SUSE 5162 Published by

The following updates are available for openSUSE Leap and SUSE Linux Enterprise:

SUSE-SU-2024:1938-1: moderate: Security update for python-docker
SUSE-SU-2024:1968-1: moderate: Security update for python-Brotli
SUSE-SU-2024:1970-1: moderate: Security update for go1.22
SUSE-SU-2024:1939-1: moderate: Security update for python-idna
SUSE-SU-2024:0613-2: important: Security update for libxml2
SUSE-SU-2024:1971-1: important: Security update for frr
SUSE-SU-2024:1966-1: moderate: Security update for aws-nitro-enclaves-cli
SUSE-SU-2024:1961-1: moderate: Security update for squid
SUSE-SU-2024:1963-1: important: Security update for apache2
SUSE-SU-2024:1962-1: moderate: Security update for libvirt
SUSE-SU-2024:1947-1: moderate: Security update for openssl-3
SUSE-SU-2024:1950-1: moderate: Security update for glib2
SUSE-SU-2024:1949-1: moderate: Security update for openssl-1_1
SUSE-SU-2024:1937-1: moderate: Security update for python-docker
SUSE-SU-2024:1925-1: important: Security update for python-PyMySQL
openSUSE-SU-2024:0157-1: important: Security update for nano




SUSE-SU-2024:1938-1: moderate: Security update for python-docker


# Security update for python-docker

Announcement ID: SUSE-SU-2024:1938-1
Rating: moderate
References:

* bsc#1224788

Cross-References:

* CVE-2024-35195

CVSS scores:

* CVE-2024-35195 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N

Affected Products:

* openSUSE Leap 15.5
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Micro 5.5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Package Hub 15 15-SP5
* SUSE Package Hub 15 15-SP6

An update that solves one vulnerability can now be installed.

## Description:

This update for python-docker fixes the following issues:

* CVE-2024-35195: Fix failure with updated python-requests. (bsc#1224788)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1938=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-1938=1

* SUSE Package Hub 15 15-SP5
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-1938=1

* SUSE Package Hub 15 15-SP6
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-1938=1

## Package List:

* openSUSE Leap 15.5 (noarch)
* python3-docker-4.2.0-150200.3.5.1
* openSUSE Leap 15.6 (noarch)
* python3-docker-4.2.0-150200.3.5.1
* SUSE Package Hub 15 15-SP5 (noarch)
* python3-docker-4.2.0-150200.3.5.1
* SUSE Package Hub 15 15-SP6 (noarch)
* python3-docker-4.2.0-150200.3.5.1

## References:

* https://www.suse.com/security/cve/CVE-2024-35195.html
* https://bugzilla.suse.com/show_bug.cgi?id=1224788



SUSE-SU-2024:1968-1: moderate: Security update for python-Brotli


# Security update for python-Brotli

Announcement ID: SUSE-SU-2024:1968-1
Rating: moderate
References:

* bsc#1175825

Cross-References:

* CVE-2020-8927

CVSS scores:

* CVE-2020-8927 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
* CVE-2020-8927 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

Affected Products:

* openSUSE Leap 15.5
* Python 3 Module 15-SP6
* Server Applications Module 15-SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves one vulnerability can now be installed.

## Description:

This update for python-Brotli fixes the following issues:

* CVE-2020-8927: Fixed integer overflow when input chunk is larger than 2GiB.
(bsc#1175825)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1968=1

* Python 3 Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2024-1968=1

* Server Applications Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-1968=1

## Package List:

* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* python-Brotli-debugsource-1.0.7-150200.3.3.1
* python3-Brotli-1.0.7-150200.3.3.1
* python3-Brotli-debuginfo-1.0.7-150200.3.3.1
* python-Brotli-debuginfo-1.0.7-150200.3.3.1
* Python 3 Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* python-Brotli-debugsource-1.0.7-150200.3.3.1
* python3-Brotli-1.0.7-150200.3.3.1
* python3-Brotli-debuginfo-1.0.7-150200.3.3.1
* python-Brotli-debuginfo-1.0.7-150200.3.3.1
* Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* python-Brotli-debugsource-1.0.7-150200.3.3.1
* python3-Brotli-1.0.7-150200.3.3.1
* python3-Brotli-debuginfo-1.0.7-150200.3.3.1
* python-Brotli-debuginfo-1.0.7-150200.3.3.1

## References:

* https://www.suse.com/security/cve/CVE-2020-8927.html
* https://bugzilla.suse.com/show_bug.cgi?id=1175825



SUSE-SU-2024:1970-1: moderate: Security update for go1.22


# Security update for go1.22

Announcement ID: SUSE-SU-2024:1970-1
Rating: moderate
References:

* bsc#1218424
* bsc#1225973
* bsc#1225974

Cross-References:

* CVE-2024-24789
* CVE-2024-24790

CVSS scores:

* CVE-2024-24789 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
* CVE-2024-24790 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L

Affected Products:

* Development Tools Module 15-SP5
* Development Tools Module 15-SP6
* openSUSE Leap 15.5
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves two vulnerabilities and has one security fix can now be
installed.

## Description:

This update for go1.22 fixes the following issues:

go1.21.11 release (bsc#1212475).

* CVE-2024-24789: Fixed mishandling of corrupt central directory record in
archive/zip (bsc#1225973).
* CVE-2024-24790: Fixed unexpected behavior from Is methods for IPv4-mapped
IPv6 addresses (bsc#1225974).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1970=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-1970=1

* Development Tools Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP5-2024-1970=1

* Development Tools Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Development-Tools-15-SP6-2024-1970=1

## Package List:

* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64)
* go1.22-1.22.4-150000.1.18.1
* go1.22-doc-1.22.4-150000.1.18.1
* go1.22-race-1.22.4-150000.1.18.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* go1.22-1.22.4-150000.1.18.1
* go1.22-doc-1.22.4-150000.1.18.1
* go1.22-race-1.22.4-150000.1.18.1
* Development Tools Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* go1.22-1.22.4-150000.1.18.1
* go1.22-doc-1.22.4-150000.1.18.1
* go1.22-race-1.22.4-150000.1.18.1
* Development Tools Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* go1.22-1.22.4-150000.1.18.1
* go1.22-doc-1.22.4-150000.1.18.1
* go1.22-race-1.22.4-150000.1.18.1

## References:

* https://www.suse.com/security/cve/CVE-2024-24789.html
* https://www.suse.com/security/cve/CVE-2024-24790.html
* https://bugzilla.suse.com/show_bug.cgi?id=1218424
* https://bugzilla.suse.com/show_bug.cgi?id=1225973
* https://bugzilla.suse.com/show_bug.cgi?id=1225974



SUSE-SU-2024:1939-1: moderate: Security update for python-idna


# Security update for python-idna

Announcement ID: SUSE-SU-2024:1939-1
Rating: moderate
References:

* bsc#1222842

Cross-References:

* CVE-2024-3651

CVSS scores:

* CVE-2024-3651 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.4
* openSUSE Leap 15.5
* openSUSE Leap 15.6
* Public Cloud Module 15-SP4
* Python 3 Module 15-SP5
* Python 3 Module 15-SP6
* SUSE Linux Enterprise Desktop 15 SP5
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves one vulnerability can now be installed.

## Description:

This update for python-idna fixes the following issues:

* CVE-2024-3651: Fixed a denial of service via resource consumption through
specially crafted inputs to idna.encode() (bsc#1222842)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-1939=1

* openSUSE Leap 15.5
zypper in -t patch openSUSE-SLE-15.5-2024-1939=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-1939=1

* Public Cloud Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-1939=1

* Python 3 Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Python3-15-SP5-2024-1939=1

* Python 3 Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Python3-15-SP6-2024-1939=1

## Package List:

* openSUSE Leap 15.4 (noarch)
* python311-idna-3.4-150400.11.10.1
* openSUSE Leap 15.5 (noarch)
* python311-idna-3.4-150400.11.10.1
* openSUSE Leap 15.6 (noarch)
* python311-idna-3.4-150400.11.10.1
* Public Cloud Module 15-SP4 (noarch)
* python311-idna-3.4-150400.11.10.1
* Python 3 Module 15-SP5 (noarch)
* python311-idna-3.4-150400.11.10.1
* Python 3 Module 15-SP6 (noarch)
* python311-idna-3.4-150400.11.10.1

## References:

* https://www.suse.com/security/cve/CVE-2024-3651.html
* https://bugzilla.suse.com/show_bug.cgi?id=1222842



SUSE-SU-2024:0613-2: important: Security update for libxml2


# Security update for libxml2

Announcement ID: SUSE-SU-2024:0613-2
Rating: important
References:

* bsc#1219576

Cross-References:

* CVE-2024-25062

CVSS scores:

* CVE-2024-25062 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-25062 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.4
* openSUSE Leap Micro 5.3
* openSUSE Leap Micro 5.4
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves one vulnerability can now be installed.

