openSUSE-SLE-15.4-2022-19 moderate SUSE Updates openSUSE-SLE 15.4 This update for ghostscript, gswrap fixes the following issues: We now ship an additional wraper for ghostscript, called gswrap, for SLE 15 SP2 and SLE15 SP3. You can install this wrapper by installing the gswrap package. - Allow the `gswrap` package to use its wrapper script for `ghostscript` (jsc#SLE-21705 jsc#SLE-21706) - Use `update-alternatives` to get the real `ghostscript` binary from `/usr/bin/gs` to `/usr/bin/gs.bin` ghostscript-9.52-158.1.src.rpm ghostscript-9.52-158.1.x86_64.rpm ghostscript-devel-9.52-158.1.x86_64.rpm ghostscript-x11-9.52-158.1.x86_64.rpm ghostscript-9.52-158.1.s390x.rpm ghostscript-devel-9.52-158.1.s390x.rpm ghostscript-x11-9.52-158.1.s390x.rpm ghostscript-9.52-158.1.ppc64le.rpm ghostscript-devel-9.52-158.1.ppc64le.rpm ghostscript-x11-9.52-158.1.ppc64le.rpm ghostscript-9.52-158.1.aarch64.rpm ghostscript-devel-9.52-158.1.aarch64.rpm ghostscript-x11-9.52-158.1.aarch64.rpm openSUSE-SLE-15.4-2022-143 moderate SUSE Updates openSUSE-SLE 15.4 This update for java-11-openjdk fixes the following issues: - Java Cryptography was always operating in FIPS mode if crypto-policies was not used. - Allow plain key import in fips mode unless "com.suse.fips.plainKeySupport" is set to false java-11-openjdk-11.0.13.0-3.68.1.src.rpm java-11-openjdk-11.0.13.0-3.68.1.x86_64.rpm java-11-openjdk-accessibility-11.0.13.0-3.68.1.x86_64.rpm java-11-openjdk-demo-11.0.13.0-3.68.1.x86_64.rpm java-11-openjdk-devel-11.0.13.0-3.68.1.x86_64.rpm java-11-openjdk-headless-11.0.13.0-3.68.1.x86_64.rpm java-11-openjdk-javadoc-11.0.13.0-3.68.1.noarch.rpm java-11-openjdk-jmods-11.0.13.0-3.68.1.x86_64.rpm java-11-openjdk-src-11.0.13.0-3.68.1.x86_64.rpm java-11-openjdk-11.0.13.0-3.68.1.s390x.rpm java-11-openjdk-accessibility-11.0.13.0-3.68.1.s390x.rpm java-11-openjdk-demo-11.0.13.0-3.68.1.s390x.rpm java-11-openjdk-devel-11.0.13.0-3.68.1.s390x.rpm java-11-openjdk-headless-11.0.13.0-3.68.1.s390x.rpm java-11-openjdk-jmods-11.0.13.0-3.68.1.s390x.rpm java-11-openjdk-src-11.0.13.0-3.68.1.s390x.rpm java-11-openjdk-11.0.13.0-3.68.1.ppc64le.rpm java-11-openjdk-accessibility-11.0.13.0-3.68.1.ppc64le.rpm java-11-openjdk-demo-11.0.13.0-3.68.1.ppc64le.rpm java-11-openjdk-devel-11.0.13.0-3.68.1.ppc64le.rpm java-11-openjdk-headless-11.0.13.0-3.68.1.ppc64le.rpm java-11-openjdk-jmods-11.0.13.0-3.68.1.ppc64le.rpm java-11-openjdk-src-11.0.13.0-3.68.1.ppc64le.rpm java-11-openjdk-11.0.13.0-3.68.1.aarch64.rpm java-11-openjdk-accessibility-11.0.13.0-3.68.1.aarch64.rpm java-11-openjdk-demo-11.0.13.0-3.68.1.aarch64.rpm java-11-openjdk-devel-11.0.13.0-3.68.1.aarch64.rpm java-11-openjdk-headless-11.0.13.0-3.68.1.aarch64.rpm java-11-openjdk-jmods-11.0.13.0-3.68.1.aarch64.rpm java-11-openjdk-src-11.0.13.0-3.68.1.aarch64.rpm openSUSE-SLE-15.4-2022-157 important SUSE Updates openSUSE-SLE 15.4 This update for zxing-cpp fixes the following issues: - CVE-2021-28021: Fixed buffer overflow vulnerability in function stbi__extend_receive in stb_image.h via a crafted JPEG file. (bsc#1191743). - CVE-2021-42715: Fixed buffer overflow in stb_image PNM loader (bsc#1191942). - CVE-2021-42716: Fixed denial of service in stb_image HDR loader when reading crafted HDR files (bsc#1191944). libZXing1-1.2.0-9.7.1.x86_64.rpm libZXing1-32bit-1.2.0-9.7.1.x86_64.rpm zxing-cpp-1.2.0-9.7.1.src.rpm zxing-cpp-devel-1.2.0-9.7.1.x86_64.rpm libZXing1-1.2.0-9.7.1.s390x.rpm zxing-cpp-devel-1.2.0-9.7.1.s390x.rpm libZXing1-1.2.0-9.7.1.ppc64le.rpm zxing-cpp-devel-1.2.0-9.7.1.ppc64le.rpm libZXing1-1.2.0-9.7.1.aarch64.rpm zxing-cpp-devel-1.2.0-9.7.1.aarch64.rpm openSUSE-SLE-15.4-2022-176 important SUSE Updates openSUSE-SLE 15.4 This update for unbound fixes the following issues: - CVE-2019-25031: Fixed configuration injection in create_unbound_ad_servers.sh upon a successful man-in-the-middle attack (bsc#1185382). - CVE-2019-25032: Fixed integer overflow in the regional allocator via regional_alloc (bsc#1185383). - CVE-2019-25033: Fixed integer overflow in the regional allocator via the ALIGN_UP macro (bsc#1185384). - CVE-2019-25034: Fixed integer overflow in sldns_str2wire_dname_buf_origin, leading to an out-of-bounds write (bsc#1185385). - CVE-2019-25035: Fixed out-of-bounds write in sldns_bget_token_par (bsc#1185386). - CVE-2019-25036: Fixed assertion failure and denial of service in synth_cname (bsc#1185387). - CVE-2019-25037: Fixed assertion failure and denial of service in dname_pkt_copy via an invalid packet (bsc#1185388). - CVE-2019-25038: Fixed integer overflow in a size calculation in dnscrypt/dnscrypt.c (bsc#1185389). - CVE-2019-25039: Fixed integer overflow in a size calculation in respip/respip.c (bsc#1185390). - CVE-2019-25040: Fixed infinite loop via a compressed name in dname_pkt_copy (bsc#1185391). - CVE-2019-25041: Fixed assertion failure via a compressed name in dname_pkt_copy (bsc#1185392). - CVE-2019-25042: Fixed out-of-bounds write via a compressed name in rdata_copy (bsc#1185393). - CVE-2020-28935: Fixed symbolic link traversal when writing PID file (bsc#1179191). libunbound2-1.6.8-10.6.1.x86_64.rpm unbound-1.6.8-10.6.1.src.rpm unbound-1.6.8-10.6.1.x86_64.rpm unbound-anchor-1.6.8-10.6.1.x86_64.rpm unbound-devel-1.6.8-10.6.1.x86_64.rpm unbound-munin-1.6.8-10.6.1.noarch.rpm unbound-python-1.6.8-10.6.1.x86_64.rpm libunbound2-1.6.8-10.6.1.s390x.rpm unbound-1.6.8-10.6.1.s390x.rpm unbound-anchor-1.6.8-10.6.1.s390x.rpm unbound-devel-1.6.8-10.6.1.s390x.rpm unbound-python-1.6.8-10.6.1.s390x.rpm libunbound2-1.6.8-10.6.1.ppc64le.rpm unbound-1.6.8-10.6.1.ppc64le.rpm unbound-anchor-1.6.8-10.6.1.ppc64le.rpm unbound-devel-1.6.8-10.6.1.ppc64le.rpm unbound-python-1.6.8-10.6.1.ppc64le.rpm libunbound2-1.6.8-10.6.1.aarch64.rpm unbound-1.6.8-10.6.1.aarch64.rpm unbound-anchor-1.6.8-10.6.1.aarch64.rpm unbound-devel-1.6.8-10.6.1.aarch64.rpm unbound-python-1.6.8-10.6.1.aarch64.rpm