openSUSE-SLE-15.4-2022-538 low SUSE Updates openSUSE-SLE 15.4 This update for xmltooling doesn't fix any user visible bugs. libxmltooling7-1.6.4-3.6.1.x86_64.rpm xmltooling-1.6.4-3.6.1.src.rpm libxmltooling7-1.6.4-3.6.1.s390x.rpm libxmltooling7-1.6.4-3.6.1.ppc64le.rpm libxmltooling7-1.6.4-3.6.1.aarch64.rpm openSUSE-SLE-15.4-2022-679 moderate SUSE Updates openSUSE-SLE 15.4 This update for php7 fixes the following issues: - CVE-2021-21703: Fixed local privilege escalation via PHP-FPM (bsc#1192050). - CVE-2021-21707: Fixed special character breaks path in xml parsing (bsc#1193041). - CVE-2017-8923: Fixed denial of service (application crash) when using .= with a long string (zend_string_extend func in Zend/zend_string.h) (bsc#1038980). - CVE-2015-9253: Fixed endless loop when the master process restarts a child process using program execution functions (bsc#1081790). php7-7.2.5-4.89.4.src.rpm php7-wddx-7.2.5-4.89.4.x86_64.rpm php7-wddx-7.2.5-4.89.4.s390x.rpm php7-wddx-7.2.5-4.89.4.ppc64le.rpm php7-wddx-7.2.5-4.89.4.aarch64.rpm openSUSE-SLE-15.4-2022-868 moderate SUSE Updates openSUSE-SLE 15.4 This feature update for tcl and tk fixes the following issues: Update tcl and tk to version 8.6.12 (jsc#SLE-21016, jsc#SLE-23284): - Move tcl.macros to /usr/lib/rpm/macros.d (bsc#1185662) - Use FAT LTO objects in order to provide proper static library (bsc#1138797) - Fix a bug in itcl that was affecting iwidgets (bsc#903017) - Add [combobox current] support "end" index - Add fixes in [text] bindings - Add missing "deferred clear code" support to GIF photo images - Add new virtual event <<TkWorldChanged>> - Add new keycodes: CodeInput, SingleCandidate, MultipleCandidate, PreviousCandidate - Add new support for POSIX error: EILSEQ - Add new command [tcl::unsupported::corotype] - Add new command [tcl::unsupported::timerate] for performance testing - Add new option -state to [ttk::scale] - Add portable keycodes: OE, oe, Ydiaeresis - Add support for backrefs in [array names -regexp] - Add support for Unicode 14 - Disfavor Master/Slave terminology - Enhance [oo::object] to acquire or lose a class identity dynamically - Fix canvas rotated text overlap detection - Fix canvas closed polylines yo fully honor -joinstyle - Fix display of Long non-wrapped lines in text - Fix display treeview focus ring when -selectmode none - Fix focus events not to break entry validation - Fix [package prefer stable] failing case - Fix auto_path initialization by Safe Base interps - Fix bad interaction between grab and mouse pointer warp - Fix borderwidth calculations on menu items - Fix cascade tearoff menu redraw artifacts - Fix coords rounding when drawing canvas items - Fix corrupt result from [$c postscript] with -file or -channel - Fix errno management in socket full close - Fix failure when a [proc] argument name is computed, not literal - Fix focus on unmapped windows - Fix handling of duplicates in spinbox -values list - Fix incomplete read of multi-image GIF - Fix initialization order of static package in wish - Fix issue when trying to display angled text without Xft - Fix issue with font initialization when no font is installed - Fix problems with Noto Color Emoji font - Fix race conditions in [file delete] and [file mkdir] - Fix Std channel initialization for multi-thread operations - Fix tearoff menu redraw artifacts - Fix up arrow key in [text] to correctly move cursor to index 1.0 - Fix various cursor issues - Fix various encoding issues - Fix various fontchooser issues - Fix various issues causing crashes and hang in - Fix various memory issues - Fix various scrolling bugs and add improvements - Fix 32/64-bit confusion of FS DIR operations reported for AIX - Improve appearance of text selection in [*entry] widgets - Improve checkbutton handling of -selectcolor - Improve handling of resolution changes - Improve multi-thread safety when Xft is in use - Improve ttk high-contrast-mode support - Improve emoji support - Improve legacy support for [tk_setPalette] - Make combobox -postoffset option work with default style - Make spinbox use proper names in query of option database - Menu flaws when empty menubar clicked - New index argument in [$menubutton post x y index] - Preserve canvas tag list order during add/delete - Prevent cross-manager loops of geom management - Rewrite of zlib inflation for multi-stream and completeness - Run fileevents in proper thread after [thread::attach $channel] - Stop [unload] corruption of list of loaded packages - Stop app switching exposing withdrawn windows as zombies - Tk now denied access to PRIMARY selection from safe interps - TkpDrawAngledCharsInContext leaked a CGColor - Try to restore Tcl's [update] command when Tk is unloaded - Changed [info * methods] to include mixins - [package require] is now NR-enabled The following fixes might show some potential incompatibilities with existing software: - Revised [binary (en|de)code base64] for RFC compliance and roundtrip - Tcl_DStringAppendElement # quoting precision, dstring-2.13, dstring-3.10 - Extended [clock scan] ISO format and time zone support - Allow for select/copy from disabled text widget on all platforms - Revised case of [info loaded] module names - [info hostname] reports DNS name, not NetBIOS name - Force -eofchar \032 when evaluating library scripts - Revised error messages: "too few" => "not enough" - Performed rewrite of Tk event loop to prevent ring overflow - Refactored all MouseWheel bindings - Revised precision of ::scale widget tick mark values - Prevent transient window cycles (crashed on Aqua) - Builds no longer use -lieee - Quoting of command line arguments by [exec] on Windows revised. Prior quoting rules left holes where some values would not pass through, but could trigger substitutions or program execution. See https://core.tcl-lang.org/tcl/info/21b0629c81 - [lreplace] accepts all out-of-range index values tcl-32bit-8.6.12-150300.14.3.1.x86_64.rpm tcl-8.6.12-150300.14.3.1.src.rpm tcl-8.6.12-150300.14.3.1.x86_64.rpm tcl-devel-8.6.12-150300.14.3.1.x86_64.rpm tk-32bit-8.6.12-150300.10.3.1.x86_64.rpm tk-8.6.12-150300.10.3.1.src.rpm tk-8.6.12-150300.10.3.1.x86_64.rpm tk-devel-8.6.12-150300.10.3.1.x86_64.rpm tcl-8.6.12-150300.14.3.1.s390x.rpm tcl-devel-8.6.12-150300.14.3.1.s390x.rpm tk-8.6.12-150300.10.3.1.s390x.rpm tk-devel-8.6.12-150300.10.3.1.s390x.rpm tcl-8.6.12-150300.14.3.1.ppc64le.rpm tcl-devel-8.6.12-150300.14.3.1.ppc64le.rpm tk-8.6.12-150300.10.3.1.ppc64le.rpm tk-devel-8.6.12-150300.10.3.1.ppc64le.rpm tcl-8.6.12-150300.14.3.1.aarch64.rpm tcl-devel-8.6.12-150300.14.3.1.aarch64.rpm tk-8.6.12-150300.10.3.1.aarch64.rpm tk-devel-8.6.12-150300.10.3.1.aarch64.rpm openSUSE-SLE-15.4-2022-70 moderate SUSE Updates openSUSE-SLE 15.4 This update for python-configshell-fb fixes the following issues: - Upgrade to latest upstream version v1.1.29 (jsc#SLE-17360): * setup.py: specify a version range for pyparsing * setup.py: lets stick to pyparsing v2.4.7 * Don't warn if prefs file doesn't exist - Update to version v1.1.28 from v1.1.27 (jsc#SLE-17360): * version 1.1.28 * Ensure that all output reaches the client when daemonized * Remove Epydoc markup from command messages * Remove epydoc imports and epydoc calls python-configshell-fb-1.1.29-3.3.1.src.rpm python2-configshell-fb-1.1.29-3.3.1.noarch.rpm python3-configshell-fb-1.1.29-3.3.1.noarch.rpm openSUSE-SLE-15.4-2022-19 moderate SUSE Updates openSUSE-SLE 15.4 This update for ghostscript, gswrap fixes the following issues: We now ship an additional wraper for ghostscript, called gswrap, for SLE 15 SP2 and SLE15 SP3. You can install this wrapper by installing the gswrap package. - Allow the `gswrap` package to use its wrapper script for `ghostscript` (jsc#SLE-21705 jsc#SLE-21706) - Use `update-alternatives` to get the real `ghostscript` binary from `/usr/bin/gs` to `/usr/bin/gs.bin` ghostscript-9.52-158.1.src.rpm ghostscript-9.52-158.1.x86_64.rpm ghostscript-devel-9.52-158.1.x86_64.rpm ghostscript-x11-9.52-158.1.x86_64.rpm ghostscript-9.52-158.1.s390x.rpm ghostscript-devel-9.52-158.1.s390x.rpm ghostscript-x11-9.52-158.1.s390x.rpm ghostscript-9.52-158.1.ppc64le.rpm ghostscript-devel-9.52-158.1.ppc64le.rpm ghostscript-x11-9.52-158.1.ppc64le.rpm ghostscript-9.52-158.1.aarch64.rpm ghostscript-devel-9.52-158.1.aarch64.rpm ghostscript-x11-9.52-158.1.aarch64.rpm openSUSE-SLE-15.4-2022-143 moderate SUSE Updates openSUSE-SLE 15.4 This update for java-11-openjdk fixes the following issues: - Java Cryptography was always operating in FIPS mode if crypto-policies was not used. - Allow plain key import in fips mode unless "com.suse.fips.plainKeySupport" is set to false java-11-openjdk-11.0.13.0-3.68.1.src.rpm java-11-openjdk-11.0.13.0-3.68.1.x86_64.rpm java-11-openjdk-accessibility-11.0.13.0-3.68.1.x86_64.rpm java-11-openjdk-demo-11.0.13.0-3.68.1.x86_64.rpm java-11-openjdk-devel-11.0.13.0-3.68.1.x86_64.rpm java-11-openjdk-headless-11.0.13.0-3.68.1.x86_64.rpm java-11-openjdk-javadoc-11.0.13.0-3.68.1.noarch.rpm java-11-openjdk-jmods-11.0.13.0-3.68.1.x86_64.rpm java-11-openjdk-src-11.0.13.0-3.68.1.x86_64.rpm java-11-openjdk-11.0.13.0-3.68.1.s390x.rpm java-11-openjdk-accessibility-11.0.13.0-3.68.1.s390x.rpm java-11-openjdk-demo-11.0.13.0-3.68.1.s390x.rpm