## Description:

This update for libxml2 fixes the following issues:

* CVE-2024-25062: Fixed use-after-free in XMLReader (bsc#1219576).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-613=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-613=1

* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-613=1

* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-613=1

* openSUSE Leap Micro 5.3
zypper in -t patch openSUSE-Leap-Micro-5.3-2024-613=1

* openSUSE Leap Micro 5.4
zypper in -t patch openSUSE-Leap-Micro-5.4-2024-613=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-613=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-613=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-613=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-613=1

* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-613=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-613=1

* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-613=1

* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2024-613=1

* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-613=1

## Package List:

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* python3-libxml2-debuginfo-2.9.14-150400.5.28.1
* python311-libxml2-debuginfo-2.9.14-150400.5.28.1
* libxml2-2-debuginfo-2.9.14-150400.5.28.1
* python3-libxml2-2.9.14-150400.5.28.1
* libxml2-2-2.9.14-150400.5.28.1
* libxml2-tools-debuginfo-2.9.14-150400.5.28.1
* libxml2-debugsource-2.9.14-150400.5.28.1
* libxml2-devel-2.9.14-150400.5.28.1
* python311-libxml2-2.9.14-150400.5.28.1
* libxml2-tools-2.9.14-150400.5.28.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
* libxml2-2-32bit-debuginfo-2.9.14-150400.5.28.1
* libxml2-2-32bit-2.9.14-150400.5.28.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* python3-libxml2-debuginfo-2.9.14-150400.5.28.1
* python311-libxml2-debuginfo-2.9.14-150400.5.28.1
* libxml2-2-debuginfo-2.9.14-150400.5.28.1
* python3-libxml2-2.9.14-150400.5.28.1
* libxml2-2-2.9.14-150400.5.28.1
* libxml2-tools-debuginfo-2.9.14-150400.5.28.1
* libxml2-debugsource-2.9.14-150400.5.28.1
* libxml2-devel-2.9.14-150400.5.28.1
* python311-libxml2-2.9.14-150400.5.28.1
* libxml2-tools-2.9.14-150400.5.28.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
* libxml2-2-32bit-debuginfo-2.9.14-150400.5.28.1
* libxml2-2-32bit-2.9.14-150400.5.28.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64)
* python3-libxml2-debuginfo-2.9.14-150400.5.28.1
* python311-libxml2-debuginfo-2.9.14-150400.5.28.1
* libxml2-2-32bit-2.9.14-150400.5.28.1
* libxml2-2-debuginfo-2.9.14-150400.5.28.1
* libxml2-2-32bit-debuginfo-2.9.14-150400.5.28.1
* python3-libxml2-2.9.14-150400.5.28.1
* libxml2-2-2.9.14-150400.5.28.1
* libxml2-tools-debuginfo-2.9.14-150400.5.28.1
* libxml2-debugsource-2.9.14-150400.5.28.1
* libxml2-devel-2.9.14-150400.5.28.1
* python311-libxml2-2.9.14-150400.5.28.1
* libxml2-tools-2.9.14-150400.5.28.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* python3-libxml2-debuginfo-2.9.14-150400.5.28.1
* python311-libxml2-debuginfo-2.9.14-150400.5.28.1
* libxml2-python-debugsource-2.9.14-150400.5.28.1
* libxml2-2-debuginfo-2.9.14-150400.5.28.1
* python3-libxml2-2.9.14-150400.5.28.1
* libxml2-2-2.9.14-150400.5.28.1
* libxml2-tools-debuginfo-2.9.14-150400.5.28.1
* libxml2-debugsource-2.9.14-150400.5.28.1
* libxml2-devel-2.9.14-150400.5.28.1
* python311-libxml2-2.9.14-150400.5.28.1
* libxml2-tools-2.9.14-150400.5.28.1
* openSUSE Leap 15.4 (x86_64)
* libxml2-2-32bit-debuginfo-2.9.14-150400.5.28.1
* libxml2-devel-32bit-2.9.14-150400.5.28.1
* libxml2-2-32bit-2.9.14-150400.5.28.1
* openSUSE Leap 15.4 (noarch)
* libxml2-doc-2.9.14-150400.5.28.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* libxml2-devel-64bit-2.9.14-150400.5.28.1
* libxml2-2-64bit-debuginfo-2.9.14-150400.5.28.1
* libxml2-2-64bit-2.9.14-150400.5.28.1
* openSUSE Leap Micro 5.3 (aarch64 x86_64)
* python3-libxml2-debuginfo-2.9.14-150400.5.28.1
* libxml2-python-debugsource-2.9.14-150400.5.28.1
* libxml2-2-debuginfo-2.9.14-150400.5.28.1
* python3-libxml2-2.9.14-150400.5.28.1
* libxml2-2-2.9.14-150400.5.28.1
* libxml2-tools-debuginfo-2.9.14-150400.5.28.1
* libxml2-debugsource-2.9.14-150400.5.28.1
* libxml2-tools-2.9.14-150400.5.28.1
* openSUSE Leap Micro 5.4 (aarch64 s390x x86_64)
* python3-libxml2-debuginfo-2.9.14-150400.5.28.1
* libxml2-python-debugsource-2.9.14-150400.5.28.1
* libxml2-2-debuginfo-2.9.14-150400.5.28.1
* python3-libxml2-2.9.14-150400.5.28.1
* libxml2-2-2.9.14-150400.5.28.1
* libxml2-tools-debuginfo-2.9.14-150400.5.28.1
* libxml2-debugsource-2.9.14-150400.5.28.1
* libxml2-tools-2.9.14-150400.5.28.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* python3-libxml2-debuginfo-2.9.14-150400.5.28.1
* libxml2-python-debugsource-2.9.14-150400.5.28.1
* libxml2-2-debuginfo-2.9.14-150400.5.28.1
* python3-libxml2-2.9.14-150400.5.28.1
* libxml2-2-2.9.14-150400.5.28.1
* libxml2-tools-debuginfo-2.9.14-150400.5.28.1
* libxml2-debugsource-2.9.14-150400.5.28.1
* libxml2-tools-2.9.14-150400.5.28.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* python3-libxml2-debuginfo-2.9.14-150400.5.28.1
* libxml2-python-debugsource-2.9.14-150400.5.28.1
* libxml2-2-debuginfo-2.9.14-150400.5.28.1
* python3-libxml2-2.9.14-150400.5.28.1
* libxml2-2-2.9.14-150400.5.28.1
* libxml2-tools-debuginfo-2.9.14-150400.5.28.1
* libxml2-debugsource-2.9.14-150400.5.28.1
* libxml2-tools-2.9.14-150400.5.28.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* python3-libxml2-debuginfo-2.9.14-150400.5.28.1
* libxml2-python-debugsource-2.9.14-150400.5.28.1
* libxml2-2-debuginfo-2.9.14-150400.5.28.1
* python3-libxml2-2.9.14-150400.5.28.1
* libxml2-2-2.9.14-150400.5.28.1
* libxml2-tools-debuginfo-2.9.14-150400.5.28.1
* libxml2-debugsource-2.9.14-150400.5.28.1
* libxml2-tools-2.9.14-150400.5.28.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* python3-libxml2-debuginfo-2.9.14-150400.5.28.1
* libxml2-python-debugsource-2.9.14-150400.5.28.1
* libxml2-2-debuginfo-2.9.14-150400.5.28.1
* python3-libxml2-2.9.14-150400.5.28.1
* libxml2-2-2.9.14-150400.5.28.1
* libxml2-tools-debuginfo-2.9.14-150400.5.28.1
* libxml2-debugsource-2.9.14-150400.5.28.1
* libxml2-tools-2.9.14-150400.5.28.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x
x86_64)
* python3-libxml2-debuginfo-2.9.14-150400.5.28.1
* python311-libxml2-debuginfo-2.9.14-150400.5.28.1
* libxml2-2-debuginfo-2.9.14-150400.5.28.1
* python3-libxml2-2.9.14-150400.5.28.1
* libxml2-2-2.9.14-150400.5.28.1
* libxml2-tools-debuginfo-2.9.14-150400.5.28.1
* libxml2-debugsource-2.9.14-150400.5.28.1
* libxml2-devel-2.9.14-150400.5.28.1
* python311-libxml2-2.9.14-150400.5.28.1
* libxml2-tools-2.9.14-150400.5.28.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64)
* libxml2-2-32bit-debuginfo-2.9.14-150400.5.28.1
* libxml2-2-32bit-2.9.14-150400.5.28.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* python3-libxml2-debuginfo-2.9.14-150400.5.28.1
* python311-libxml2-debuginfo-2.9.14-150400.5.28.1
* libxml2-2-debuginfo-2.9.14-150400.5.28.1
* python3-libxml2-2.9.14-150400.5.28.1
* libxml2-2-2.9.14-150400.5.28.1
* libxml2-tools-debuginfo-2.9.14-150400.5.28.1
* libxml2-debugsource-2.9.14-150400.5.28.1
* libxml2-devel-2.9.14-150400.5.28.1
* python311-libxml2-2.9.14-150400.5.28.1
* libxml2-tools-2.9.14-150400.5.28.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
* libxml2-2-32bit-debuginfo-2.9.14-150400.5.28.1
* libxml2-2-32bit-2.9.14-150400.5.28.1
* SUSE Manager Proxy 4.3 (x86_64)
* python3-libxml2-debuginfo-2.9.14-150400.5.28.1
* libxml2-2-32bit-2.9.14-150400.5.28.1
* libxml2-2-debuginfo-2.9.14-150400.5.28.1
* libxml2-2-32bit-debuginfo-2.9.14-150400.5.28.1
* python3-libxml2-2.9.14-150400.5.28.1
* libxml2-2-2.9.14-150400.5.28.1
* libxml2-tools-debuginfo-2.9.14-150400.5.28.1
* libxml2-debugsource-2.9.14-150400.5.28.1
* libxml2-devel-2.9.14-150400.5.28.1
* libxml2-tools-2.9.14-150400.5.28.1
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* python3-libxml2-debuginfo-2.9.14-150400.5.28.1
* libxml2-2-32bit-2.9.14-150400.5.28.1
* libxml2-2-debuginfo-2.9.14-150400.5.28.1
* libxml2-2-32bit-debuginfo-2.9.14-150400.5.28.1
* python3-libxml2-2.9.14-150400.5.28.1
* libxml2-2-2.9.14-150400.5.28.1
* libxml2-tools-debuginfo-2.9.14-150400.5.28.1
* libxml2-debugsource-2.9.14-150400.5.28.1
* libxml2-devel-2.9.14-150400.5.28.1
* libxml2-tools-2.9.14-150400.5.28.1
* SUSE Manager Server 4.3 (ppc64le s390x x86_64)
* python3-libxml2-debuginfo-2.9.14-150400.5.28.1
* libxml2-2-debuginfo-2.9.14-150400.5.28.1
* python3-libxml2-2.9.14-150400.5.28.1
* libxml2-2-2.9.14-150400.5.28.1
* libxml2-tools-debuginfo-2.9.14-150400.5.28.1
* libxml2-debugsource-2.9.14-150400.5.28.1
* libxml2-devel-2.9.14-150400.5.28.1
* libxml2-tools-2.9.14-150400.5.28.1
* SUSE Manager Server 4.3 (x86_64)
* libxml2-2-32bit-debuginfo-2.9.14-150400.5.28.1
* libxml2-2-32bit-2.9.14-150400.5.28.1

## References:

* https://www.suse.com/security/cve/CVE-2024-25062.html
* https://bugzilla.suse.com/show_bug.cgi?id=1219576



SUSE-SU-2024:1971-1: important: Security update for frr


# Security update for frr

Announcement ID: SUSE-SU-2024:1971-1
Rating: important
References:

* bsc#1222526
* bsc#1222528
* bsc#1223786

Cross-References:

* CVE-2024-31950
* CVE-2024-31951
* CVE-2024-34088

CVSS scores:

* CVE-2024-31950 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-31951 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
* CVE-2024-34088 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.5
* openSUSE Leap 15.6
* Server Applications Module 15-SP5
* Server Applications Module 15-SP6
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Real Time 15 SP5
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves three vulnerabilities can now be installed.

