1129=1

* openSUSE Leap Micro 5.4
zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1129=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1129=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-1129=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-1129=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-1129=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-1129=1

* SUSE Linux Enterprise Micro 5.5
zypper in -t patch SUSE-SLE-Micro-5.5-2024-1129=1

* Basesystem Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-1129=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1129=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1129=1

* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1129=1

* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1129=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1129=1

* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1129=1

* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2024-1129=1

* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1129=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* libexpat1-2.4.4-150400.3.17.1
* expat-2.4.4-150400.3.17.1
* libexpat1-debuginfo-2.4.4-150400.3.17.1
* expat-debugsource-2.4.4-150400.3.17.1
* expat-debuginfo-2.4.4-150400.3.17.1
* libexpat-devel-2.4.4-150400.3.17.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* libexpat1-64bit-debuginfo-2.4.4-150400.3.17.1
* libexpat-devel-64bit-2.4.4-150400.3.17.1
* libexpat1-64bit-2.4.4-150400.3.17.1
* expat-64bit-debuginfo-2.4.4-150400.3.17.1
* openSUSE Leap 15.4 (x86_64)
* libexpat1-32bit-2.4.4-150400.3.17.1
* expat-32bit-debuginfo-2.4.4-150400.3.17.1
* libexpat-devel-32bit-2.4.4-150400.3.17.1
* libexpat1-32bit-debuginfo-2.4.4-150400.3.17.1
* openSUSE Leap Micro 5.3 (aarch64 x86_64)
* expat-debuginfo-2.4.4-150400.3.17.1
* libexpat1-debuginfo-2.4.4-150400.3.17.1
* expat-debugsource-2.4.4-150400.3.17.1
* libexpat1-2.4.4-150400.3.17.1
* openSUSE Leap Micro 5.4 (aarch64 s390x x86_64)
* expat-debuginfo-2.4.4-150400.3.17.1
* libexpat1-debuginfo-2.4.4-150400.3.17.1
* expat-debugsource-2.4.4-150400.3.17.1
* libexpat1-2.4.4-150400.3.17.1
* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* libexpat1-2.4.4-150400.3.17.1
* expat-2.4.4-150400.3.17.1
* libexpat1-debuginfo-2.4.4-150400.3.17.1
* expat-debugsource-2.4.4-150400.3.17.1
* expat-debuginfo-2.4.4-150400.3.17.1
* libexpat-devel-2.4.4-150400.3.17.1
* openSUSE Leap 15.5 (x86_64)
* libexpat1-32bit-2.4.4-150400.3.17.1
* expat-32bit-debuginfo-2.4.4-150400.3.17.1
* libexpat-devel-32bit-2.4.4-150400.3.17.1
* libexpat1-32bit-debuginfo-2.4.4-150400.3.17.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* expat-debuginfo-2.4.4-150400.3.17.1
* libexpat1-debuginfo-2.4.4-150400.3.17.1
* expat-debugsource-2.4.4-150400.3.17.1
* libexpat1-2.4.4-150400.3.17.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* expat-debuginfo-2.4.4-150400.3.17.1
* libexpat1-debuginfo-2.4.4-150400.3.17.1
* expat-debugsource-2.4.4-150400.3.17.1
* libexpat1-2.4.4-150400.3.17.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* expat-debuginfo-2.4.4-150400.3.17.1
* libexpat1-debuginfo-2.4.4-150400.3.17.1
* expat-debugsource-2.4.4-150400.3.17.1
* libexpat1-2.4.4-150400.3.17.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* expat-debuginfo-2.4.4-150400.3.17.1
* libexpat1-debuginfo-2.4.4-150400.3.17.1
* expat-debugsource-2.4.4-150400.3.17.1
* libexpat1-2.4.4-150400.3.17.1
* SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64)
* expat-debuginfo-2.4.4-150400.3.17.1
* libexpat1-debuginfo-2.4.4-150400.3.17.1
* expat-debugsource-2.4.4-150400.3.17.1
* libexpat1-2.4.4-150400.3.17.1
* Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* libexpat1-2.4.4-150400.3.17.1
* expat-2.4.4-150400.3.17.1