java-11-openjdk-devel-11.0.13.0-3.68.1.s390x.rpm java-11-openjdk-headless-11.0.13.0-3.68.1.s390x.rpm java-11-openjdk-jmods-11.0.13.0-3.68.1.s390x.rpm java-11-openjdk-src-11.0.13.0-3.68.1.s390x.rpm java-11-openjdk-11.0.13.0-3.68.1.ppc64le.rpm java-11-openjdk-accessibility-11.0.13.0-3.68.1.ppc64le.rpm java-11-openjdk-demo-11.0.13.0-3.68.1.ppc64le.rpm java-11-openjdk-devel-11.0.13.0-3.68.1.ppc64le.rpm java-11-openjdk-headless-11.0.13.0-3.68.1.ppc64le.rpm java-11-openjdk-jmods-11.0.13.0-3.68.1.ppc64le.rpm java-11-openjdk-src-11.0.13.0-3.68.1.ppc64le.rpm java-11-openjdk-11.0.13.0-3.68.1.aarch64.rpm java-11-openjdk-accessibility-11.0.13.0-3.68.1.aarch64.rpm java-11-openjdk-demo-11.0.13.0-3.68.1.aarch64.rpm java-11-openjdk-devel-11.0.13.0-3.68.1.aarch64.rpm java-11-openjdk-headless-11.0.13.0-3.68.1.aarch64.rpm java-11-openjdk-jmods-11.0.13.0-3.68.1.aarch64.rpm java-11-openjdk-src-11.0.13.0-3.68.1.aarch64.rpm openSUSE-SLE-15.4-2022-485 moderate SUSE Updates openSUSE-SLE 15.4 This update for tomcat fixes the following issues: - Fix Null Pointer Exception in JNDIRealm, when userRoleAttribute is not set (bsc#1193569) tomcat-9.0.36-16.1.noarch.rpm tomcat-9.0.36-16.1.src.rpm tomcat-admin-webapps-9.0.36-16.1.noarch.rpm tomcat-docs-webapp-9.0.36-16.1.noarch.rpm tomcat-el-3_0-api-9.0.36-16.1.noarch.rpm tomcat-embed-9.0.36-16.1.noarch.rpm tomcat-javadoc-9.0.36-16.1.noarch.rpm tomcat-jsp-2_3-api-9.0.36-16.1.noarch.rpm tomcat-jsvc-9.0.36-16.1.noarch.rpm tomcat-lib-9.0.36-16.1.noarch.rpm tomcat-servlet-4_0-api-9.0.36-16.1.noarch.rpm tomcat-webapps-9.0.36-16.1.noarch.rpm openSUSE-SLE-15.4-2022-465 important SUSE Updates openSUSE-SLE 15.4 This update for xorg-x11-server fixes the following issues: - CVE-2021-4009: The handler for the CreatePointerBarrier request of the XFixes extension does not properly validate the request length leading to out of bounds memory write. (bsc#1190487) - CVE-2021-4010: The handler for the Suspend request of the Screen Saver extension does not properly validate the request length leading to out of bounds memory write. (bsc#1190488) - CVE-2021-4011: The handlers for the RecordCreateContext and RecordRegisterClients requests of the Record extension do not properly validate the request length leading to out of bounds memory write. (bsc#1190489) xorg-x11-server-1.20.3-22.5.42.1.src.rpm xorg-x11-server-wayland-1.20.3-22.5.42.1.x86_64.rpm xorg-x11-server-wayland-1.20.3-22.5.42.1.s390x.rpm xorg-x11-server-wayland-1.20.3-22.5.42.1.ppc64le.rpm xorg-x11-server-wayland-1.20.3-22.5.42.1.aarch64.rpm openSUSE-SLE-15.4-2022-482 moderate SUSE Updates openSUSE-SLE 15.4 This update for libreoffice fixes the following issues: Update LibreOffice from version 7.1.4.2 to 7.2.3.2 (jsc#SLE-18214) - Improve the rendering and loading rendering of shapes. (bsc#1183308) - Removed unrecognized option `--disable-vlc` This option has been removed from upstream in commit https://gerrit.libreoffice.org/c/core/+/108283 There's no real change in our build given that the VLC avmedia backend was explicitly disabled. - Fix gtk popover usage on gtk 3.20 - Revert upstream commit https://gerrit.libreoffice.org/c/core/+/116884 - Fix generated list of files for python scripts - Updating some LibreOffice buildrequires - Fix UI scaling on HIDPI Wayland/KDE screens - Fix inteaction between multi-column shape text and automatic height. (bsc#1187982) - Fix interaction of transparent cell fill and transparent shadow. (bsc#1189813) - Use vendored boost for all codestreams except Tumbleweed. Update boost vendored version. - Add vendored poppler to use for all codestreams except Tumbleweed. - Keep upstream desktop file names (bsc#1183655) and display math icon (bsc#1180479) - Source profile.d/alljava.sh from either /etc (if found) or /usr/etc). libreoffice-7.2.3.2-150300.14.22.15.3.src.rpm libreoffice-7.2.3.2-150300.14.22.15.3.x86_64.rpm libreoffice-base-7.2.3.2-150300.14.22.15.3.x86_64.rpm libreoffice-base-drivers-postgresql-7.2.3.2-150300.14.22.15.3.x86_64.rpm libreoffice-branding-upstream-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-calc-7.2.3.2-150300.14.22.15.3.x86_64.rpm libreoffice-calc-extensions-7.2.3.2-150300.14.22.15.3.x86_64.rpm libreoffice-draw-7.2.3.2-150300.14.22.15.3.x86_64.rpm libreoffice-filters-optional-7.2.3.2-150300.14.22.15.3.x86_64.rpm libreoffice-gdb-pretty-printers-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-glade-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-gnome-7.2.3.2-150300.14.22.15.3.x86_64.rpm libreoffice-gtk3-7.2.3.2-150300.14.22.15.3.x86_64.rpm libreoffice-icon-themes-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-impress-7.2.3.2-150300.14.22.15.3.x86_64.rpm libreoffice-l10n-af-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-am-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-ar-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-as-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-ast-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-be-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-bg-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-bn-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-bn_IN-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-bo-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-br-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-brx-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-bs-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-ca-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-ca_valencia-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-ckb-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-cs-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-cy-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-da-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-de-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-dgo-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-dsb-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-dz-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-el-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-en-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-en_GB-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-en_ZA-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-eo-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-es-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-et-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-eu-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-fa-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-fi-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-fr-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-fur-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-fy-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-ga-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-gd-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-gl-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-gu-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-gug-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-he-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-hi-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-hr-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-hsb-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-hu-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-id-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-is-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-it-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-ja-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-ka-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-kab-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-kk-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-km-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-kmr_Latn-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-kn-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-ko-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-kok-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-ks-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-lb-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-lo-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-lt-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-lv-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-mai-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-mk-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-ml-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-mn-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-mni-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-mr-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-my-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-nb-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-ne-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-nl-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-nn-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-nr-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-nso-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-oc-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-om-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-or-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-pa-