## Description:

This update for frr fixes the following issues:

* CVE-2024-34088: Fixed null pointer via get_edge() function can trigger a
denial of service (bsc#1223786).
* CVE-2024-31951: Fixed buffer overflow in ospf_te_parse_ext_link
(bsc#1222528).
* CVE-2024-31950: Fixed buffer overflow and daemon crash in ospf_te_parse_ri
(bsc#1222526).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.5
zypper in -t patch SUSE-2024-1971=1 openSUSE-SLE-15.5-2024-1971=1

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-1971=1

* Server Applications Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP5-2024-1971=1

* Server Applications Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-1971=1

## Package List:

* openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586)
* libfrr0-8.4-150500.4.23.1
* libfrrcares0-debuginfo-8.4-150500.4.23.1
* libfrrospfapiclient0-debuginfo-8.4-150500.4.23.1
* frr-debugsource-8.4-150500.4.23.1
* libfrr_pb0-8.4-150500.4.23.1
* libfrrzmq0-8.4-150500.4.23.1
* libfrrzmq0-debuginfo-8.4-150500.4.23.1
* libfrrcares0-8.4-150500.4.23.1
* libfrrfpm_pb0-8.4-150500.4.23.1
* libfrrospfapiclient0-8.4-150500.4.23.1
* libfrr_pb0-debuginfo-8.4-150500.4.23.1
* libfrrsnmp0-8.4-150500.4.23.1
* frr-8.4-150500.4.23.1
* libfrr0-debuginfo-8.4-150500.4.23.1
* libfrrfpm_pb0-debuginfo-8.4-150500.4.23.1
* libmlag_pb0-8.4-150500.4.23.1
* libfrrsnmp0-debuginfo-8.4-150500.4.23.1
* frr-debuginfo-8.4-150500.4.23.1
* frr-devel-8.4-150500.4.23.1
* libmlag_pb0-debuginfo-8.4-150500.4.23.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64)
* libfrr0-8.4-150500.4.23.1
* libfrrcares0-debuginfo-8.4-150500.4.23.1
* libfrrospfapiclient0-debuginfo-8.4-150500.4.23.1
* frr-debugsource-8.4-150500.4.23.1
* libfrr_pb0-8.4-150500.4.23.1
* libfrrzmq0-8.4-150500.4.23.1
* libfrrzmq0-debuginfo-8.4-150500.4.23.1
* libfrrcares0-8.4-150500.4.23.1
* libfrrfpm_pb0-8.4-150500.4.23.1
* libfrrospfapiclient0-8.4-150500.4.23.1
* libfrr_pb0-debuginfo-8.4-150500.4.23.1
* libfrrsnmp0-8.4-150500.4.23.1
* frr-8.4-150500.4.23.1
* libfrr0-debuginfo-8.4-150500.4.23.1
* libfrrfpm_pb0-debuginfo-8.4-150500.4.23.1
* libmlag_pb0-8.4-150500.4.23.1
* libfrrsnmp0-debuginfo-8.4-150500.4.23.1
* frr-debuginfo-8.4-150500.4.23.1
* frr-devel-8.4-150500.4.23.1
* libmlag_pb0-debuginfo-8.4-150500.4.23.1
* Server Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64)
* libfrr0-8.4-150500.4.23.1
* libfrrcares0-debuginfo-8.4-150500.4.23.1
* libfrrospfapiclient0-debuginfo-8.4-150500.4.23.1
* frr-debugsource-8.4-150500.4.23.1
* libfrr_pb0-8.4-150500.4.23.1
* libfrrzmq0-8.4-150500.4.23.1
* libfrrzmq0-debuginfo-8.4-150500.4.23.1
* libfrrcares0-8.4-150500.4.23.1
* libfrrfpm_pb0-8.4-150500.4.23.1
* libfrrospfapiclient0-8.4-150500.4.23.1
* libfrr_pb0-debuginfo-8.4-150500.4.23.1
* libfrrsnmp0-8.4-150500.4.23.1
* frr-8.4-150500.4.23.1
* libfrr0-debuginfo-8.4-150500.4.23.1
* libfrrfpm_pb0-debuginfo-8.4-150500.4.23.1
* libmlag_pb0-8.4-150500.4.23.1
* libfrrsnmp0-debuginfo-8.4-150500.4.23.1
* frr-debuginfo-8.4-150500.4.23.1
* frr-devel-8.4-150500.4.23.1
* libmlag_pb0-debuginfo-8.4-150500.4.23.1
* Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* libfrr0-8.4-150500.4.23.1
* libfrrcares0-debuginfo-8.4-150500.4.23.1
* libfrrospfapiclient0-debuginfo-8.4-150500.4.23.1
* frr-debugsource-8.4-150500.4.23.1
* libfrr_pb0-8.4-150500.4.23.1
* libfrrzmq0-8.4-150500.4.23.1
* libfrrzmq0-debuginfo-8.4-150500.4.23.1
* libfrrcares0-8.4-150500.4.23.1
* libfrrfpm_pb0-8.4-150500.4.23.1
* libfrrospfapiclient0-8.4-150500.4.23.1
* libfrr_pb0-debuginfo-8.4-150500.4.23.1
* libfrrsnmp0-8.4-150500.4.23.1
* frr-8.4-150500.4.23.1
* libfrr0-debuginfo-8.4-150500.4.23.1
* libfrrfpm_pb0-debuginfo-8.4-150500.4.23.1
* libmlag_pb0-8.4-150500.4.23.1
* libfrrsnmp0-debuginfo-8.4-150500.4.23.1
* frr-debuginfo-8.4-150500.4.23.1
* frr-devel-8.4-150500.4.23.1
* libmlag_pb0-debuginfo-8.4-150500.4.23.1

## References:

* https://www.suse.com/security/cve/CVE-2024-31950.html
* https://www.suse.com/security/cve/CVE-2024-31951.html
* https://www.suse.com/security/cve/CVE-2024-34088.html
* https://bugzilla.suse.com/show_bug.cgi?id=1222526
* https://bugzilla.suse.com/show_bug.cgi?id=1222528
* https://bugzilla.suse.com/show_bug.cgi?id=1223786



SUSE-SU-2024:1966-1: moderate: Security update for aws-nitro-enclaves-cli


# Security update for aws-nitro-enclaves-cli

Announcement ID: SUSE-SU-2024:1966-1
Rating: moderate
References:

* bsc#1218501

Cross-References:

* CVE-2023-50711

CVSS scores:

* CVE-2023-50711 ( SUSE ): 5.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L
* CVE-2023-50711 ( NVD ): 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Leap 15.6
* Public Cloud Module 15-SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves one vulnerability can now be installed.

## Description:

This update for aws-nitro-enclaves-cli fixes the following issues:

* CVE-2023-50711: Fixed out of bounds memory accesses in embedded vmm-sys-util
(bsc#1218501).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* Public Cloud Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP6-2024-1966=1

* openSUSE Leap 15.6
zypper in -t patch SUSE-2024-1966=1 openSUSE-SLE-15.6-2024-1966=1

## Package List:

* Public Cloud Module 15-SP6 (aarch64 x86_64)
* aws-nitro-enclaves-cli-debugsource-1.3.0~git1.db34c02-150600.10.3.1
* aws-nitro-enclaves-binaryblobs-upstream-debuginfo-1.3.0~git1.db34c02-150600.10.3.1
* aws-nitro-enclaves-cli-debuginfo-1.3.0~git1.db34c02-150600.10.3.1
* system-group-ne-1.3.0~git1.db34c02-150600.10.3.1
* aws-nitro-enclaves-cli-1.3.0~git1.db34c02-150600.10.3.1
* aws-nitro-enclaves-binaryblobs-upstream-1.3.0~git1.db34c02-150600.10.3.1
* openSUSE Leap 15.6 (aarch64 x86_64)
* aws-nitro-enclaves-cli-debugsource-1.3.0~git1.db34c02-150600.10.3.1
* aws-nitro-enclaves-binaryblobs-upstream-debuginfo-1.3.0~git1.db34c02-150600.10.3.1
* aws-nitro-enclaves-cli-debuginfo-1.3.0~git1.db34c02-150600.10.3.1
* system-group-ne-1.3.0~git1.db34c02-150600.10.3.1
* aws-nitro-enclaves-cli-1.3.0~git1.db34c02-150600.10.3.1
* aws-nitro-enclaves-binaryblobs-upstream-1.3.0~git1.db34c02-150600.10.3.1

## References:

* https://www.suse.com/security/cve/CVE-2023-50711.html
* https://bugzilla.suse.com/show_bug.cgi?id=1218501



SUSE-SU-2024:1961-1: moderate: Security update for squid


# Security update for squid

Announcement ID: SUSE-SU-2024:1961-1
Rating: moderate
References:

* bsc#1225417

Cross-References:

* CVE-2024-33427

CVSS scores:

* CVE-2024-33427 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.6
* Server Applications Module 15-SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves one vulnerability can now be installed.