* libexpat1-debuginfo-2.4.4-150400.3.17.1
* expat-debugsource-2.4.4-150400.3.17.1
* expat-debuginfo-2.4.4-150400.3.17.1
* libexpat-devel-2.4.4-150400.3.17.1
* Basesystem Module 15-SP5 (x86_64)
* expat-32bit-debuginfo-2.4.4-150400.3.17.1
* libexpat1-32bit-2.4.4-150400.3.17.1
* libexpat1-32bit-debuginfo-2.4.4-150400.3.17.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* libexpat1-2.4.4-150400.3.17.1
* expat-2.4.4-150400.3.17.1
* libexpat1-debuginfo-2.4.4-150400.3.17.1
* expat-debugsource-2.4.4-150400.3.17.1
* expat-debuginfo-2.4.4-150400.3.17.1
* libexpat-devel-2.4.4-150400.3.17.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
* expat-32bit-debuginfo-2.4.4-150400.3.17.1
* libexpat1-32bit-2.4.4-150400.3.17.1
* libexpat1-32bit-debuginfo-2.4.4-150400.3.17.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* libexpat1-2.4.4-150400.3.17.1
* expat-2.4.4-150400.3.17.1
* libexpat1-debuginfo-2.4.4-150400.3.17.1
* expat-debugsource-2.4.4-150400.3.17.1
* expat-debuginfo-2.4.4-150400.3.17.1
* libexpat-devel-2.4.4-150400.3.17.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
* expat-32bit-debuginfo-2.4.4-150400.3.17.1
* libexpat1-32bit-2.4.4-150400.3.17.1
* libexpat1-32bit-debuginfo-2.4.4-150400.3.17.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64)
* expat-32bit-debuginfo-2.4.4-150400.3.17.1
* libexpat1-32bit-2.4.4-150400.3.17.1
* libexpat1-2.4.4-150400.3.17.1
* expat-2.4.4-150400.3.17.1
* libexpat1-debuginfo-2.4.4-150400.3.17.1
* expat-debugsource-2.4.4-150400.3.17.1
* expat-debuginfo-2.4.4-150400.3.17.1
* libexpat1-32bit-debuginfo-2.4.4-150400.3.17.1
* libexpat-devel-2.4.4-150400.3.17.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x
x86_64)
* libexpat1-2.4.4-150400.3.17.1
* expat-2.4.4-150400.3.17.1
* libexpat1-debuginfo-2.4.4-150400.3.17.1
* expat-debugsource-2.4.4-150400.3.17.1
* expat-debuginfo-2.4.4-150400.3.17.1
* libexpat-devel-2.4.4-150400.3.17.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64)
* expat-32bit-debuginfo-2.4.4-150400.3.17.1
* libexpat1-32bit-2.4.4-150400.3.17.1
* libexpat1-32bit-debuginfo-2.4.4-150400.3.17.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* libexpat1-2.4.4-150400.3.17.1
* expat-2.4.4-150400.3.17.1
* libexpat1-debuginfo-2.4.4-150400.3.17.1
* expat-debugsource-2.4.4-150400.3.17.1
* expat-debuginfo-2.4.4-150400.3.17.1
* libexpat-devel-2.4.4-150400.3.17.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
* expat-32bit-debuginfo-2.4.4-150400.3.17.1
* libexpat1-32bit-2.4.4-150400.3.17.1
* libexpat1-32bit-debuginfo-2.4.4-150400.3.17.1
* SUSE Manager Proxy 4.3 (x86_64)
* expat-32bit-debuginfo-2.4.4-150400.3.17.1
* libexpat1-32bit-2.4.4-150400.3.17.1
* libexpat1-2.4.4-150400.3.17.1
* expat-2.4.4-150400.3.17.1
* libexpat1-debuginfo-2.4.4-150400.3.17.1
* expat-debugsource-2.4.4-150400.3.17.1
* expat-debuginfo-2.4.4-150400.3.17.1
* libexpat1-32bit-debuginfo-2.4.4-150400.3.17.1
* libexpat-devel-2.4.4-150400.3.17.1
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* expat-32bit-debuginfo-2.4.4-150400.3.17.1
* libexpat1-32bit-2.4.4-150400.3.17.1
* libexpat1-2.4.4-150400.3.17.1
* expat-2.4.4-150400.3.17.1
* libexpat1-debuginfo-2.4.4-150400.3.17.1
* expat-debugsource-2.4.4-150400.3.17.1
* expat-debuginfo-2.4.4-150400.3.17.1
* libexpat1-32bit-debuginfo-2.4.4-150400.3.17.1
* libexpat-devel-2.4.4-150400.3.17.1
* SUSE Manager Server 4.3 (ppc64le s390x x86_64)
* libexpat1-2.4.4-150400.3.17.1
* expat-2.4.4-150400.3.17.1
* libexpat1-debuginfo-2.4.4-150400.3.17.1
* expat-debugsource-2.4.4-150400.3.17.1
* expat-debuginfo-2.4.4-150400.3.17.1
* libexpat-devel-2.4.4-150400.3.17.1
* SUSE Manager Server 4.3 (x86_64)
* expat-32bit-debuginfo-2.4.4-150400.3.17.1
* libexpat1-32bit-2.4.4-150400.3.17.1
* libexpat1-32bit-debuginfo-2.4.4-150400.3.17.1