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-pl-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-pt_BR-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-pt_PT-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-ro-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-ru-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-rw-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-sa_IN-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-sat-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-sd-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-si-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-sid-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-sk-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-sl-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-sq-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-sr-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-ss-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-st-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-sv-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-sw_TZ-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-szl-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-ta-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-te-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-tg-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-th-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-tn-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-tr-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-ts-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-tt-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-ug-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-uk-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-uz-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-ve-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-vec-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-vi-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-xh-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-zh_CN-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-zh_TW-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-l10n-zu-7.2.3.2-150300.14.22.15.3.noarch.rpm libreoffice-librelogo-7.2.3.2-150300.14.22.15.3.x86_64.rpm libreoffice-mailmerge-7.2.3.2-150300.14.22.15.3.x86_64.rpm libreoffice-math-7.2.3.2-150300.14.22.15.3.x86_64.rpm libreoffice-officebean-7.2.3.2-150300.14.22.15.3.x86_64.rpm libreoffice-pyuno-7.2.3.2-150300.14.22.15.3.x86_64.rpm libreoffice-qt5-7.2.3.2-150300.14.22.15.3.x86_64.rpm libreoffice-sdk-7.2.3.2-150300.14.22.15.3.x86_64.rpm libreoffice-sdk-doc-7.2.3.2-150300.14.22.15.3.x86_64.rpm libreoffice-writer-7.2.3.2-150300.14.22.15.3.x86_64.rpm libreoffice-writer-extensions-7.2.3.2-150300.14.22.15.3.x86_64.rpm libreofficekit-7.2.3.2-150300.14.22.15.3.x86_64.rpm libreofficekit-devel-7.2.3.2-150300.14.22.15.3.x86_64.rpm libreoffice-7.2.3.2-150300.14.22.15.3.ppc64le.rpm libreoffice-base-7.2.3.2-150300.14.22.15.3.ppc64le.rpm libreoffice-base-drivers-postgresql-7.2.3.2-150300.14.22.15.3.ppc64le.rpm libreoffice-calc-7.2.3.2-150300.14.22.15.3.ppc64le.rpm libreoffice-calc-extensions-7.2.3.2-150300.14.22.15.3.ppc64le.rpm libreoffice-draw-7.2.3.2-150300.14.22.15.3.ppc64le.rpm libreoffice-filters-optional-7.2.3.2-150300.14.22.15.3.ppc64le.rpm libreoffice-gnome-7.2.3.2-150300.14.22.15.3.ppc64le.rpm libreoffice-gtk3-7.2.3.2-150300.14.22.15.3.ppc64le.rpm libreoffice-impress-7.2.3.2-150300.14.22.15.3.ppc64le.rpm libreoffice-librelogo-7.2.3.2-150300.14.22.15.3.ppc64le.rpm libreoffice-mailmerge-7.2.3.2-150300.14.22.15.3.ppc64le.rpm libreoffice-math-7.2.3.2-150300.14.22.15.3.ppc64le.rpm libreoffice-officebean-7.2.3.2-150300.14.22.15.3.ppc64le.rpm libreoffice-pyuno-7.2.3.2-150300.14.22.15.3.ppc64le.rpm libreoffice-qt5-7.2.3.2-150300.14.22.15.3.ppc64le.rpm libreoffice-sdk-7.2.3.2-150300.14.22.15.3.ppc64le.rpm libreoffice-sdk-doc-7.2.3.2-150300.14.22.15.3.ppc64le.rpm libreoffice-writer-7.2.3.2-150300.14.22.15.3.ppc64le.rpm libreoffice-writer-extensions-7.2.3.2-150300.14.22.15.3.ppc64le.rpm libreofficekit-7.2.3.2-150300.14.22.15.3.ppc64le.rpm libreofficekit-devel-7.2.3.2-150300.14.22.15.3.ppc64le.rpm libreoffice-7.2.3.2-150300.14.22.15.3.aarch64.rpm libreoffice-base-7.2.3.2-150300.14.22.15.3.aarch64.rpm libreoffice-base-drivers-postgresql-7.2.3.2-150300.14.22.15.3.aarch64.rpm libreoffice-calc-7.2.3.2-150300.14.22.15.3.aarch64.rpm libreoffice-calc-extensions-7.2.3.2-150300.14.22.15.3.aarch64.rpm libreoffice-draw-7.2.3.2-150300.14.22.15.3.aarch64.rpm libreoffice-filters-optional-7.2.3.2-150300.14.22.15.3.aarch64.rpm libreoffice-gnome-7.2.3.2-150300.14.22.15.3.aarch64.rpm libreoffice-gtk3-7.2.3.2-150300.14.22.15.3.aarch64.rpm libreoffice-impress-7.2.3.2-150300.14.22.15.3.aarch64.rpm libreoffice-librelogo-7.2.3.2-150300.14.22.15.3.aarch64.rpm libreoffice-mailmerge-7.2.3.2-150300.14.22.15.3.aarch64.rpm libreoffice-math-7.2.3.2-150300.14.22.15.3.aarch64.rpm libreoffice-officebean-7.2.3.2-150300.14.22.15.3.aarch64.rpm libreoffice-pyuno-7.2.3.2-150300.14.22.15.3.aarch64.rpm libreoffice-qt5-7.2.3.2-150300.14.22.15.3.aarch64.rpm libreoffice-sdk-7.2.3.2-150300.14.22.15.3.aarch64.rpm libreoffice-sdk-doc-7.2.3.2-150300.14.22.15.3.aarch64.rpm libreoffice-writer-7.2.3.2-150300.14.22.15.3.aarch64.rpm libreoffice-writer-extensions-7.2.3.2-150300.14.22.15.3.aarch64.rpm libreofficekit-7.2.3.2-150300.14.22.15.3.aarch64.rpm libreofficekit-devel-7.2.3.2-150300.14.22.15.3.aarch64.rpm openSUSE-SLE-15.4-2022-35 low SUSE Updates openSUSE-SLE 15.4 This update for telnet fixes the following issues: - Update Source location to use Gentoo mirror, fixes bsc#1129925 telnet-1.2-3.3.1.src.rpm telnet-1.2-3.3.1.x86_64.rpm telnet-server-1.2-3.3.1.x86_64.rpm telnet-1.2-3.3.1.s390x.rpm telnet-server-1.2-3.3.1.s390x.rpm telnet-1.2-3.3.1.ppc64le.rpm telnet-server-1.2-3.3.1.ppc64le.rpm telnet-1.2-3.3.1.aarch64.rpm telnet-server-1.2-3.3.1.aarch64.rpm openSUSE-SLE-15.4-2022-187 moderate SUSE Updates openSUSE-SLE 15.4 This update for vsftpd fixes the following issues: - Fix several issues related to SSL/TLS support (bsc#1021387) - Fix a seccomp failure that used to occur in FIPS mode when SSL is enabled (bsc#1052900) - Fix seccomp bug where the process would hang trying access syslog (bsc#971784) vsftpd-3.0.3-12.6.1.src.rpm vsftpd-3.0.3-12.6.1.x86_64.rpm vsftpd-3.0.3-12.6.1.ppc64le.rpm vsftpd-3.0.3-12.6.1.aarch64.rpm openSUSE-SLE-15.4-2022-52 important SUSE Updates openSUSE-SLE 15.4 This update for libsndfile fixes the following issues: - CVE-2021-4156: Fixed heap buffer overflow in flac_buffer_copy that could potentially lead to heap exploitation (bsc#1194006). libsndfile-1.0.28-5.15.1.src.rpm libsndfile-devel-1.0.28-5.15.1.x86_64.rpm libsndfile-progs-1.0.28-5.15.1.src.rpm libsndfile-progs-1.0.28-5.15.1.x86_64.rpm libsndfile1-1.0.28-5.15.1.x86_64.rpm libsndfile1-32bit-1.0.28-5.15.1.x86_64.rpm libsndfile-devel-1.0.28-5.15.1.s390x.rpm libsndfile-progs-1.0.28-5.15.1.s390x.rpm libsndfile1-1.0.28-5.15.1.s390x.rpm libsndfile-devel-1.0.28-5.15.1.ppc64le.rpm libsndfile-progs-1.0.28-5.15.1.ppc64le.rpm libsndfile1-1.0.28-5.15.1.ppc64le.rpm libsndfile-devel-1.0.28-5.15.1.aarch64.rpm libsndfile-progs-1.0.28-5.15.1.aarch64.rpm libsndfile1-1.0.28-5.15.1.aarch64.rpm openSUSE-SLE-15.4-2022-69 low SUSE Updates openSUSE-SLE 15.4 This update for libmspack fixes the following issues: - CVE-2018-18586: Fixed directory traversal in chmextract by adding anti "../" and leading slash protection (bsc#1113040). libmspack-0.6-3.14.1.src.rpm libmspack-devel-0.6-3.14.1.x86_64.rpm libmspack0-0.6-3.14.1.x86_64.rpm libmspack0-32bit-0.6-3.14.1.x86_64.rpm mspack-tools-0.6-3.14.1.x86_64.rpm libmspack-devel-0.6-3.14.1.s390x.rpm libmspack0-0.6-3.14.1.s390x.rpm mspack-tools-0.6-3.14.1.s390x.rpm libmspack-devel-0.6-3.14.1.ppc64le.rpm libmspack0-0.6-3.14.1.ppc64le.rpm mspack-tools-0.6-3.14.1.ppc64le.rpm libmspack-devel-0.6-3.14.1.aarch64.rpm libmspack0-0.6-3.14.1.aarch64.rpm mspack-tools-0.6-3.14.1.aarch64.rpm openSUSE-SLE-15.4-2022-62 important SUSE Updates openSUSE-SLE 15.4 This update for openexr fixes the following issues: - CVE-2021-45942: Fixed heap-based buffer overflow in Imf_3_1:LineCompositeTask:execute. (bsc#1194333) libIlmImf-2_2-23-2.2.1-3.41.1.x86_64.rpm libIlmImf-2_2-23-32bit-2.2.1-3.41.1.x86_64.rpm libIlmImfUtil-2_2-23-2.2.1-3.41.1.x86_64.rpm libIlmImfUtil-2_2-23-32bit-2.2.1-3.41.1.x86_64.rpm openexr-2.2.1-3.41.1.src.rpm openexr-2.2.1-3.41.1.x86_64.rpm openexr-devel-2.2.1-3.41.1.x86_64.rpm openexr-doc-2.2.1-3.41.1.x86_64.rpm libIlmImf-2_2-23-2.2.1-3.41.1.s390x.rpm libIlmImfUtil-2_2-23-2.2.1-3.41.1.s390x.rpm openexr-2.2.1-3.41.1.s390x.rpm openexr-devel-2.2.1-3.41.1.s390x.rpm openexr-doc-2.2.1-3.41.1.s390x.rpm libIlmImf-2_2-23-2.2.1-3.41.1.ppc64le.rpm libIlmImfUtil-2_2-23-2.2.1-3.41.1.ppc64le.rpm openexr-2.2.1-3.41.1.ppc64le.rpm openexr-devel-2.2.1-3.41.1.ppc64le.rpm openexr-doc-2.2.1-3.41.1.ppc64le.rpm libIlmImf-2_2-23-2.2.1-3.41.1.aarch64.rpm libIlmImfUtil-2_2-23-2.2.1-3.41.1.aarch64.rpm openexr-2.2.1-3.41.1.aarch64.rpm openexr-devel-2.2.1-3.41.1.aarch64.rpm openexr-doc-2.2.1-3.41.1.aarch64.rpm openSUSE-SLE-15.4-2022-182 important SUSE Updates openSUSE-SLE 15.4 This update for webkit2gtk3 fixes the following issues: - Update