## Description:

This update for squid fixes the following issues:

* CVE-2024-33427: Fixed possible buffer overread that could have led to a
denial-of-service (bsc#1225417).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2024-1961=1 openSUSE-SLE-15.6-2024-1961=1

* Server Applications Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-1961=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* squid-debuginfo-6.9-150600.3.3.2
* squid-debugsource-6.9-150600.3.3.2
* squid-6.9-150600.3.3.2
* Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* squid-debuginfo-6.9-150600.3.3.2
* squid-debugsource-6.9-150600.3.3.2
* squid-6.9-150600.3.3.2

## References:

* https://www.suse.com/security/cve/CVE-2024-33427.html
* https://bugzilla.suse.com/show_bug.cgi?id=1225417



SUSE-SU-2024:1963-1: important: Security update for apache2


# Security update for apache2

Announcement ID: SUSE-SU-2024:1963-1
Rating: important
References:

* bsc#1221401
* bsc#1222330
* bsc#1222332

Cross-References:

* CVE-2023-38709
* CVE-2024-24795
* CVE-2024-27316

CVSS scores:

* CVE-2023-38709 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2024-24795 ( SUSE ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
* CVE-2024-27316 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-27316 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* Basesystem Module 15-SP6
* openSUSE Leap 15.6
* Server Applications Module 15-SP6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6
* SUSE Package Hub 15 15-SP6

An update that solves three vulnerabilities can now be installed.

## Description:

This update for apache2 fixes the following issues:

* CVE-2023-38709: Fixed HTTP response splitting (bsc#1222330).
* CVE-2024-24795: Fixed HTTP response splitting in multiple modules
(bsc#1222332).
* CVE-2024-27316: Fixed HTTP/2 CONTINUATION frames can be utilized for DoS
attacks (bsc#1221401).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2024-1963=1 openSUSE-SLE-15.6-2024-1963=1

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-1963=1

* SUSE Package Hub 15 15-SP6
zypper in -t patch SUSE-SLE-Module-Packagehub-Subpackages-15-SP6-2024-1963=1

* Server Applications Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-1963=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* apache2-prefork-debuginfo-2.4.58-150600.5.3.1
* apache2-event-2.4.58-150600.5.3.1
* apache2-debuginfo-2.4.58-150600.5.3.1
* apache2-debugsource-2.4.58-150600.5.3.1
* apache2-utils-2.4.58-150600.5.3.1
* apache2-worker-2.4.58-150600.5.3.1
* apache2-2.4.58-150600.5.3.1
* apache2-utils-debugsource-2.4.58-150600.5.3.1
* apache2-devel-2.4.58-150600.5.3.1
* apache2-event-debugsource-2.4.58-150600.5.3.1
* apache2-utils-debuginfo-2.4.58-150600.5.3.1
* apache2-prefork-debugsource-2.4.58-150600.5.3.1
* apache2-worker-debugsource-2.4.58-150600.5.3.1
* apache2-event-debuginfo-2.4.58-150600.5.3.1
* apache2-prefork-2.4.58-150600.5.3.1
* apache2-worker-debuginfo-2.4.58-150600.5.3.1
* openSUSE Leap 15.6 (noarch)
* apache2-manual-2.4.58-150600.5.3.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* apache2-prefork-debuginfo-2.4.58-150600.5.3.1
* apache2-debuginfo-2.4.58-150600.5.3.1
* apache2-debugsource-2.4.58-150600.5.3.1
* apache2-2.4.58-150600.5.3.1
* apache2-prefork-debugsource-2.4.58-150600.5.3.1
* apache2-prefork-2.4.58-150600.5.3.1
* SUSE Package Hub 15 15-SP6 (aarch64 ppc64le s390x x86_64)
* apache2-event-2.4.58-150600.5.3.1
* apache2-debuginfo-2.4.58-150600.5.3.1
* apache2-debugsource-2.4.58-150600.5.3.1
* apache2-event-debugsource-2.4.58-150600.5.3.1
* apache2-event-debuginfo-2.4.58-150600.5.3.1
* Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* apache2-utils-2.4.58-150600.5.3.1
* apache2-worker-2.4.58-150600.5.3.1
* apache2-utils-debugsource-2.4.58-150600.5.3.1
* apache2-devel-2.4.58-150600.5.3.1
* apache2-utils-debuginfo-2.4.58-150600.5.3.1
* apache2-worker-debugsource-2.4.58-150600.5.3.1
* apache2-worker-debuginfo-2.4.58-150600.5.3.1

## References:

* https://www.suse.com/security/cve/CVE-2023-38709.html
* https://www.suse.com/security/cve/CVE-2024-24795.html
* https://www.suse.com/security/cve/CVE-2024-27316.html
* https://bugzilla.suse.com/show_bug.cgi?id=1221401
* https://bugzilla.suse.com/show_bug.cgi?id=1222330
* https://bugzilla.suse.com/show_bug.cgi?id=1222332



SUSE-SU-2024:1962-1: moderate: Security update for libvirt


# Security update for libvirt

Announcement ID: SUSE-SU-2024:1962-1
Rating: moderate
References:

* bsc#1222584
* bsc#1223849

Cross-References:

* CVE-2024-4418

CVSS scores:

* CVE-2024-4418 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* Basesystem Module 15-SP6
* openSUSE Leap 15.6
* Server Applications Module 15-SP6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves one vulnerability and has one security fix can now be
installed.

## Description:

This update for libvirt fixes the following issues:

* CVE-2024-4418: Fixed a stack use-after-free by ensuring temporary GSource is
removed from client event loop. (bsc#1223849)

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-1962=1 SUSE-2024-1962=1

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-1962=1

* Server Applications Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Server-Applications-15-SP6-2024-1962=1