## References:

* https://www.suse.com/security/cve/CVE-2023-52425.html
* https://www.suse.com/security/cve/CVE-2024-28757.html
* https://bugzilla.suse.com/show_bug.cgi?id=1219559
* https://bugzilla.suse.com/show_bug.cgi?id=1221289



SUSE-SU-2024:1122-1: important: Security update for go1.21


# Security update for go1.21

Announcement ID: SUSE-SU-2024:1122-1
Rating: important
References:

* bsc#1212475
* bsc#1221400

Cross-References:

* CVE-2023-45288

CVSS scores:

* CVE-2023-45288 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* Development Tools Module 15-SP5
* openSUSE Leap 15.5
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for go1.21 fixes the following issues:

* CVE-2023-45288: Fixed denial of service via HTTP/2 continuation frames
(bsc#1221400)

Other changes:
\- go minor release upgrade to 1.21.9 (bsc#1212475)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1122=1

* Development Tools Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-1122=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1122=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1122=1

* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1122=1

* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1122=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1122=1

## Package List:

* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* go1.21-1.21.9-150000.1.30.1
* go1.21-race-1.21.9-150000.1.30.1
* go1.21-doc-1.21.9-150000.1.30.1
* Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* go1.21-1.21.9-150000.1.30.1
* go1.21-race-1.21.9-150000.1.30.1
* go1.21-doc-1.21.9-150000.1.30.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* go1.21-1.21.9-150000.1.30.1
* go1.21-race-1.21.9-150000.1.30.1
* go1.21-doc-1.21.9-150000.1.30.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* go1.21-1.21.9-150000.1.30.1
* go1.21-race-1.21.9-150000.1.30.1
* go1.21-doc-1.21.9-150000.1.30.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64)
* go1.21-1.21.9-150000.1.30.1
* go1.21-race-1.21.9-150000.1.30.1
* go1.21-doc-1.21.9-150000.1.30.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x
x86_64)
* go1.21-1.21.9-150000.1.30.1
* go1.21-doc-1.21.9-150000.1.30.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 x86_64)
* go1.21-race-1.21.9-150000.1.30.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* go1.21-1.21.9-150000.1.30.1
* go1.21-doc-1.21.9-150000.1.30.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
* go1.21-race-1.21.9-150000.1.30.1

## References:

* https://www.suse.com/security/cve/CVE-2023-45288.html
* https://bugzilla.suse.com/show_bug.cgi?id=1212475
* https://bugzilla.suse.com/show_bug.cgi?id=1221400



SUSE-SU-2024:1121-1: important: Security update for go1.22


# Security update for go1.22

Announcement ID: SUSE-SU-2024:1121-1
Rating: important
References:

* bsc#1218424
* bsc#1221400

Cross-References:

* CVE-2023-45288

CVSS scores:

* CVE-2023-45288 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* Development Tools Module 15-SP5
* openSUSE Leap 15.5
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP5

An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for go1.22 fixes the following issues:

* CVE-2023-45288: Fixed denial of service via HTTP/2 continuation frames
(bsc#1221400)

Other changes:
\- go minor release upgrade to 1.22.2 (bsc#1218424)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1121=1

* Development Tools Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-1121=1

## Package List:

* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* go1.22-doc-1.22.2-150000.1.12.1
* go1.22-1.22.2-150000.1.12.1
* go1.22-race-1.22.2-150000.1.12.1
* Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* go1.22-doc-1.22.2-150000.1.12.1
* go1.22-1.22.2-150000.1.12.1
* go1.22-race-1.22.2-150000.1.12.1

## References:

* https://www.suse.com/security/cve/CVE-2023-45288.html
* https://bugzilla.suse.com/show_bug.cgi?id=1218424
* https://bugzilla.suse.com/show_bug.cgi?id=1221400