to version 2.34.3 (bsc#1194019). - CVE-2021-30887: Fixed logic issue allowing unexpectedly unenforced Content Security Policy when processing maliciously crafted web content. - CVE-2021-30890: Fixed logic issue allowing universal cross site scripting when processing maliciously crafted web content. libwebkit2gtk3-lang-2.34.3-23.3.noarch.rpm webkit2gtk3-2.34.3-23.3.src.rpm openSUSE-SLE-15.4-2022-188 moderate SUSE Updates openSUSE-SLE 15.4 This update for hunspell fixes the following issues: - Fix myspell english dictionary not being installed (bsc#1193627) hunspell-1.6.2-3.8.1.src.rpm hunspell-1.6.2-3.8.1.x86_64.rpm hunspell-devel-1.6.2-3.8.1.x86_64.rpm hunspell-devel-32bit-1.6.2-3.8.1.x86_64.rpm hunspell-tools-1.6.2-3.8.1.x86_64.rpm libhunspell-1_6-0-1.6.2-3.8.1.x86_64.rpm libhunspell-1_6-0-32bit-1.6.2-3.8.1.x86_64.rpm hunspell-1.6.2-3.8.1.s390x.rpm hunspell-devel-1.6.2-3.8.1.s390x.rpm hunspell-tools-1.6.2-3.8.1.s390x.rpm libhunspell-1_6-0-1.6.2-3.8.1.s390x.rpm hunspell-1.6.2-3.8.1.ppc64le.rpm hunspell-devel-1.6.2-3.8.1.ppc64le.rpm hunspell-tools-1.6.2-3.8.1.ppc64le.rpm libhunspell-1_6-0-1.6.2-3.8.1.ppc64le.rpm hunspell-1.6.2-3.8.1.aarch64.rpm hunspell-devel-1.6.2-3.8.1.aarch64.rpm hunspell-tools-1.6.2-3.8.1.aarch64.rpm libhunspell-1_6-0-1.6.2-3.8.1.aarch64.rpm openSUSE-SLE-15.4-2022-1098 moderate SUSE Updates openSUSE-SLE 15.4 This update for davfs2 fixes the following issues: - Fix potential crash on umount (bsc#1194537) - Check for valid server etag property (bsc#1193733) - Fix cached file attributes (bsc#1188967) davfs2-1.5.4-150000.3.8.1.ppc64le.rpm davfs2-1.5.4-150000.3.8.1.src.rpm davfs2-1.5.4-150000.3.8.1.x86_64.rpm davfs2-1.5.4-150000.3.8.1.aarch64.rpm davfs2-1.5.4-150000.3.8.1.s390x.rpm openSUSE-SLE-15.4-2022-87 moderate SUSE Updates openSUSE-SLE 15.4 This update for go1.16 fixes the following issues: Update to go1.16.13 (bsc#1182345) - it includes fixes to the compiler, linker, runtime, and the net/http package. * x/net/http2: `http.Server.WriteTimeout` does not fire if the http2 stream's window is out of space. * runtime/race: building for iOS, but linking in object file built for macOS * runtime: race detector `SIGABRT` or `SIGSEGV` on macOS Monterey * runtime: mallocs cause "base outside usable address space" panic when running on iOS 14 * cmd/link: does not set section type of `.init_array` correctly * cmd/link: support more load commands on `Mach-O` * cmd/compile: internal compiler error: `Op...LECall and OpDereference have mismatched mem` go1.16-1.16.13-1.40.1.src.rpm go1.16-1.16.13-1.40.1.x86_64.rpm go1.16-doc-1.16.13-1.40.1.x86_64.rpm go1.16-race-1.16.13-1.40.1.x86_64.rpm go1.16-1.16.13-1.40.1.s390x.rpm go1.16-doc-1.16.13-1.40.1.s390x.rpm go1.16-1.16.13-1.40.1.ppc64le.rpm go1.16-doc-1.16.13-1.40.1.ppc64le.rpm go1.16-1.16.13-1.40.1.aarch64.rpm go1.16-doc-1.16.13-1.40.1.aarch64.rpm go1.16-race-1.16.13-1.40.1.aarch64.rpm openSUSE-SLE-15.4-2022-88 moderate SUSE Updates openSUSE-SLE 15.4 This update for ghostscript fixes the following issues: - CVE-2021-45944: Fixed use-after-free in sampled_data_sample (bsc#1194303) - CVE-2021-45949: Fixed heap-based buffer overflow in sampled_data_finish (bsc#1194304) ghostscript-9.52-161.1.src.rpm ghostscript-9.52-161.1.x86_64.rpm ghostscript-devel-9.52-161.1.x86_64.rpm ghostscript-x11-9.52-161.1.x86_64.rpm ghostscript-9.52-161.1.s390x.rpm ghostscript-devel-9.52-161.1.s390x.rpm ghostscript-x11-9.52-161.1.s390x.rpm ghostscript-9.52-161.1.ppc64le.rpm ghostscript-devel-9.52-161.1.ppc64le.rpm ghostscript-x11-9.52-161.1.ppc64le.rpm ghostscript-9.52-161.1.aarch64.rpm ghostscript-devel-9.52-161.1.aarch64.rpm ghostscript-x11-9.52-161.1.aarch64.rpm openSUSE-SLE-15.4-2022-100 moderate SUSE Updates openSUSE-SLE 15.4 This update for hwdata fixes the following issues: - Update hwdata from version 0.353 to 0.355 which includes updated pci, usb and vendor ids (bsc#1194338) hwdata-0.355-3.39.1.noarch.rpm hwdata-0.355-3.39.1.src.rpm openSUSE-SLE-15.4-2022-104 important SUSE Updates openSUSE-SLE 15.4 This update for SDL2 fixes the following issues: - CVE-2020-14409: Fixed Integer Overflow resulting in heap corruption in SDL_BlitCopy in video/SDL_blit_copy.c via a crafted .BMP (bsc#1181202). - CVE-2020-14410: Fixed heap-based buffer over-read in Blit_3or4_to_3or4__inversed_rgb in video/SDL_blit_N.c via a crafted .BMP (bsc#1181201). SDL2-2.0.8-11.3.1.src.rpm libSDL2-2_0-0-2.0.8-11.3.1.x86_64.rpm libSDL2-2_0-0-32bit-2.0.8-11.3.1.x86_64.rpm libSDL2-devel-2.0.8-11.3.1.x86_64.rpm libSDL2-devel-32bit-2.0.8-11.3.1.x86_64.rpm libSDL2-2_0-0-2.0.8-11.3.1.s390x.rpm libSDL2-devel-2.0.8-11.3.1.s390x.rpm libSDL2-2_0-0-2.0.8-11.3.1.ppc64le.rpm libSDL2-devel-2.0.8-11.3.1.ppc64le.rpm libSDL2-2_0-0-2.0.8-11.3.1.aarch64.rpm libSDL2-devel-2.0.8-11.3.1.aarch64.rpm openSUSE-SLE-15.4-2022-228 moderate SUSE Updates openSUSE-SLE 15.4 This update for boost fixes the following issues: - Fix compilation errors (bsc#1194522) boost-1.66.0-12.3.1.src.rpm libboost_mpi_python-py2_7-1_66_0-1.66.0-12.3.1.x86_64.rpm libboost_mpi_python-py2_7-1_66_0-devel-1.66.0-12.3.1.x86_64.rpm libboost_numpy-py2_7-1_66_0-1.66.0-12.3.1.x86_64.rpm libboost_numpy-py2_7-1_66_0-devel-1.66.0-12.3.1.x86_64.rpm libboost_python-py2_7-1_66_0-1.66.0-12.3.1.x86_64.rpm libboost_python-py2_7-1_66_0-32bit-1.66.0-12.3.1.x86_64.rpm libboost_python-py2_7-1_66_0-devel-1.66.0-12.3.1.x86_64.rpm python2-boost_parallel_mpi1_66_0-1.66.0-12.3.1.x86_64.rpm libboost_mpi_python-py2_7-1_66_0-1.66.0-12.3.1.s390x.rpm libboost_mpi_python-py2_7-1_66_0-devel-1.66.0-12.3.1.s390x.rpm libboost_numpy-py2_7-1_66_0-1.66.0-12.3.1.s390x.rpm libboost_numpy-py2_7-1_66_0-devel-1.66.0-12.3.1.s390x.rpm libboost_python-py2_7-1_66_0-1.66.0-12.3.1.s390x.rpm libboost_python-py2_7-1_66_0-devel-1.66.0-12.3.1.s390x.rpm python2-boost_parallel_mpi1_66_0-1.66.0-12.3.1.s390x.rpm libboost_mpi_python-py2_7-1_66_0-1.66.0-12.3.1.ppc64le.rpm libboost_mpi_python-py2_7-1_66_0-devel-1.66.0-12.3.1.ppc64le.rpm libboost_numpy-py2_7-1_66_0-1.66.0-12.3.1.ppc64le.rpm libboost_numpy-py2_7-1_66_0-devel-1.66.0-12.3.1.ppc64le.rpm libboost_python-py2_7-1_66_0-1.66.0-12.3.1.ppc64le.rpm libboost_python-py2_7-1_66_0-devel-1.66.0-12.3.1.ppc64le.rpm python2-boost_parallel_mpi1_66_0-1.66.0-12.3.1.ppc64le.rpm libboost_mpi_python-py2_7-1_66_0-1.66.0-12.3.1.aarch64.rpm libboost_mpi_python-py2_7-1_66_0-devel-1.66.0-12.3.1.aarch64.rpm libboost_numpy-py2_7-1_66_0-1.66.0-12.3.1.aarch64.rpm libboost_numpy-py2_7-1_66_0-devel-1.66.0-12.3.1.aarch64.rpm libboost_python-py2_7-1_66_0-1.66.0-12.3.1.aarch64.rpm libboost_python-py2_7-1_66_0-devel-1.66.0-12.3.1.aarch64.rpm python2-boost_parallel_mpi1_66_0-1.66.0-12.3.1.aarch64.rpm openSUSE-SLE-15.4-2022-184 important SUSE Updates openSUSE-SLE 15.4 This update for json-c fixes the following issues: - CVE-2020-12762: Fixed integer overflow and out-of-bounds write. (bsc#1171479) json-c-0.13-3.3.1.src.rpm libjson-c-devel-0.13-3.3.1.x86_64.rpm libjson-c-doc-0.13-3.3.1.noarch.rpm libjson-c3-0.13-3.3.1.x86_64.rpm libjson-c3-32bit-0.13-3.3.1.x86_64.rpm libjson-c-devel-0.13-3.3.1.s390x.rpm libjson-c3-0.13-3.3.1.s390x.rpm libjson-c-devel-0.13-3.3.1.ppc64le.rpm libjson-c3-0.13-3.3.1.ppc64le.rpm libjson-c-devel-0.13-3.3.1.aarch64.rpm libjson-c3-0.13-3.3.1.aarch64.rpm openSUSE-SLE-15.4-2022-222 moderate SUSE Updates openSUSE-SLE 15.4 This update for xrdp fixes the following issues: - Fix crash in xrdp-fate318398-change-expired-password.patch (bsc#1187258) libpainter0-0.9.13.1-4.12.1.x86_64.rpm librfxencode0-0.9.13.1-4.12.1.x86_64.rpm xrdp-0.9.13.1-4.12.1.src.rpm xrdp-0.9.13.1-4.12.1.x86_64.rpm xrdp-devel-0.9.13.1-4.12.1.x86_64.rpm libpainter0-0.9.13.1-4.12.1.s390x.rpm librfxencode0-0.9.13.1-4.12.1.s390x.rpm xrdp-0.9.13.1-4.12.1.s390x.rpm xrdp-devel-0.9.13.1-4.12.1.s390x.rpm libpainter0-0.9.13.1-4.12.1.ppc64le.rpm librfxencode0-0.9.13.1-4.12.1.ppc64le.rpm xrdp-0.9.13.1-4.12.1.ppc64le.rpm xrdp-devel-0.9.13.1-4.12.1.ppc64le.rpm libpainter0-0.9.13.1-4.12.1.aarch64.rpm librfxencode0-0.9.13.1-4.12.1.aarch64.rpm xrdp-0.9.13.1-4.12.1.aarch64.rpm xrdp-devel-0.9.13.1-4.12.1.aarch64.rpm openSUSE-SLE-15.4-2022-141 moderate SUSE Updates openSUSE-SLE 15.4 This update for permissions fixes the following issues: - Update to version 20181225: setuid bit for cockpit session binary (bsc#1169614). permissions-20181225-23.12.1.src.rpm permissions-20181225-23.12.1.x86_64.rpm permissions-zypp-plugin-20181225-23.12.1.noarch.rpm permissions-20181225-23.12.1.s390x.rpm permissions-20181225-23.12.1.ppc64le.rpm permissions-20181225-23.12.1.aarch64.rpm openSUSE-SLE-15.4-2022-210 low SUSE Updates openSUSE-SLE 15.4 This update for qemu fixes the following issues: - CVE-2020-13253: Fixed an OOB access that could crash the guest resulting in DoS (bsc#1172033) - CVE-2021-20196: Fixed null pointer dereference that may lead to guest crash (bsc#1181361). qemu-4.2.1-11.34.2.src.rpm qemu-s390-4.2.1-11.34.2.x86_64.rpm qemu-s390-4.2.1-11.34.2.s390x.rpm qemu-s390-4.2.1-11.34.2.ppc64le.rpm qemu-s390-4.2.1-11.34.2.aarch64.rpm openSUSE-SLE-15.4-2022-150 important SUSE Updates openSUSE-SLE 15.4 This update for aide fixes the following issues: - CVE-2021-45417: Fix a bufferoverflow in base64 functions (bsc#1194735) aide-0.16-24.1.src.rpm aide-0.16-24.1.x86_64.rpm aide-test-0.16-24.1.x86_64.rpm