## Package List:

* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* libvirt-daemon-proxy-10.0.0-150600.8.3.1
* libvirt-libs-10.0.0-150600.8.3.1
* libvirt-daemon-plugin-lockd-10.0.0-150600.8.3.1
* libvirt-daemon-driver-lxc-debuginfo-10.0.0-150600.8.3.1
* libvirt-daemon-driver-storage-logical-10.0.0-150600.8.3.1
* libvirt-daemon-lock-10.0.0-150600.8.3.1
* libvirt-daemon-driver-storage-10.0.0-150600.8.3.1
* libvirt-daemon-driver-nodedev-debuginfo-10.0.0-150600.8.3.1
* libvirt-daemon-driver-storage-logical-debuginfo-10.0.0-150600.8.3.1
* libvirt-daemon-plugin-lockd-debuginfo-10.0.0-150600.8.3.1
* wireshark-plugin-libvirt-10.0.0-150600.8.3.1
* libvirt-daemon-driver-interface-10.0.0-150600.8.3.1
* libvirt-daemon-driver-network-10.0.0-150600.8.3.1
* libvirt-daemon-driver-lxc-10.0.0-150600.8.3.1
* libvirt-daemon-log-debuginfo-10.0.0-150600.8.3.1
* libvirt-daemon-qemu-10.0.0-150600.8.3.1
* libvirt-daemon-driver-interface-debuginfo-10.0.0-150600.8.3.1
* libvirt-daemon-driver-qemu-debuginfo-10.0.0-150600.8.3.1
* libvirt-10.0.0-150600.8.3.1
* libvirt-client-qemu-10.0.0-150600.8.3.1
* libvirt-libs-debuginfo-10.0.0-150600.8.3.1
* libvirt-daemon-driver-storage-scsi-debuginfo-10.0.0-150600.8.3.1
* libvirt-daemon-driver-storage-core-10.0.0-150600.8.3.1
* libvirt-daemon-driver-storage-core-debuginfo-10.0.0-150600.8.3.1
* libvirt-daemon-common-debuginfo-10.0.0-150600.8.3.1
* libvirt-daemon-driver-nwfilter-debuginfo-10.0.0-150600.8.3.1
* libvirt-daemon-log-10.0.0-150600.8.3.1
* libvirt-daemon-driver-storage-disk-10.0.0-150600.8.3.1
* libvirt-daemon-driver-nodedev-10.0.0-150600.8.3.1
* libvirt-devel-10.0.0-150600.8.3.1
* libvirt-daemon-driver-storage-gluster-10.0.0-150600.8.3.1
* libvirt-daemon-common-10.0.0-150600.8.3.1
* libvirt-debugsource-10.0.0-150600.8.3.1
* libvirt-daemon-driver-qemu-10.0.0-150600.8.3.1
* libvirt-daemon-plugin-sanlock-10.0.0-150600.8.3.1
* libvirt-daemon-lock-debuginfo-10.0.0-150600.8.3.1
* libvirt-nss-10.0.0-150600.8.3.1
* libvirt-client-debuginfo-10.0.0-150600.8.3.1
* libvirt-daemon-driver-storage-gluster-debuginfo-10.0.0-150600.8.3.1
* libvirt-daemon-driver-storage-iscsi-direct-10.0.0-150600.8.3.1
* libvirt-daemon-plugin-sanlock-debuginfo-10.0.0-150600.8.3.1
* libvirt-daemon-config-nwfilter-10.0.0-150600.8.3.1
* libvirt-daemon-config-network-10.0.0-150600.8.3.1
* libvirt-daemon-lxc-10.0.0-150600.8.3.1
* libvirt-daemon-driver-storage-iscsi-direct-debuginfo-10.0.0-150600.8.3.1
* wireshark-plugin-libvirt-debuginfo-10.0.0-150600.8.3.1
* libvirt-daemon-driver-network-debuginfo-10.0.0-150600.8.3.1
* libvirt-daemon-driver-storage-iscsi-debuginfo-10.0.0-150600.8.3.1
* libvirt-daemon-driver-storage-scsi-10.0.0-150600.8.3.1
* libvirt-daemon-proxy-debuginfo-10.0.0-150600.8.3.1
* libvirt-daemon-driver-nwfilter-10.0.0-150600.8.3.1
* libvirt-client-10.0.0-150600.8.3.1
* libvirt-daemon-driver-secret-debuginfo-10.0.0-150600.8.3.1
* libvirt-daemon-driver-storage-iscsi-10.0.0-150600.8.3.1
* libvirt-daemon-driver-storage-mpath-debuginfo-10.0.0-150600.8.3.1
* libvirt-daemon-debuginfo-10.0.0-150600.8.3.1
* libvirt-daemon-driver-secret-10.0.0-150600.8.3.1
* libvirt-daemon-10.0.0-150600.8.3.1
* libvirt-daemon-hooks-10.0.0-150600.8.3.1
* libvirt-nss-debuginfo-10.0.0-150600.8.3.1
* libvirt-daemon-driver-storage-disk-debuginfo-10.0.0-150600.8.3.1
* libvirt-daemon-driver-storage-mpath-10.0.0-150600.8.3.1
* openSUSE Leap 15.6 (x86_64)
* libvirt-client-32bit-debuginfo-10.0.0-150600.8.3.1
* libvirt-devel-32bit-10.0.0-150600.8.3.1
* libvirt-daemon-xen-10.0.0-150600.8.3.1
* libvirt-daemon-driver-libxl-10.0.0-150600.8.3.1
* libvirt-daemon-driver-libxl-debuginfo-10.0.0-150600.8.3.1
* openSUSE Leap 15.6 (aarch64 x86_64)
* libvirt-daemon-driver-storage-rbd-10.0.0-150600.8.3.1
* libvirt-daemon-driver-storage-rbd-debuginfo-10.0.0-150600.8.3.1
* openSUSE Leap 15.6 (noarch)
* libvirt-doc-10.0.0-150600.8.3.1
* openSUSE Leap 15.6 (aarch64_ilp32)
* libvirt-devel-64bit-10.0.0-150600.8.3.1
* libvirt-client-64bit-debuginfo-10.0.0-150600.8.3.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* libvirt-libs-10.0.0-150600.8.3.1
* libvirt-libs-debuginfo-10.0.0-150600.8.3.1
* libvirt-debugsource-10.0.0-150600.8.3.1
* Server Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* libvirt-daemon-proxy-10.0.0-150600.8.3.1
* libvirt-daemon-plugin-lockd-10.0.0-150600.8.3.1
* libvirt-daemon-driver-storage-logical-10.0.0-150600.8.3.1
* libvirt-daemon-lock-10.0.0-150600.8.3.1
* libvirt-daemon-driver-storage-10.0.0-150600.8.3.1
* libvirt-daemon-driver-nodedev-debuginfo-10.0.0-150600.8.3.1
* libvirt-daemon-driver-storage-logical-debuginfo-10.0.0-150600.8.3.1
* libvirt-daemon-plugin-lockd-debuginfo-10.0.0-150600.8.3.1
* libvirt-daemon-driver-interface-10.0.0-150600.8.3.1
* libvirt-daemon-driver-network-10.0.0-150600.8.3.1
* libvirt-daemon-log-debuginfo-10.0.0-150600.8.3.1
* libvirt-daemon-qemu-10.0.0-150600.8.3.1
* libvirt-daemon-driver-interface-debuginfo-10.0.0-150600.8.3.1
* libvirt-daemon-driver-qemu-debuginfo-10.0.0-150600.8.3.1
* libvirt-10.0.0-150600.8.3.1
* libvirt-client-qemu-10.0.0-150600.8.3.1
* libvirt-daemon-driver-storage-scsi-debuginfo-10.0.0-150600.8.3.1
* libvirt-daemon-driver-storage-core-10.0.0-150600.8.3.1
* libvirt-daemon-driver-storage-core-debuginfo-10.0.0-150600.8.3.1
* libvirt-daemon-common-debuginfo-10.0.0-150600.8.3.1
* libvirt-daemon-driver-nwfilter-debuginfo-10.0.0-150600.8.3.1
* libvirt-daemon-log-10.0.0-150600.8.3.1
* libvirt-daemon-driver-storage-disk-10.0.0-150600.8.3.1
* libvirt-daemon-driver-nodedev-10.0.0-150600.8.3.1
* libvirt-devel-10.0.0-150600.8.3.1
* libvirt-daemon-common-10.0.0-150600.8.3.1
* libvirt-debugsource-10.0.0-150600.8.3.1
* libvirt-daemon-driver-qemu-10.0.0-150600.8.3.1
* libvirt-daemon-plugin-sanlock-10.0.0-150600.8.3.1
* libvirt-daemon-lock-debuginfo-10.0.0-150600.8.3.1
* libvirt-nss-10.0.0-150600.8.3.1
* libvirt-client-debuginfo-10.0.0-150600.8.3.1
* libvirt-daemon-driver-storage-iscsi-direct-10.0.0-150600.8.3.1
* libvirt-daemon-plugin-sanlock-debuginfo-10.0.0-150600.8.3.1
* libvirt-daemon-config-nwfilter-10.0.0-150600.8.3.1
* libvirt-daemon-config-network-10.0.0-150600.8.3.1
* libvirt-daemon-driver-storage-iscsi-direct-debuginfo-10.0.0-150600.8.3.1
* libvirt-daemon-driver-network-debuginfo-10.0.0-150600.8.3.1
* libvirt-daemon-driver-storage-iscsi-debuginfo-10.0.0-150600.8.3.1
* libvirt-daemon-driver-storage-scsi-10.0.0-150600.8.3.1
* libvirt-daemon-proxy-debuginfo-10.0.0-150600.8.3.1
* libvirt-daemon-driver-nwfilter-10.0.0-150600.8.3.1
* libvirt-client-10.0.0-150600.8.3.1
* libvirt-daemon-driver-secret-debuginfo-10.0.0-150600.8.3.1
* libvirt-daemon-driver-storage-iscsi-10.0.0-150600.8.3.1
* libvirt-daemon-driver-storage-mpath-debuginfo-10.0.0-150600.8.3.1
* libvirt-daemon-debuginfo-10.0.0-150600.8.3.1
* libvirt-daemon-driver-secret-10.0.0-150600.8.3.1
* libvirt-daemon-10.0.0-150600.8.3.1
* libvirt-daemon-hooks-10.0.0-150600.8.3.1
* libvirt-nss-debuginfo-10.0.0-150600.8.3.1
* libvirt-daemon-driver-storage-disk-debuginfo-10.0.0-150600.8.3.1
* libvirt-daemon-driver-storage-mpath-10.0.0-150600.8.3.1
* Server Applications Module 15-SP6 (aarch64 x86_64)
* libvirt-daemon-driver-storage-rbd-10.0.0-150600.8.3.1
* libvirt-daemon-driver-storage-rbd-debuginfo-10.0.0-150600.8.3.1
* Server Applications Module 15-SP6 (noarch)
* libvirt-doc-10.0.0-150600.8.3.1
* Server Applications Module 15-SP6 (x86_64)
* libvirt-daemon-xen-10.0.0-150600.8.3.1
* libvirt-daemon-driver-libxl-10.0.0-150600.8.3.1
* libvirt-daemon-driver-libxl-debuginfo-10.0.0-150600.8.3.1

## References:

* https://www.suse.com/security/cve/CVE-2024-4418.html
* https://bugzilla.suse.com/show_bug.cgi?id=1222584
* https://bugzilla.suse.com/show_bug.cgi?id=1223849



SUSE-SU-2024:1947-1: moderate: Security update for openssl-3


# Security update for openssl-3

Announcement ID: SUSE-SU-2024:1947-1
Rating: moderate
References:

* bsc#1222548
* bsc#1224388

Cross-References:

* CVE-2024-2511
* CVE-2024-4603

CVSS scores:

* CVE-2024-2511 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2024-4603 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Affected Products:

* openSUSE Leap 15.4
* openSUSE Leap Micro 5.3
* openSUSE Leap Micro 5.4
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves two vulnerabilities can now be installed.

## Description:

This update for openssl-3 fixes the following issues:

* CVE-2024-2511: Fixed unconstrained session cache growth in TLSv1.3
(bsc#1222548).
* CVE-2024-4603: Fixed DSA parameter checks for excessive sizes before
validating (bsc#1224388).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1947=1

* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2024-1947=1

* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1947=1

* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-1947=1

* openSUSE Leap Micro 5.3
zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1947=1

* openSUSE Leap Micro 5.4
zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1947=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-1947=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-1947=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-1947=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-1947=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1947=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1947=1

* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1947=1

* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1947=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1947=1

