SUSE 5181 Published by

A bcm20702a1-firmware security update has been released for openSUSE Leap 15.0 and 15.1 to avoid person-in-the-middle attacks



openSUSE Security Update: Recommended update for bcm20702a1-firmware ______________________________________________________________________________

Announcement ID: openSUSE-SU-2019:2477-1
Rating: moderate
References: #1087996 #1154083
Affected Products:
openSUSE Leap 15.1
openSUSE Leap 15.0
______________________________________________________________________________

An update that contains security fixes can now be installed.
Description:

This update for bcm20702a1-firmware fixes the following issues:
Changes in bcm20702a1-firmware:

- Use https to fetch the archive to avoid person-in-the-middle attacks (boo#1154083)
- Fetch & install another variant firmware (0a5c:21e8) (boo#1087996)

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:
- openSUSE Leap 15.1:

zypper in -t patch openSUSE-2019-2477=1

- openSUSE Leap 15.0:

zypper in -t patch openSUSE-2019-2477=1


Package List:

- openSUSE Leap 15.1 (noarch):

bcm20702a1-firmware-1201650-lp151.3.3.1

- openSUSE Leap 15.0 (noarch):

bcm20702a1-firmware-1201650-lp150.2.3.1

References:

https://bugzilla.suse.com/1087996
https://bugzilla.suse.com/1154083