aide-0.16-24.1.s390x.rpm aide-test-0.16-24.1.s390x.rpm aide-0.16-24.1.ppc64le.rpm aide-test-0.16-24.1.ppc64le.rpm aide-0.16-24.1.aarch64.rpm aide-test-0.16-24.1.aarch64.rpm openSUSE-SLE-15.4-2022-493 important SUSE Updates openSUSE-SLE 15.4 This update for clamav fixes the following issues: - CVE-2022-20698: Fixed invalid pointer read allowing denial of service crash. (bsc#1194731) clamav-0.103.5-3.35.1.src.rpm clamav-0.103.5-3.35.1.x86_64.rpm clamav-devel-0.103.5-3.35.1.x86_64.rpm libclamav9-0.103.5-3.35.1.x86_64.rpm libfreshclam2-0.103.5-3.35.1.x86_64.rpm clamav-0.103.5-3.35.1.s390x.rpm clamav-devel-0.103.5-3.35.1.s390x.rpm libclamav9-0.103.5-3.35.1.s390x.rpm libfreshclam2-0.103.5-3.35.1.s390x.rpm clamav-0.103.5-3.35.1.ppc64le.rpm clamav-devel-0.103.5-3.35.1.ppc64le.rpm libclamav9-0.103.5-3.35.1.ppc64le.rpm libfreshclam2-0.103.5-3.35.1.ppc64le.rpm clamav-0.103.5-3.35.1.aarch64.rpm clamav-devel-0.103.5-3.35.1.aarch64.rpm libclamav9-0.103.5-3.35.1.aarch64.rpm libfreshclam2-0.103.5-3.35.1.aarch64.rpm openSUSE-SLE-15.4-2022-157 important SUSE Updates openSUSE-SLE 15.4 This update for zxing-cpp fixes the following issues: - CVE-2021-28021: Fixed buffer overflow vulnerability in function stbi__extend_receive in stb_image.h via a crafted JPEG file. (bsc#1191743). - CVE-2021-42715: Fixed buffer overflow in stb_image PNM loader (bsc#1191942). - CVE-2021-42716: Fixed denial of service in stb_image HDR loader when reading crafted HDR files (bsc#1191944). libZXing1-1.2.0-9.7.1.x86_64.rpm libZXing1-32bit-1.2.0-9.7.1.x86_64.rpm zxing-cpp-1.2.0-9.7.1.src.rpm zxing-cpp-devel-1.2.0-9.7.1.x86_64.rpm libZXing1-1.2.0-9.7.1.s390x.rpm zxing-cpp-devel-1.2.0-9.7.1.s390x.rpm libZXing1-1.2.0-9.7.1.ppc64le.rpm zxing-cpp-devel-1.2.0-9.7.1.ppc64le.rpm libZXing1-1.2.0-9.7.1.aarch64.rpm zxing-cpp-devel-1.2.0-9.7.1.aarch64.rpm openSUSE-SLE-15.4-2022-176 important SUSE Updates openSUSE-SLE 15.4 This update for unbound fixes the following issues: - CVE-2019-25031: Fixed configuration injection in create_unbound_ad_servers.sh upon a successful man-in-the-middle attack (bsc#1185382). - CVE-2019-25032: Fixed integer overflow in the regional allocator via regional_alloc (bsc#1185383). - CVE-2019-25033: Fixed integer overflow in the regional allocator via the ALIGN_UP macro (bsc#1185384). - CVE-2019-25034: Fixed integer overflow in sldns_str2wire_dname_buf_origin, leading to an out-of-bounds write (bsc#1185385). - CVE-2019-25035: Fixed out-of-bounds write in sldns_bget_token_par (bsc#1185386). - CVE-2019-25036: Fixed assertion failure and denial of service in synth_cname (bsc#1185387). - CVE-2019-25037: Fixed assertion failure and denial of service in dname_pkt_copy via an invalid packet (bsc#1185388). - CVE-2019-25038: Fixed integer overflow in a size calculation in dnscrypt/dnscrypt.c (bsc#1185389). - CVE-2019-25039: Fixed integer overflow in a size calculation in respip/respip.c (bsc#1185390). - CVE-2019-25040: Fixed infinite loop via a compressed name in dname_pkt_copy (bsc#1185391). - CVE-2019-25041: Fixed assertion failure via a compressed name in dname_pkt_copy (bsc#1185392). - CVE-2019-25042: Fixed out-of-bounds write via a compressed name in rdata_copy (bsc#1185393). - CVE-2020-28935: Fixed symbolic link traversal when writing PID file (bsc#1179191). libunbound2-1.6.8-10.6.1.x86_64.rpm unbound-1.6.8-10.6.1.src.rpm unbound-1.6.8-10.6.1.x86_64.rpm unbound-anchor-1.6.8-10.6.1.x86_64.rpm unbound-devel-1.6.8-10.6.1.x86_64.rpm unbound-munin-1.6.8-10.6.1.noarch.rpm unbound-python-1.6.8-10.6.1.x86_64.rpm libunbound2-1.6.8-10.6.1.s390x.rpm unbound-1.6.8-10.6.1.s390x.rpm unbound-anchor-1.6.8-10.6.1.s390x.rpm unbound-devel-1.6.8-10.6.1.s390x.rpm unbound-python-1.6.8-10.6.1.s390x.rpm libunbound2-1.6.8-10.6.1.ppc64le.rpm unbound-1.6.8-10.6.1.ppc64le.rpm unbound-anchor-1.6.8-10.6.1.ppc64le.rpm unbound-devel-1.6.8-10.6.1.ppc64le.rpm unbound-python-1.6.8-10.6.1.ppc64le.rpm libunbound2-1.6.8-10.6.1.aarch64.rpm unbound-1.6.8-10.6.1.aarch64.rpm unbound-anchor-1.6.8-10.6.1.aarch64.rpm unbound-devel-1.6.8-10.6.1.aarch64.rpm unbound-python-1.6.8-10.6.1.aarch64.rpm openSUSE-SLE-15.4-2022-226 important SUSE Updates openSUSE-SLE 15.4 This update for log4j12 fixes the following issues: - CVE-2022-23307: Fix deserialization issue by removing the chainsaw sub-package. (bsc#1194844) - CVE-2022-23305: Fix SQL injection by removing src/main/java/org/apache/log4j/jdbc/JDBCAppender.java. (bsc#1194843) - CVE-2022-23302: Fix remote code execution by removing src/main/java/org/apache/log4j/net/JMSSink.java. (bsc#1194842) log4j12-1.2.17-4.9.1.noarch.rpm log4j12-1.2.17-4.9.1.src.rpm log4j12-javadoc-1.2.17-4.9.1.noarch.rpm log4j12-manual-1.2.17-4.9.1.noarch.rpm openSUSE-SLE-15.4-2022-198 important SUSE Updates openSUSE-SLE 15.4 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-0185: Incorrect param length parsing in legacy_parse_param which could have led to a local privilege escalation (bsc#1194517). - CVE-2022-0322: Fixed a denial of service in SCTP sctp_addto_chunk (bsc#1194985). - CVE-2021-4197: Fixed a cgroup issue where lower privileged processes could write to fds of lower privileged ones that could lead to privilege escalation (bsc#1194302). - CVE-2021-46283: nf_tables_newset in net/netfilter/nf_tables_api.c in the Linux kernel allowed local users to cause a denial of service (NULL pointer dereference and general protection fault) because of the missing initialization for nft_set_elem_expr_alloc. A local user can set a netfilter table expression in their own namespace (bnc#1194518). - CVE-2021-4135: Fixed an information leak in the nsim_bpf_map_alloc function (bsc#1193927). - CVE-2021-4202: Fixed a race condition during NFC device remove which could lead to a use-after-free memory corruption (bsc#1194529) - CVE-2021-4083: A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition. This flaw allowed a local user to crash the system or escalate their privileges on the system. This flaw affects Linux kernel versions prior to 5.16-rc4 (bnc#1193727). - CVE-2021-4149: Fixed a locking condition in btrfs which could lead to system deadlocks (bsc#1194001). - CVE-2021-45485: In the IPv6 implementation in net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses (bnc#1194094). - CVE-2021-45486: In the IPv4 implementation in net/ipv4/route.c has an information leak because the hash table is very small (bnc#1194087). The following non-security bugs were fixed: - ACPI: APD: Check for NULL pointer after calling devm_ioremap() (git-fixes). - ACPI: Add stubs for wakeup handler functions (git-fixes). - ACPI: scan: Create platform device for BCM4752 and LNV4752 ACPI nodes (git-fixes). - ALSA: PCM: Add missing rwsem around snd_ctl_remove() calls (git-fixes). - ALSA: ctl: Fix copy of updated id with element read/write (git-fixes). - ALSA: drivers: opl3: Fix incorrect use of vp->state (git-fixes). - ALSA: hda/hdmi: Disable silent stream on GLK (git-fixes). - ALSA: hda/realtek - Add headset Mic support for Lenovo ALC897 platform (git-fixes). - ALSA: hda/realtek - Fix silent output on Gigabyte X570 Aorus Master after reboot from Windows (git-fixes). - ALSA: hda/realtek: Add a quirk for HP OMEN 15 mute LED (git-fixes). - ALSA: hda/realtek: Add quirk for ASRock NUC Box 1100 (git-fixes). - ALSA: hda/realtek: Amp init fixup for HP ZBook 15 G6 (git-fixes). - ALSA: hda/realtek: Fix quirk for Clevo NJ51CU (git-fixes). - ALSA: hda/realtek: Fix quirk for TongFang PHxTxX1 (git-fixes). - ALSA: hda/realtek: Fixes HP Spectre x360 15-eb1xxx speakers (git-fixes). - ALSA: hda/realtek: Headset fixup for Clevo NH77HJQ (git-fixes). - ALSA: hda: Add missing rwsem around snd_ctl_remove() calls (git-fixes). - ALSA: hda: Make proper use of timecounter (git-fixes). - ALSA: jack: Add missing rwsem around snd_ctl_remove() calls (git-fixes). - ALSA: jack: Check the return value of kstrdup() (git-fixes). - ALSA: oss: fix compile error when OSS_DEBUG is enabled (git-fixes). - ALSA: pcm: oss: Fix negative period/buffer sizes (git-fixes). - ALSA: pcm: oss: Handle missing errors in snd_pcm_oss_change_params*() (git-fixes). - ALSA: pcm: oss: Limit the period size to 16MB (git-fixes). - ALSA: usb-audio: Drop superfluous '0' in Presonus Studio 1810c's ID (git-fixes). - ALSA: usb-audio: Line6 HX-Stomp XL USB_ID for 48k-fixed quirk (git-fixes). - ASoC: codecs: wcd934x: handle channel mappping list correctly (git-fixes). - ASoC: codecs: wcd934x: return correct value from mixer put (git-fixes). - ASoC: codecs: wcd934x: return error code correctly from hw_params (git-fixes). - ASoC: codecs: wsa881x: fix return values from kcontrol put (git-fixes). - ASoC: cs42l42: Correct configuring of switch inversion from ts-inv (git-fixes). - ASoC: cs42l42: Disable regulators if probe fails (git-fixes). - ASoC: cs42l42: Use device_property API instead of of_property (git-fixes). - ASoC: fsl_asrc: refine the check of available clock divider (git-fixes). - ASoC: fsl_mqs: fix MODULE_ALIAS (git-fixes). - ASoC: mediatek: Check for error clk pointer (git-fixes). - ASoC: meson: aiu: Move AIU_I2S_MISC hold setting to aiu-fifo-i2s (git-fixes). - ASoC: meson: aiu: fifo: Add missing dma_coerce_mask_and_coherent() (git-fixes). - ASoC: qdsp6: q6routing: Fix return value from msm_routing_put_audio_mixer (git-fixes). - ASoC: rt5663: Handle device_property_read_u32_array error codes (git-fixes). - ASoC: samsung: idma: Check of ioremap return value (git-fixes). - ASoC: soc-core: fix null-ptr-deref in snd_soc_del_component_unlocked() (git-fixes). - ASoC: sunxi: fix a sound binding broken reference (git-fixes). - ASoC: tegra: Fix kcontrol put callback in ADMAIF (git-fixes). - ASoC: tegra: Fix kcontrol put callback in AHUB (git-fixes). - ASoC: tegra: Fix kcontrol put callback in DMIC (git-fixes). - ASoC: tegra: Fix kcontrol put callback in DSPK (git-fixes). - ASoC: tegra: Fix kcontrol put callback in I2S (git-fixes). - ASoC: tegra: Fix wrong value type in ADMAIF (git-fixes). - ASoC: tegra: Fix wrong value type in DMIC (git-fixes). - ASoC: tegra: Fix wrong value type in DSPK (git-fixes). - ASoC: tegra: Fix wrong value type in I2S (git-fixes). - ASoC: uniphier: drop selecting non-existing SND_SOC_UNIPHIER_AIO_DMA (git-fixes). - Add cherry-picked IDs for qemu fw_cfg patches - Bluetooth: L2CAP: Fix using wrong mode (git-fixes). - Bluetooth: bfusb: fix division by zero in send path (git-fixes). - Bluetooth: btmtksdio: fix resume failure (git-fixes). - Bluetooth: btusb: fix memory leak in btusb_mtk_submit_wmt_recv_urb() (git-fixes). - Bluetooth: cmtp: fix possible panic when cmtp_init_sockets() fails (git-fixes). - Bluetooth: hci_bcm: Check for error irq (git-fixes). - Bluetooth: hci_qca: Stop IBS timer during BT OFF (git-fixes). - Bluetooth: stop proccessing malicious adv data (git-fixes). - Documentation: ACPI: Fix data node reference documentation (git-fixes). - Documentation: dmaengine: Correctly describe dmatest with channel unset (git-fixes). - Documentation: refer to config RANDOMIZE_BASE for kernel address-space randomization (git-fixes). - HID: add USB_HID dependancy to hid-chicony (git-fixes). - HID: add USB_HID dependancy to hid-prodikeys (git-fixes). - HID: asus: Add depends on USB_HID to HID_ASUS Kconfig option (git-fixes). - HID: bigbenff: prevent null pointer dereference (git-fixes). - HID: google: add eel USB id (git-fixes). - HID: hid-uclogic-params: Invalid parameter check in uclogic_params_frame_init_v1_buttonpad (git-fixes). - HID: hid-uclogic-params: Invalid parameter check in uclogic_params_get_str_desc (git-fixes). - HID: hid-uclogic-params: Invalid parameter check in uclogic_params_huion_init (git-fixes). - HID: hid-uclogic-params: Invalid parameter check in uclogic_params_init (git-fixes). - HID: quirks: Add quirk for the Microsoft Surface 3 type-cover (git-fixes). - Input: appletouch - initialize work before device registration (git-fixes). - Input: atmel_mxt_ts - fix double free in mxt_read_info_block (git-fixes). - Input: elantech - fix stack out of bound access in elantech_change_report_id() (git-fixes). - Input: i8042 - add deferred probe support (bsc#1190256). - Input: i8042 - enable deferred probe quirk for ASUS UM325UA (bsc#1190256). - Input: max8925_onkey - do not mark comment as kernel-doc (git-fixes). - Input: spaceball - fix parsing of movement data packets (git-fixes). - Input: ti_am335x_tsc - fix STEPCONFIG setup for Z2 (git-fixes). - Input: ti_am335x_tsc - set ADCREFM for X configuration (git-fixes). - Move upstreamed patches into sorted section - NFC: st21nfca: Fix memory leak in device probe and remove (git-fixes). - NFSD: Fix zero-length NFSv3 WRITEs (git-fixes). - NFSv42: Do not fail clone() unless the OP_CLONE operation failed (git-fixes). - NFSv42: Fix pagecache invalidation after COPY/CLONE (git-fixes). - PCI/ACPI: Fix acpi_pci_osc_control_set() kernel-doc comment (git-fixes). - PCI/MSI: Clear PCI_MSIX_FLAGS_MASKALL on error (git-fixes). - PCI/MSI: Fix pci_irq_vector()/pci_irq_get_affinity() (git-fixes). - PCI/MSI: Mask MSI-X vectors only on success (git-fixes). - PCI: cadence: Add cdns_plat_pcie_probe() missing return (git-fixes). - PCI: dwc: Do not remap invalid res (git-fixes). - PCI: mvebu: Check for errors from pci_bridge_emul_init() call (git-fixes). - PCI: mvebu: Do not modify PCI IO type bits in conf_write (git-fixes). - PCI: mvebu: Fix support for DEVCAP2, DEVCTL2 and LNKCTL2 registers on emulated bridge (git-fixes). - PCI: mvebu: Fix support for PCI_EXP_DEVCTL on emulated bridge (git-fixes). - PCI: mvebu: Fix support for PCI_EXP_RTSTA on emulated bridge (git-fixes). - PCI: pci-bridge-emul: Properly mark reserved PCIe bits in PCI config space (git-fixes). - PCI: pci-bridge-emul: Set PCI_STATUS_CAP_LIST for PCIe device (git-fixes). - PCI: pciehp: Fix infinite loop in IRQ handler upon power fault (git-fixes). - PCI: xgene: Fix IB window setup (git-fixes). - PM: runtime: Defer suspending suppliers (git-fixes). - PM: sleep: Do not assume that "mem" is always present (git-fixes). - RDMA/hns: Replace kfree() with kvfree() (jsc#SLE-14777). - Revert "PM: sleep: Do not assume that "mem" is always present" (git-fixes). - Revert "USB: xhci: fix U1/U2 handling for hardware with XHCI_INTEL_HOST quirk set" (git-fixes). - Revert "net/mlx5: Add retry mechanism to the command entry index allocation" (jsc#SLE-15172). - USB: Fix "slab-out-of-bounds Write" bug in usb_hcd_poll_rh_status (git-fixes). - USB: NO_LPM quirk Lenovo Powered USB-C Travel Hub (git-fixes). - USB: NO_LPM quirk Lenovo USB-C to Ethernet Adapher(RTL8153-04) (git-fixes). - USB: cdc-acm: fix break reporting (git-fixes). - USB: cdc-acm: fix racy tty buffer accesses (git-fixes). - USB: chipidea: fix interrupt deadlock (git-fixes). - USB: core: Fix bug in resuming hub's handling of wakeup requests (git-fixes). - USB: gadget: bRequestType is a bitfield, not a enum (git-fixes). - USB: gadget: detect too-big endpoint 0 requests (git-fixes). - USB: gadget: zero allocate endpoint 0 buffers (git-fixes). - USB: serial: cp210x: fix CP2105 GPIO registration (git-fixes). - USB: serial: option: add Telit FN990 compositions (git-fixes). - Update patches.suse/tpm-fix-potential-NULL-pointer-access-in-tpm_del_cha.patch (git-fixes bsc#1193660 ltc#195634). - Updated mpi3mr entry in supported.conf (bsc#1194578 jsc#SLE-18120) Moving this driver into the "supported" package. - amd/display: downgrade validation failure log level (git-fixes). - ata: ahci: Add Green Sardine vendor ID as board_ahci_mobile (git-fixes). - atlantic: Fix buff_ring OOB in aq_ring_rx_clean (git-fixes). - ax25: NPD bug when detaching AX25 device (git-fixes). - backlight: qcom-wled: Fix off-by-one maximum with default num_strings (git-fixes). - backlight: qcom-wled: Override default length with qcom,enabled-strings (git-fixes). - backlight: qcom-wled: Pass number of elements to read to read_u32_array (git-fixes). - backlight: qcom-wled: Validate enabled string indices in DT (git-fixes). - batman-adv: mcast: do not send link-local multicast to mcast routers (git-fixes). - blk-cgroup: synchronize blkg creation against policy deactivation (bsc#1194584). - block/scsi-ioctl: Fix kernel-infoleak in scsi_put_cdrom_generic_arg() (git-fixes). - block: fix ioprio_get(IOPRIO_WHO_PGRP) vs setuid(2) (bsc#1194586). - can: gs_usb: fix use of uninitialized variable, detach device on reception of invalid USB data (git-fixes). - can: gs_usb: gs_can_start_xmit(): zero-initialize hf->{flags,reserved} (git-fixes). - can: kvaser_usb: get CAN clock frequency from device (git-fixes). - can: sja1000: fix use after free in ems_pcmcia_add_card() (git-fixes). - can: softing: softing_startstop(): fix set but not used variable warning (git-fixes). - can: softing_cs: softingcs_probe(): fix memleak on registration failure (git-fixes). - can: usb_8dev: remove unused member echo_skb from struct usb_8dev_priv (git-fixes). - can: xilinx_can: xcan_probe(): check for error irq (git-fixes). - char/mwave: Adjust io port register size (git-fixes). - clk: Do not parent clks until the parent is fully registered (git-fixes). - clk: Gemini: fix struct name in kernel-doc (git-fixes). - clk: bcm-2835: Pick the closest clock rate (git-fixes). - clk: bcm-2835: Remove rounding up the dividers (git-fixes). - clk: imx8mn: Fix imx8mn_clko1_sels (git-fixes). - clk: imx: pllv1: fix kernel-doc notation for struct clk_pllv1 (git-fixes). - clk: qcom: gcc-msm8996: Drop (again) gcc_aggre1_pnoc_ahb_clk (git-fixes). - clk: qcom: regmap-mux: fix parent clock lookup (git-fixes). - clk: stm32: Fix ltdc's clock turn off by clk_disable_unused() after system enter shell (git-fixes). - crypto: caam - replace this_cpu_ptr with raw_cpu_ptr (git-fixes). - crypto: mxs-dcp - Use sg_mapping_iter to copy data (git-fixes). - crypto: omap-sham - clear dma flags only after omap_sham_update_dma_stop() (git-fixes). - crypto: qat - do not ignore errors from enable_vf2pf_comms() (git-fixes). - crypto: qat - fix reuse of completion variable (git-fixes). - crypto: qat - handle both source of interrupt in VF ISR (git-fixes). - crypto: qce - fix uaf on qce_ahash_register_one (git-fixes). - crypto: stm32/crc32 - Fix kernel BUG triggered in probe() (git-fixes). - crypto: stm32/cryp - fix double pm exit (git-fixes). - crypto: stm32/cryp - fix lrw chaining mode (git-fixes). - crypto: stm32/cryp - fix xts and race condition in crypto_engine requests (git-fixes). - debugfs: lockdown: Allow reading debugfs files that are not world readable (bsc#1193328 ltc#195566). - device property: Fix documentation for