## Package List:

* SUSE Manager Proxy 4.3 (x86_64)
* libopenssl3-debuginfo-3.0.8-150400.4.54.1
* openssl-3-3.0.8-150400.4.54.1
* libopenssl-3-devel-3.0.8-150400.4.54.1
* openssl-3-debuginfo-3.0.8-150400.4.54.1
* libopenssl3-3.0.8-150400.4.54.1
* openssl-3-debugsource-3.0.8-150400.4.54.1
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* libopenssl3-debuginfo-3.0.8-150400.4.54.1
* openssl-3-3.0.8-150400.4.54.1
* libopenssl-3-devel-3.0.8-150400.4.54.1
* openssl-3-debuginfo-3.0.8-150400.4.54.1
* libopenssl3-3.0.8-150400.4.54.1
* openssl-3-debugsource-3.0.8-150400.4.54.1
* SUSE Manager Server 4.3 (ppc64le s390x x86_64)
* libopenssl3-debuginfo-3.0.8-150400.4.54.1
* openssl-3-3.0.8-150400.4.54.1
* libopenssl-3-devel-3.0.8-150400.4.54.1
* openssl-3-debuginfo-3.0.8-150400.4.54.1
* libopenssl3-3.0.8-150400.4.54.1
* openssl-3-debugsource-3.0.8-150400.4.54.1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* libopenssl3-debuginfo-3.0.8-150400.4.54.1
* openssl-3-3.0.8-150400.4.54.1
* libopenssl-3-devel-3.0.8-150400.4.54.1
* openssl-3-debuginfo-3.0.8-150400.4.54.1
* libopenssl3-3.0.8-150400.4.54.1
* openssl-3-debugsource-3.0.8-150400.4.54.1
* openSUSE Leap 15.4 (x86_64)
* libopenssl-3-devel-32bit-3.0.8-150400.4.54.1
* libopenssl3-32bit-3.0.8-150400.4.54.1
* libopenssl3-32bit-debuginfo-3.0.8-150400.4.54.1
* openSUSE Leap 15.4 (noarch)
* openssl-3-doc-3.0.8-150400.4.54.1
* openSUSE Leap 15.4 (aarch64_ilp32)
* libopenssl3-64bit-3.0.8-150400.4.54.1
* libopenssl-3-devel-64bit-3.0.8-150400.4.54.1
* libopenssl3-64bit-debuginfo-3.0.8-150400.4.54.1
* openSUSE Leap Micro 5.3 (aarch64 ppc64le s390x x86_64)
* libopenssl3-debuginfo-3.0.8-150400.4.54.1
* libopenssl3-3.0.8-150400.4.54.1
* openssl-3-debugsource-3.0.8-150400.4.54.1
* openSUSE Leap Micro 5.4 (aarch64 ppc64le s390x x86_64)
* libopenssl3-debuginfo-3.0.8-150400.4.54.1
* libopenssl3-3.0.8-150400.4.54.1
* openssl-3-debugsource-3.0.8-150400.4.54.1
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* libopenssl3-debuginfo-3.0.8-150400.4.54.1
* libopenssl3-3.0.8-150400.4.54.1
* openssl-3-debugsource-3.0.8-150400.4.54.1
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* libopenssl3-debuginfo-3.0.8-150400.4.54.1
* libopenssl3-3.0.8-150400.4.54.1
* openssl-3-debugsource-3.0.8-150400.4.54.1
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* libopenssl3-debuginfo-3.0.8-150400.4.54.1
* libopenssl3-3.0.8-150400.4.54.1
* openssl-3-debugsource-3.0.8-150400.4.54.1
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* libopenssl3-debuginfo-3.0.8-150400.4.54.1
* libopenssl3-3.0.8-150400.4.54.1
* openssl-3-debugsource-3.0.8-150400.4.54.1
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* libopenssl3-debuginfo-3.0.8-150400.4.54.1
* openssl-3-3.0.8-150400.4.54.1
* libopenssl-3-devel-3.0.8-150400.4.54.1
* openssl-3-debuginfo-3.0.8-150400.4.54.1
* libopenssl3-3.0.8-150400.4.54.1
* openssl-3-debugsource-3.0.8-150400.4.54.1
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* libopenssl3-debuginfo-3.0.8-150400.4.54.1
* openssl-3-3.0.8-150400.4.54.1
* libopenssl-3-devel-3.0.8-150400.4.54.1
* openssl-3-debuginfo-3.0.8-150400.4.54.1
* libopenssl3-3.0.8-150400.4.54.1
* openssl-3-debugsource-3.0.8-150400.4.54.1
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64)
* libopenssl3-debuginfo-3.0.8-150400.4.54.1
* openssl-3-3.0.8-150400.4.54.1
* libopenssl-3-devel-3.0.8-150400.4.54.1
* openssl-3-debuginfo-3.0.8-150400.4.54.1
* libopenssl3-3.0.8-150400.4.54.1
* openssl-3-debugsource-3.0.8-150400.4.54.1
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x
x86_64)
* libopenssl3-debuginfo-3.0.8-150400.4.54.1
* openssl-3-3.0.8-150400.4.54.1
* libopenssl-3-devel-3.0.8-150400.4.54.1
* openssl-3-debuginfo-3.0.8-150400.4.54.1
* libopenssl3-3.0.8-150400.4.54.1
* openssl-3-debugsource-3.0.8-150400.4.54.1
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* libopenssl3-debuginfo-3.0.8-150400.4.54.1
* openssl-3-3.0.8-150400.4.54.1
* libopenssl-3-devel-3.0.8-150400.4.54.1
* openssl-3-debuginfo-3.0.8-150400.4.54.1
* libopenssl3-3.0.8-150400.4.54.1
* openssl-3-debugsource-3.0.8-150400.4.54.1

## References:

* https://www.suse.com/security/cve/CVE-2024-2511.html
* https://www.suse.com/security/cve/CVE-2024-4603.html
* https://bugzilla.suse.com/show_bug.cgi?id=1222548
* https://bugzilla.suse.com/show_bug.cgi?id=1224388



SUSE-SU-2024:1950-1: moderate: Security update for glib2


# Security update for glib2

Announcement ID: SUSE-SU-2024:1950-1
Rating: moderate
References:

* bsc#1224044

Cross-References:

* CVE-2024-34397

CVSS scores:

* CVE-2024-34397 ( SUSE ): 3.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N

Affected Products:

* Basesystem Module 15-SP6
* openSUSE Leap 15.6
* SUSE Linux Enterprise Desktop 15 SP6
* SUSE Linux Enterprise Real Time 15 SP6
* SUSE Linux Enterprise Server 15 SP6
* SUSE Linux Enterprise Server for SAP Applications 15 SP6

An update that solves one vulnerability can now be installed.

## Description:

This update for glib2 fixes the following issues:

Update to version 2.78.6:

* Fix a regression with IBus caused by the fix for CVE-2024-34397

Changes in version 2.78.5:

* Fix CVE-2024-34397: GDBus signal subscriptions for well-known names are
vulnerable to unicast spoofing. (bsc#1224044)
* Bugs fixed:
* gvfs-udisks2-volume-monitor SIGSEGV in g_content_type_guess_for_tree() due
to filename with bad encoding
* gcontenttype: Make filename valid utf-8 string before processing.
* gdbusconnection: Don't deliver signals if the sender doesn't match.

Changes in version 2.78.4:

* Bugs fixed:
* Fix generated RST anchors for methods, signals and properties.
* docs/reference: depend on a native gtk-doc.
* gobject_gdb.py: Do not break bt on optimized build.
* gregex: clean up usage of _GRegex.jit_status.

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch SUSE-2024-1950=1 openSUSE-SLE-15.6-2024-1950=1

* Basesystem Module 15-SP6
zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-1950=1

## Package List:

* openSUSE Leap 15.6 (noarch)
* gio-branding-upstream-2.78.6-150600.4.3.1
* gio-branding-SLE-15-150600.35.2.1
* glib2-lang-2.78.6-150600.4.3.1
* openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64 i586)
* glib2-devel-debuginfo-2.78.6-150600.4.3.1
* glib2-tools-2.78.6-150600.4.3.1
* libgobject-2_0-0-debuginfo-2.78.6-150600.4.3.1
* libgthread-2_0-0-debuginfo-2.78.6-150600.4.3.1
* libgio-2_0-0-2.78.6-150600.4.3.1
* libgmodule-2_0-0-2.78.6-150600.4.3.1
* libglib-2_0-0-debuginfo-2.78.6-150600.4.3.1
* libgobject-2_0-0-2.78.6-150600.4.3.1
* glib2-tests-devel-debuginfo-2.78.6-150600.4.3.1
* glib2-devel-2.78.6-150600.4.3.1
* libglib-2_0-0-2.78.6-150600.4.3.1
* libgthread-2_0-0-2.78.6-150600.4.3.1
* glib2-tests-devel-2.78.6-150600.4.3.1
* glib2-debugsource-2.78.6-150600.4.3.1
* libgio-2_0-0-debuginfo-2.78.6-150600.4.3.1
* glib2-tools-debuginfo-2.78.6-150600.4.3.1
* libgmodule-2_0-0-debuginfo-2.78.6-150600.4.3.1
* glib2-devel-static-2.78.6-150600.4.3.1
* glib2-doc-2.78.6-150600.4.3.1
* openSUSE Leap 15.6 (x86_64)
* glib2-devel-32bit-2.78.6-150600.4.3.1
* libgio-2_0-0-32bit-2.78.6-150600.4.3.1
* libgthread-2_0-0-32bit-2.78.6-150600.4.3.1
* libgobject-2_0-0-32bit-2.78.6-150600.4.3.1
* libgio-2_0-0-32bit-debuginfo-2.78.6-150600.4.3.1
* libgobject-2_0-0-32bit-debuginfo-2.78.6-150600.4.3.1
* glib2-devel-32bit-debuginfo-2.78.6-150600.4.3.1
* glib2-tools-32bit-2.78.6-150600.4.3.1
* glib2-tools-32bit-debuginfo-2.78.6-150600.4.3.1
* libgmodule-2_0-0-32bit-2.78.6-150600.4.3.1
* libglib-2_0-0-32bit-2.78.6-150600.4.3.1
* libgthread-2_0-0-32bit-debuginfo-2.78.6-150600.4.3.1
* libglib-2_0-0-32bit-debuginfo-2.78.6-150600.4.3.1
* libgmodule-2_0-0-32bit-debuginfo-2.78.6-150600.4.3.1
* openSUSE Leap 15.6 (aarch64_ilp32)
* glib2-devel-64bit-2.78.6-150600.4.3.1
* libgmodule-2_0-0-64bit-debuginfo-2.78.6-150600.4.3.1
* libglib-2_0-0-64bit-2.78.6-150600.4.3.1
* glib2-devel-64bit-debuginfo-2.78.6-150600.4.3.1
* libgio-2_0-0-64bit-2.78.6-150600.4.3.1
* libgthread-2_0-0-64bit-debuginfo-2.78.6-150600.4.3.1
* libglib-2_0-0-64bit-debuginfo-2.78.6-150600.4.3.1
* libgio-2_0-0-64bit-debuginfo-2.78.6-150600.4.3.1
* libgthread-2_0-0-64bit-2.78.6-150600.4.3.1
* glib2-tools-64bit-debuginfo-2.78.6-150600.4.3.1
* libgobject-2_0-0-64bit-2.78.6-150600.4.3.1
* libgobject-2_0-0-64bit-debuginfo-2.78.6-150600.4.3.1
* glib2-tools-64bit-2.78.6-150600.4.3.1
* libgmodule-2_0-0-64bit-2.78.6-150600.4.3.1
* Basesystem Module 15-SP6 (noarch)
* gio-branding-SLE-15-150600.35.2.1
* glib2-lang-2.78.6-150600.4.3.1
* Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64)
* glib2-devel-debuginfo-2.78.6-150600.4.3.1
* glib2-tools-2.78.6-150600.4.3.1
* libgobject-2_0-0-debuginfo-2.78.6-150600.4.3.1
* libgthread-2_0-0-debuginfo-2.78.6-150600.4.3.1
* libgio-2_0-0-2.78.6-150600.4.3.1
* libgmodule-2_0-0-2.78.6-150600.4.3.1
* libglib-2_0-0-debuginfo-2.78.6-150600.4.3.1
* libgobject-2_0-0-2.78.6-150600.4.3.1
* libglib-2_0-0-2.78.6-150600.4.3.1
* glib2-devel-2.78.6-150600.4.3.1
* libgthread-2_0-0-2.78.6-150600.4.3.1
* glib2-debugsource-2.78.6-150600.4.3.1
* libgio-2_0-0-debuginfo-2.78.6-150600.4.3.1
* glib2-tools-debuginfo-2.78.6-150600.4.3.1
* libgmodule-2_0-0-debuginfo-2.78.6-150600.4.3.1
* Basesystem Module 15-SP6 (x86_64)
* libgio-2_0-0-32bit-2.78.6-150600.4.3.1
* libgobject-2_0-0-32bit-2.78.6-150600.4.3.1
* libgio-2_0-0-32bit-debuginfo-2.78.6-150600.4.3.1
* libgobject-2_0-0-32bit-debuginfo-2.78.6-150600.4.3.1
* libgmodule-2_0-0-32bit-2.78.6-150600.4.3.1
* libglib-2_0-0-32bit-2.78.6-150600.4.3.1
* libglib-2_0-0-32bit-debuginfo-2.78.6-150600.4.3.1
* libgmodule-2_0-0-32bit-debuginfo-2.78.6-150600.4.3.1

## References:

* https://www.suse.com/security/cve/CVE-2024-34397.html
* https://bugzilla.suse.com/show_bug.cgi?id=1224044



SUSE-SU-2024:1949-1: moderate: Security update for openssl-1_1


# Security update for openssl-1_1

Announcement ID: SUSE-SU-2024:1949-1
Rating: moderate
References:

* bsc#1222548

Cross-References:

* CVE-2024-2511

CVSS scores:

* CVE-2024-2511 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products:

* openSUSE Leap 15.4
* openSUSE Leap Micro 5.3
* openSUSE Leap Micro 5.4
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
* SUSE Linux Enterprise Micro 5.3
* SUSE Linux Enterprise Micro 5.4
* SUSE Linux Enterprise Micro for Rancher 5.3
* SUSE Linux Enterprise Micro for Rancher 5.4
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves one vulnerability can now be installed.

## Description:

This update for openssl-1_1 fixes the following issues:

* CVE-2024-2511: Fixed unconstrained session cache growth in TLSv1.3
(bsc#1222548).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-1949=1

* openSUSE Leap Micro 5.3
zypper in -t patch openSUSE-Leap-Micro-5.3-2024-1949=1

* openSUSE Leap Micro 5.4
zypper in -t patch openSUSE-Leap-Micro-5.4-2024-1949=1

* SUSE Linux Enterprise Micro for Rancher 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-1949=1

* SUSE Linux Enterprise Micro 5.3
zypper in -t patch SUSE-SLE-Micro-5.3-2024-1949=1

* SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-1949=1

* SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2024-1949=1

* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-ESPOS-2024-1949=1

* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4
zypper in -t patch SUSE-SLE-Product-HPC-15-SP4-LTSS-2024-1949=1

* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLED-15-SP4-LTSS-2024-1949=1

* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4
zypper in -t patch SUSE-SLE-Product-SLES-15-SP4-LTSS-2024-1949=1

* SUSE Linux Enterprise Server for SAP Applications 15 SP4
zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP4-2024-1949=1

* SUSE Manager Proxy 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.3-2024-1949=1

* SUSE Manager Retail Branch Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Retail-Branch-
Server-4.3-2024-1949=1

* SUSE Manager Server 4.3
zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.3-2024-1949=1

## Package List:

* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* openssl-1_1-1.1.1l-150400.7.66.2
* openssl-1_1-debugsource-1.1.1l-150400.7.66.2
* libopenssl-1_1-devel-1.1.1l-150400.7.66.2
* libopenssl1_1-hmac-1.1.1l-150400.7.66.2
* libopenssl1_1-1.1.1l-150400.7.66.2
* openssl-1_1-debuginfo-1.1.1l-150400.7.66.2
* libopenssl1_1-debuginfo-1.1.1l-150400.7.66.2
* openSUSE Leap 15.4 (x86_64)
* libopenssl1_1-32bit-1.1.1l-150400.7.66.2
* libopenssl-1_1-devel-32bit-1.1.1l-150400.7.66.2
* libopenssl1_1-hmac-32bit-1.1.1l-150400.7.66.2
* libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.66.2
* openSUSE Leap 15.4 (noarch)
* openssl-1_1-doc-1.1.1l-150400.7.66.2
* openSUSE Leap 15.4 (aarch64_ilp32)
* libopenssl-1_1-devel-64bit-1.1.1l-150400.7.66.2
* libopenssl1_1-64bit-debuginfo-1.1.1l-150400.7.66.2
* libopenssl1_1-64bit-1.1.1l-150400.7.66.2
* libopenssl1_1-hmac-64bit-1.1.1l-150400.7.66.2
* openSUSE Leap Micro 5.3 (aarch64 x86_64)
* openssl-1_1-1.1.1l-150400.7.66.2
* openssl-1_1-debugsource-1.1.1l-150400.7.66.2
* libopenssl-1_1-devel-1.1.1l-150400.7.66.2
* libopenssl1_1-hmac-1.1.1l-150400.7.66.2
* libopenssl1_1-1.1.1l-150400.7.66.2
* openssl-1_1-debuginfo-1.1.1l-150400.7.66.2
* libopenssl1_1-debuginfo-1.1.1l-150400.7.66.2
* openSUSE Leap Micro 5.4 (aarch64 s390x x86_64)
* openssl-1_1-1.1.1l-150400.7.66.2
* openssl-1_1-debugsource-1.1.1l-150400.7.66.2
* libopenssl-1_1-devel-1.1.1l-150400.7.66.2
* libopenssl1_1-hmac-1.1.1l-150400.7.66.2
* libopenssl1_1-1.1.1l-150400.7.66.2
* openssl-1_1-debuginfo-1.1.1l-150400.7.66.2
* libopenssl1_1-debuginfo-1.1.1l-150400.7.66.2
* SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64)
* openssl-1_1-1.1.1l-150400.7.66.2
* openssl-1_1-debugsource-1.1.1l-150400.7.66.2
* libopenssl-1_1-devel-1.1.1l-150400.7.66.2
* libopenssl1_1-hmac-1.1.1l-150400.7.66.2
* libopenssl1_1-1.1.1l-150400.7.66.2
* openssl-1_1-debuginfo-1.1.1l-150400.7.66.2
* libopenssl1_1-debuginfo-1.1.1l-150400.7.66.2
* SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64)
* openssl-1_1-1.1.1l-150400.7.66.2
* openssl-1_1-debugsource-1.1.1l-150400.7.66.2
* libopenssl-1_1-devel-1.1.1l-150400.7.66.2
* libopenssl1_1-hmac-1.1.1l-150400.7.66.2
* libopenssl1_1-1.1.1l-150400.7.66.2
* openssl-1_1-debuginfo-1.1.1l-150400.7.66.2
* libopenssl1_1-debuginfo-1.1.1l-150400.7.66.2
* SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
* openssl-1_1-1.1.1l-150400.7.66.2
* openssl-1_1-debugsource-1.1.1l-150400.7.66.2
* libopenssl-1_1-devel-1.1.1l-150400.7.66.2
* libopenssl1_1-hmac-1.1.1l-150400.7.66.2
* libopenssl1_1-1.1.1l-150400.7.66.2
* openssl-1_1-debuginfo-1.1.1l-150400.7.66.2
* libopenssl1_1-debuginfo-1.1.1l-150400.7.66.2
* SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
* openssl-1_1-1.1.1l-150400.7.66.2
* openssl-1_1-debugsource-1.1.1l-150400.7.66.2
* libopenssl-1_1-devel-1.1.1l-150400.7.66.2
* libopenssl1_1-hmac-1.1.1l-150400.7.66.2
* libopenssl1_1-1.1.1l-150400.7.66.2
* openssl-1_1-debuginfo-1.1.1l-150400.7.66.2
* libopenssl1_1-debuginfo-1.1.1l-150400.7.66.2
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (aarch64
x86_64)
* openssl-1_1-1.1.1l-150400.7.66.2
* openssl-1_1-debugsource-1.1.1l-150400.7.66.2
* libopenssl-1_1-devel-1.1.1l-150400.7.66.2
* libopenssl1_1-hmac-1.1.1l-150400.7.66.2
* libopenssl1_1-1.1.1l-150400.7.66.2
* openssl-1_1-debuginfo-1.1.1l-150400.7.66.2
* libopenssl1_1-debuginfo-1.1.1l-150400.7.66.2
* SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (x86_64)
* libopenssl1_1-32bit-1.1.1l-150400.7.66.2
* libopenssl-1_1-devel-32bit-1.1.1l-150400.7.66.2
* libopenssl1_1-hmac-32bit-1.1.1l-150400.7.66.2
* libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.66.2
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (aarch64
x86_64)
* openssl-1_1-1.1.1l-150400.7.66.2
* openssl-1_1-debugsource-1.1.1l-150400.7.66.2
* libopenssl-1_1-devel-1.1.1l-150400.7.66.2
* libopenssl1_1-hmac-1.1.1l-150400.7.66.2
* libopenssl1_1-1.1.1l-150400.7.66.2
* openssl-1_1-debuginfo-1.1.1l-150400.7.66.2
* libopenssl1_1-debuginfo-1.1.1l-150400.7.66.2
* SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (x86_64)
* libopenssl1_1-32bit-1.1.1l-150400.7.66.2
* libopenssl-1_1-devel-32bit-1.1.1l-150400.7.66.2
* libopenssl1_1-hmac-32bit-1.1.1l-150400.7.66.2
* libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.66.2
* SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (x86_64)
* openssl-1_1-1.1.1l-150400.7.66.2
* libopenssl1_1-hmac-32bit-1.1.1l-150400.7.66.2
* libopenssl1_1-32bit-1.1.1l-150400.7.66.2
* libopenssl-1_1-devel-32bit-1.1.1l-150400.7.66.2
* libopenssl-1_1-devel-1.1.1l-150400.7.66.2
* libopenssl1_1-hmac-1.1.1l-150400.7.66.2
* openssl-1_1-debugsource-1.1.1l-150400.7.66.2
* libopenssl1_1-1.1.1l-150400.7.66.2
* openssl-1_1-debuginfo-1.1.1l-150400.7.66.2
* libopenssl1_1-debuginfo-1.1.1l-150400.7.66.2
* libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.66.2
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (aarch64 ppc64le s390x
x86_64)
* openssl-1_1-1.1.1l-150400.7.66.2
* openssl-1_1-debugsource-1.1.1l-150400.7.66.2
* libopenssl-1_1-devel-1.1.1l-150400.7.66.2
* libopenssl1_1-hmac-1.1.1l-150400.7.66.2
* libopenssl1_1-1.1.1l-150400.7.66.2
* openssl-1_1-debuginfo-1.1.1l-150400.7.66.2
* libopenssl1_1-debuginfo-1.1.1l-150400.7.66.2
* SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (x86_64)
* libopenssl1_1-32bit-1.1.1l-150400.7.66.2
* libopenssl-1_1-devel-32bit-1.1.1l-150400.7.66.2
* libopenssl1_1-hmac-32bit-1.1.1l-150400.7.66.2
* libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.66.2
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (ppc64le x86_64)
* openssl-1_1-1.1.1l-150400.7.66.2
* openssl-1_1-debugsource-1.1.1l-150400.7.66.2
* libopenssl-1_1-devel-1.1.1l-150400.7.66.2
* libopenssl1_1-hmac-1.1.1l-150400.7.66.2
* libopenssl1_1-1.1.1l-150400.7.66.2
* openssl-1_1-debuginfo-1.1.1l-150400.7.66.2
* libopenssl1_1-debuginfo-1.1.1l-150400.7.66.2
* SUSE Linux Enterprise Server for SAP Applications 15 SP4 (x86_64)
* libopenssl1_1-32bit-1.1.1l-150400.7.66.2
* libopenssl-1_1-devel-32bit-1.1.1l-150400.7.66.2
* libopenssl1_1-hmac-32bit-1.1.1l-150400.7.66.2
* libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.66.2
* SUSE Manager Proxy 4.3 (x86_64)
* openssl-1_1-1.1.1l-150400.7.66.2
* libopenssl1_1-hmac-32bit-1.1.1l-150400.7.66.2
* libopenssl1_1-32bit-1.1.1l-150400.7.66.2
* libopenssl-1_1-devel-32bit-1.1.1l-150400.7.66.2
* libopenssl-1_1-devel-1.1.1l-150400.7.66.2
* libopenssl1_1-hmac-1.1.1l-150400.7.66.2
* openssl-1_1-debugsource-1.1.1l-150400.7.66.2
* libopenssl1_1-1.1.1l-150400.7.66.2
* openssl-1_1-debuginfo-1.1.1l-150400.7.66.2
* libopenssl1_1-debuginfo-1.1.1l-150400.7.66.2
* libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.66.2
* SUSE Manager Retail Branch Server 4.3 (x86_64)
* openssl-1_1-1.1.1l-150400.7.66.2
* libopenssl1_1-hmac-32bit-1.1.1l-150400.7.66.2
* libopenssl1_1-32bit-1.1.1l-150400.7.66.2
* libopenssl-1_1-devel-32bit-1.1.1l-150400.7.66.2
* libopenssl-1_1-devel-1.1.1l-150400.7.66.2
* libopenssl1_1-hmac-1.1.1l-150400.7.66.2
* openssl-1_1-debugsource-1.1.1l-150400.7.66.2
* libopenssl1_1-1.1.1l-150400.7.66.2
* openssl-1_1-debuginfo-1.1.1l-150400.7.66.2
* libopenssl1_1-debuginfo-1.1.1l-150400.7.66.2
* libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.66.2
* SUSE Manager Server 4.3 (ppc64le s390x x86_64)
* openssl-1_1-1.1.1l-150400.7.66.2
* openssl-1_1-debugsource-1.1.1l-150400.7.66.2
* libopenssl-1_1-devel-1.1.1l-150400.7.66.2
* libopenssl1_1-hmac-1.1.1l-150400.7.66.2
* libopenssl1_1-1.1.1l-150400.7.66.2
* openssl-1_1-debuginfo-1.1.1l-150400.7.66.2
* libopenssl1_1-debuginfo-1.1.1l-150400.7.66.2
* SUSE Manager Server 4.3 (x86_64)
* libopenssl1_1-32bit-1.1.1l-150400.7.66.2
* libopenssl-1_1-devel-32bit-1.1.1l-150400.7.66.2
* libopenssl1_1-hmac-32bit-1.1.1l-150400.7.66.2
* libopenssl1_1-32bit-debuginfo-1.1.1l-150400.7.66.2

## References:

* https://www.suse.com/security/cve/CVE-2024-2511.html
* https://bugzilla.suse.com/show_bug.cgi?id=1222548



SUSE-SU-2024:1937-1: moderate: Security update for python-docker


# Security update for python-docker

Announcement ID: SUSE-SU-2024:1937-1
Rating: moderate
References:

* bsc#1224788

Cross-References:

* CVE-2024-35195

CVSS scores:

* CVE-2024-35195 ( SUSE ): 6.0 CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N

Affected Products:

* openSUSE Leap 15.4
* Public Cloud Module 15-SP4
* Public Cloud Module 15-SP5
* SUSE Linux Enterprise High Performance Computing 15 SP4
* SUSE Linux Enterprise High Performance Computing 15 SP5
* SUSE Linux Enterprise Server 15 SP4
* SUSE Linux Enterprise Server 15 SP5
* SUSE Linux Enterprise Server for SAP Applications 15 SP4
* SUSE Linux Enterprise Server for SAP Applications 15 SP5
* SUSE Manager Proxy 4.3
* SUSE Manager Retail Branch Server 4.3
* SUSE Manager Server 4.3

An update that solves one vulnerability can now be installed.

## Description:

This update for python-docker fixes the following issues:

* CVE-2024-35195: Fixed missing certificate verification (bsc#1224788).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* Public Cloud Module 15-SP5
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP5-2024-1937=1

* openSUSE Leap 15.4
zypper in -t patch SUSE-2024-1937=1

* Public Cloud Module 15-SP4
zypper in -t patch SUSE-SLE-Module-Public-Cloud-15-SP4-2024-1937=1

## Package List:

* Public Cloud Module 15-SP5 (noarch)
* python311-docker-7.0.0-150400.8.7.1
* openSUSE Leap 15.4 (noarch)
* python311-docker-7.0.0-150400.8.7.1
* Public Cloud Module 15-SP4 (noarch)
* python311-docker-7.0.0-150400.8.7.1

## References:

* https://www.suse.com/security/cve/CVE-2024-35195.html
* https://bugzilla.suse.com/show_bug.cgi?id=1224788



SUSE-SU-2024:1925-1: important: Security update for python-PyMySQL


# Security update for python-PyMySQL

Announcement ID: SUSE-SU-2024:1925-1
Rating: important
References:

* bsc#1225070

Cross-References:

* CVE-2024-36039

CVSS scores:

* CVE-2024-36039 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Products:

* openSUSE Leap 15.6

An update that solves one vulnerability can now be installed.

## Description:

This update for python-PyMySQL fixes the following issues:

* CVE-2024-36039: Fixed SQL injection when used with untrusted JSON input
(bsc#1225070).

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:

* openSUSE Leap 15.6
zypper in -t patch openSUSE-SLE-15.6-2024-1925=1 SUSE-2024-1925=1

## Package List:

* openSUSE Leap 15.6 (noarch)
* python311-PyMySQL-1.1.0-150600.3.3.1

## References:

* https://www.suse.com/security/cve/CVE-2024-36039.html
* https://bugzilla.suse.com/show_bug.cgi?id=1225070



openSUSE-SU-2024:0157-1: important: Security update for nano


openSUSE Security Update: Security update for nano
_______________________________

Announcement ID: openSUSE-SU-2024:0157-1
Rating: important
References: #1226099
Cross-References: CVE-2024-5742
CVSS scores:
CVE-2024-5742 (SUSE): 6.3 CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H

Affected Products:
openSUSE Backports SLE-15-SP5
_______________________________

An update that fixes one vulnerability is now available.

Description:

This update for nano fixes the following issues:

- CVE-2024-5742: Avoid privilege escalations via symlink attacks on
emergency save file (boo#1226099)

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP5:

zypper in -t patch openSUSE-2024-157=1

Package List:

- openSUSE Backports SLE-15-SP5 (aarch64 i586 ppc64le s390x x86_64):

nano-7.2-bp155.2.3.1

- openSUSE Backports SLE-15-SP5 (noarch):

nano-lang-7.2-bp155.2.3.1

References:

https://www.suse.com/security/cve/CVE-2024-5742.html
https://bugzilla.suse.com/1226099