FWNODE_GRAPH_DEVICE_DISABLED (git-fixes). - dm crypt: document encrypted keyring key option (git-fixes). - dm writecache: add "cleaner" and "max_age" to Documentation (git-fixes). - dm writecache: advance the number of arguments when reporting max_age (git-fixes). - dm writecache: fix performance degradation in ssd mode (git-fixes). - dm writecache: flush origin device when writing and cache is full (git-fixes). - dma_fence_array: Fix PENDING_ERROR leak in dma_fence_array_signaled() (git-fixes). - dmaengine: at_xdmac: Do not start transactions at tx_submit level (git-fixes). - dmaengine: at_xdmac: Fix at_xdmac_lld struct definition (git-fixes). - dmaengine: at_xdmac: Fix concurrency over xfers_list (git-fixes). - dmaengine: at_xdmac: Fix lld view setting (git-fixes). - dmaengine: at_xdmac: Print debug message after realeasing the lock (git-fixes). - dmaengine: bestcomm: fix system boot lockups (git-fixes). - dmaengine: idxd: add module parameter to force disable of SVA (bsc#1192931). - dmaengine: idxd: enable SVA feature for IOMMU (bsc#1192931). - dmaengine: pxa/mmp: stop referencing config->slave_id (git-fixes). - dmaengine: st_fdma: fix MODULE_ALIAS (git-fixes). - drm/amd/amdgpu: Increase HWIP_MAX_INSTANCE to 10 (git-fixes). - drm/amd/display: Fix for the no Audio bug with Tiled Displays (git-fixes). - drm/amd/display: Update bounding box states (v2) (git-fixes). - drm/amd/display: Update number of DCN3 clock states (git-fixes). - drm/amd/display: add connector type check for CRC source set (git-fixes). - drm/amd/display: dcn20_resource_construct reduce scope of FPU enabled (git-fixes). - drm/amd/display: fix incorrect CM/TF programming sequence in dwb (git-fixes). - drm/amd/display: fix missing writeback disablement if plane is removed (git-fixes). - drm/amdgpu: Fix a NULL pointer dereference in amdgpu_connector_lcd_native_mode() (git-fixes). - drm/amdgpu: Fix a printing message (git-fixes). - drm/amdgpu: Fix amdgpu_ras_eeprom_init() (git-fixes). - drm/amdgpu: correct register access for RLC_JUMP_TABLE_RESTORE (git-fixes). - drm/amdgpu: revert "Add autodump debugfs node for gpu reset v8" (git-fixes). - drm/amdkfd: Account for SH/SE count when setting up cu masks (git-fixes). - drm/amdkfd: Check for null pointer after calling kmemdup (git-fixes). - drm/ast: potential dereference of null pointer (git-fixes). - drm/atomic: Check new_crtc_state->active to determine if CRTC needs disable in self refresh mode (git-fixes). - drm/bridge: analogix_dp: Make PSR-exit block less (git-fixes). - drm/bridge: display-connector: fix an uninitialized pointer in probe() (git-fixes). - drm/bridge: nwl-dsi: Avoid potential multiplication overflow on 32-bit (git-fixes). - drm/bridge: ti-sn65dsi86: Set max register for regmap (git-fixes). - drm/display: fix possible null-pointer dereference in dcn10_set_clock() (git-fixes). - drm/exynos: Always initialize mapping in exynos_drm_register_dma() (git-fixes). - drm/i915/fb: Fix rounding error in subsampled plane size calculation (git-fixes). - drm/i915: Avoid bitwise vs logical OR warning in snb_wm_latency_quirk() (git-fixes). - drm/mediatek: Check plane visibility in atomic_update (git-fixes). - drm/msm/dpu: fix safe status debugfs file (git-fixes). - drm/msm/dsi: Fix DSI and DSI PHY regulator config from SDM660 (git-fixes). - drm/msm/dsi: set default num_data_lanes (git-fixes). - drm/msm/mdp5: fix cursor-related warnings (git-fixes). - drm/msm: mdp4: drop vblank get/put from prepare/complete_commit (git-fixes). - drm/msm: prevent NULL dereference in msm_gpu_crashstate_capture() (git-fixes). - drm/panel: innolux-p079zca: Delete panel on attach() failure (git-fixes). - drm/panel: kingdisplay-kd097d04: Delete panel on attach() failure (git-fixes). - drm/radeon/radeon_kms: Fix a NULL pointer dereference in radeon_driver_open_kms() (git-fixes). - drm/rockchip: dsi: Disable PLL clock on bind error (git-fixes). - drm/rockchip: dsi: Fix unbalanced clock on probe error (git-fixes). - drm/rockchip: dsi: Hold pm-runtime across bind/unbind (git-fixes). - drm/rockchip: dsi: Reconfigure hardware on resume() (git-fixes). - drm/sun4i: dw-hdmi: Fix missing put_device() call in sun8i_hdmi_phy_get (git-fixes). - drm/sun4i: fix unmet dependency on RESET_CONTROLLER for PHY_SUN6I_MIPI_DPHY (git-fixes). - drm/syncobj: Deal with signalled fences in drm_syncobj_find_fence (git-fixes). - drm/tegra: vic: Fix DMA API misuse (git-fixes). - drm/vboxvideo: fix a NULL vs IS_ERR() check (git-fixes). - drm/vc4: hdmi: Make sure the controller is powered up during bind (git-fixes). - drm/vc4: hdmi: Set HD_CTL_WHOLSMP and HD_CTL_CHALIGN_SET (git-fixes). - drm/vc4: hdmi: Set a default HSM rate (git-fixes). - drm: fix null-ptr-deref in drm_dev_init_release() (git-fixes). - drm: xlnx: zynqmp: release reset to DP controller before accessing DP registers (git-fixes). - drm: xlnx: zynqmp_dpsub: Call pm_runtime_get_sync before setting pixel clock (git-fixes). - eeprom: idt_89hpesx: Put fwnode in matching case during ->probe() (git-fixes). - eeprom: idt_89hpesx: Restore printing the unsupported fwnode name (git-fixes). - ext4: Avoid trim error on fs with small groups (bsc#1191271). - ext4: fix lazy initialization next schedule time computation in more granular unit (bsc#1194580). - fget: clarify and improve __fget_files() implementation (bsc#1193727). - firmware: Update Kconfig help text for Google firmware (git-fixes). - firmware: arm_scmi: pm: Propagate return value to caller (git-fixes). - firmware: arm_scpi: Fix string overflow in SCPI genpd driver (git-fixes). - firmware: qcom_scm: Fix error retval in __qcom_scm_is_call_available() (git-fixes). - firmware: qemu_fw_cfg: fix NULL-pointer deref on duplicate entries (git-fixes). - firmware: qemu_fw_cfg: fix kobject leak in probe error path (git-fixes). - firmware: qemu_fw_cfg: fix sysfs information leak (git-fixes). - firmware: raspberrypi: Fix a leak in 'rpi_firmware_get()' (git-fixes). - firmware: smccc: Fix check for ARCH_SOC_ID not implemented (git-fixes). - firmware: tegra: Fix error application of sizeof() to pointer (git-fixes). - firmware: tegra: Reduce stack usage (git-fixes). - firmware_loader: fix pre-allocated buf built-in firmware use (git-fixes). - floppy: Fix hang in watchdog when disk is ejected (git-fixes). - flow_offload: return EOPNOTSUPP for the unsupported mpls action type (bsc#1154353). - fuse: Pass correct lend value to filemap_write_and_wait_range() (bsc#1194953). - gpiolib: acpi: Make set-debounce-timeout failures non fatal (git-fixes). - gpu: host1x: Add back arm_iommu_detach_device() (git-fixes). - hwmon: (lm90) Add basic support for TI TMP461 (git-fixes). - hwmon: (lm90) Add max6654 support to lm90 driver (git-fixes). - hwmon: (lm90) Do not report 'busy' status bit as alarm (git-fixes). - hwmon: (lm90) Drop critical attribute support for MAX6654 (git-fixes). - hwmon: (lm90) Fix usage of CONFIG2 register in detect function (git-fixes). - hwmon: (lm90) Introduce flag indicating extended temperature support (git-fixes). - i2c: rk3x: Handle a spurious start completion interrupt flag (git-fixes). - i2c: validate user data in compat ioctl (git-fixes). - i3c: fix incorrect address slot lookup on 64-bit (git-fixes). - i3c: master: dw: check return of dw_i3c_master_get_free_pos() (git-fixes). - i40e: Fix NULL pointer dereference in i40e_dbg_dump_desc (git-fixes). - i40e: Fix for displaying message regarding NVM version (git-fixes). - i40e: Fix incorrect netdev's real number of RX/TX queues (git-fixes). - i40e: Fix to not show opcode msg on unsuccessful VF MAC change (git-fixes). - i40e: fix use-after-free in i40e_sync_filters_subtask() (git-fixes). - iavf: Fix limit of total number of queues to active queues of VF (git-fixes). - iavf: restore MSI state on reset (git-fixes). - ieee802154: atusb: fix uninit value in atusb_set_extended_addr (git-fixes). - ieee802154: fix error return code in ieee802154_llsec_getparams() (git-fixes). - ieee802154: fix error return code in ieee802154_add_iface() (git-fixes). - ieee802154: hwsim: Fix memory leak in hwsim_add_one (git-fixes). - ieee802154: hwsim: Fix possible memory leak in hwsim_subscribe_all_others (git-fixes). - ieee802154: hwsim: avoid possible crash in hwsim_del_edge_nl() (git-fixes). - ieee802154: hwsim: fix GPF in hwsim_set_edge_lqi (git-fixes). - igb: Fix removal of unicast MAC filters of VFs (git-fixes). - igbvf: fix double free in `igbvf_probe` (git-fixes). - igc: Fix typo in i225 LTR functions (jsc#SLE-13533). - iio: accel: kxcjk-1013: Fix possible memory leak in probe and remove (git-fixes). - iio: ad7768-1: Call iio_trigger_notify_done() on error (git-fixes). - iio: adc: axp20x_adc: fix charging current reporting on AXP22x (git-fixes). - iio: at91-sama5d2: Fix incorrect sign extension (git-fixes). - iio: dln2-adc: Fix lockdep complaint (git-fixes). - iio: dln2: Check return value of devm_iio_trigger_register() (git-fixes). - iio: itg3200: Call iio_trigger_notify_done() on error (git-fixes). - iio: kxsd9: Do not return error code in trigger handler (git-fixes). - iio: ltr501: Do not return error code in trigger handler (git-fixes). - iio: mma8452: Fix trigger reference couting (git-fixes). - iio: stk3310: Do not return error code in interrupt handler (git-fixes). - iio: trigger: Fix reference counting (git-fixes). - iio: trigger: stm32-timer: fix MODULE_ALIAS (git-fixes). - ionic: Initialize the 'lif->dbid_inuse' bitmap (bsc#1167773). - isofs: Fix out of bound access for corrupted isofs image (bsc#1194591). - iwlwifi: fw: correctly limit to monitor dump (git-fixes). - iwlwifi: mvm: Fix scan channel flags settings (git-fixes). - iwlwifi: mvm: Use div_s64 instead of do_div in iwl_mvm_ftm_rtt_smoothing() (git-fixes). - iwlwifi: mvm: avoid static queue number aliasing (git-fixes). - iwlwifi: mvm: disable RX-diversity in powersave (git-fixes). - iwlwifi: mvm: fix 32-bit build in FTM (git-fixes). - iwlwifi: mvm: fix access to BSS elements (git-fixes). - iwlwifi: mvm: test roc running status bits before removing the sta (git-fixes). - iwlwifi: pcie: free RBs during configure (git-fixes). - ixgbe: set X550 MDIO speed before talking to PHY (git-fixes). - kmod: make request_module() return an error when autoloading is disabled (git-fixes). - kobject: Restore old behaviour of kobject_del(NULL) (git-fixes). - kobject_uevent: remove warning in init_uevent_argv() (git-fixes). - kprobes: Limit max data_size of the kretprobe instances (bsc#1193669). - libata: add horkage for ASMedia 1092 (git-fixes). - libata: if T_LENGTH is zero, dma direction should be DMA_NONE (git-fixes). - livepatch: Avoid CPU hogging with cond_resched (bsc#1071995). - lockdown: Allow unprivileged users to see lockdown status (git-fixes). - mISDN: change function names to avoid conflicts (git-fixes). - mac80211: Fix monitor MTU limit so that A-MSDUs get through (git-fixes). - mac80211: agg-tx: do not schedule_and_wake_txq() under sta->lock (git-fixes). - mac80211: do not access the IV when it was stripped (git-fixes). - mac80211: fix lookup when adding AddBA extension element (git-fixes). - mac80211: fix regression in SSN handling of addba tx (git-fixes). - mac80211: initialize variable have_higher_than_11mbit (git-fixes). - mac80211: mark TX-during-stop for TX in in_reconfig (git-fixes). - mac80211: send ADDBA requests using the tid/queue of the aggregation session (git-fixes). - mac80211: track only QoS data frames for admission control (git-fixes). - mac80211: validate extended element ID is present (git-fixes). - mailbox: hi3660: convert struct comments to kernel-doc notation (git-fixes). - media: Revert "media: uvcvideo: Set unique vdev name based in type" (bsc#1193255). - media: aspeed: Update signal status immediately to ensure sane hw state (git-fixes). - media: aspeed: fix mode-detect always time out at 2nd run (git-fixes). - media: cpia2: fix control-message timeouts (git-fixes). - media: dib0700: fix undefined behavior in tuner shutdown (git-fixes). - media: dib8000: Fix a memleak in dib8000_init() (git-fixes). - media: dmxdev: fix UAF when dvb_register_device() fails (git-fixes). - media: dw2102: Fix use after free (git-fixes). - media: em28xx: fix control-message timeouts (git-fixes). - media: em28xx: fix memory leak in em28xx_init_dev (git-fixes). - media: flexcop-usb: fix control-message timeouts (git-fixes). - media: hantro: Fix probe func error path (git-fixes). - media: i2c: imx274: fix trivial typo expsoure/exposure (git-fixes). - media: i2c: imx274: fix trivial typo obainted/obtained (git-fixes). - media: imx-pxp: Initialize the spinlock prior to using it (git-fixes). - media: mceusb: fix control-message timeouts (git-fixes). - media: msi001: fix possible null-ptr-deref in msi001_probe() (git-fixes). - media: mtk-vcodec: call v4l2_m2m_ctx_release first when file is released (git-fixes). - media: pvrusb2: fix control-message timeouts (git-fixes). - media: rcar-csi2: Correct the selection of hsfreqrange (git-fixes). - media: rcar-csi2: Optimize the selection PHTW register (git-fixes). - media: redrat3: fix control-message timeouts (git-fixes). - media: s2255: fix control-message timeouts (git-fixes). - media: saa7146: mxb: Fix a NULL pointer dereference in mxb_attach() (git-fixes). - media: si2157: Fix "warm" tuner state detection (git-fixes). - media: si470x-i2c: fix possible memory leak in si470x_i2c_probe() (git-fixes). - media: stk1160: fix control-message timeouts (git-fixes). - media: streamzap: remove unnecessary ir_raw_event_reset and handle (git-fixes). - media: uvcvideo: fix division by zero at stream start (git-fixes). - media: venus: core: Fix a resource leak in the error handling path of 'venus_probe()' (git-fixes). - memblock: ensure there is no overflow in memblock_overlaps_region() (git-fixes). - memory: emif: Remove bogus debugfs error handling (git-fixes). - mfd: intel-lpss: Fix too early PM enablement in the ACPI ->probe() (git-fixes). - misc: fastrpc: Add missing lock before accessing find_vma() (git-fixes). - misc: fastrpc: fix improper packet size calculation (git-fixes). - misc: lattice-ecp3-config: Fix task hung when firmware load failed (git-fixes). - mmc: meson-mx-sdio: add IRQ check (git-fixes). - mmc: sdhci-esdhc-imx: clear the buffer_read_ready to reset standard tuning circuit (git-fixes). - mmc: sdhci-esdhc-imx: disable CMDQ support (git-fixes). - mmc: sdhci-pci: Add PCI ID for Intel ADL (git-fixes). - mmc: sdhci-tegra: Fix switch to HS400ES mode (git-fixes). - move to "mainline soon" section: - patches.suse/0001-mmc-moxart_remove-Fix-UAF.patch - moxart: fix potential use-after-free on remove path (bsc#1194516). - mt76: mt7915: fix NULL pointer dereference in mt7915_get_phy_mode (git-fixes). - mt76: mt7915: fix an off-by-one bound check (git-fixes). - mtd: rawnand: fsmc: Fix timing computation (git-fixes). - mtd: rawnand: fsmc: Take instruction delay into account (git-fixes). - mtd: rawnand: mpc5121: Remove unused variable in ads5121_select_chip() (git-fixes). - mtd: spi-nor: hisi-sfc: Remove excessive clk_disable_unprepare() (git-fixes). - mwifiex: Fix possible ABBA deadlock (git-fixes). - mwifiex: Try waking the firmware until we get an interrupt (git-fixes). - net/mlx5: DR, Fix NULL vs IS_ERR checking in dr_domain_init_resources (jsc#SLE-8464). - net/mlx5: Set command entry semaphore up once got index free (jsc#SLE-15172). - net/mlx5e: Fix wrong features assignment in case of error (git-fixes). - net/mlx5e: Wrap the tx reporter dump callback to extract the sq (jsc#SLE-15172). - net/sched: fq_pie: prevent dismantle issue (jsc#SLE-15172). - net/sched: sch_ets: do not remove idle classes from the round-robin list (bsc#1176774). - net: create netdev->dev_addr assignment helpers (git-fixes). - net: ena: Fix error handling when calculating max IO queues number (bsc#1154492). - net: ena: Fix undefined state when tx request id is out of bounds (bsc#1154492). - net: ena: Fix wrong rx request id by resetting device (git-fixes). - net: hns3: fix use-after-free bug in hclgevf_send_mbx_msg (jsc#SLE-14777). - net: usb: lan78xx: add Allied Telesis AT29M2-AF (git-fixes). - net: usb: pegasus: Do not drop long Ethernet frames (git-fixes). - netfilter: nft_set_pipapo: allocate pcpu scratch maps on clone (bsc#1176447). - nfc: fix potential NULL pointer deref in nfc_genl_dump_ses_done (git-fixes). - nfc: fix segfault in nfc_genl_dump_devices_done (git-fixes). - nfsd: Fix nsfd startup race (again) (git-fixes). - nft_set_pipapo: Fix bucket load in AVX2 lookup routine for six 8-bit groups (bsc#1176447). - nvme-tcp: block BH in sk state_change sk callback (git-fixes). - nvme-tcp: can't set sk_user_data without write_lock (git-fixes). - nvme-tcp: check sgl supported by target (git-fixes). - nvme-tcp: do not update queue count when failing to set io queues (git-fixes). - nvme-tcp: fix a NULL deref when receiving a 0-length r2t PDU (git-fixes). - nvme-tcp: fix crash triggered with a dataless request submission (git-fixes). - nvme-tcp: fix error codes in nvme_tcp_setup_ctrl() (git-fixes). - nvme-tcp: fix io_work priority inversion (git-fixes). - nvme-tcp: fix possible data corruption with bio merges (git-fixes). - nvme-tcp: fix possible req->offset corruption (git-fixes). - nvme-tcp: fix wrong setting of request iov_iter (git-fixes). - nvme-tcp: get rid of unused helper function (git-fixes). - nvme-tcp: pair send_mutex init with destroy (git-fixes). - nvme-tcp: pass multipage bvec to request iov_iter (git-fixes). - nvme-tcp: remove incorrect Kconfig dep in BLK_DEV_NVME (git-fixes). - pcmcia: fix setting of kthread task states (git-fixes). - pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in __nonstatic_find_io_region() (git-fixes). - pcmcia: rsrc_nonstatic: Fix a NULL pointer dereference in nonstatic_find_mem_region() (git-fixes). - pcnet32: Use pci_resource_len to validate PCI resource (git-fixes). - pinctrl: mediatek: fix global-out-of-bounds issue (git-fixes). - pinctrl: qcom: spmi-gpio: correct parent irqspec translation (git-fixes). - pinctrl: stm32: consider the GPIO offset to expose all the GPIO lines (git-fixes). - pinctrl: stm32: use valid pin identifier in stm32_pinctrl_resume() (git-fixes). - pipe: increase minimum default pipe size to 2 pages (bsc#1194587). - platform/x86: apple-gmux: use resource_size() with res (git-fixes). - platform/x86: thinkpad_acpi: Fix WWAN device disabled issue after S3 deep (git-fixes). - power: reset: ltc2952: Fix use of floating point literals (git-fixes). - power: supply: core: Break capacity loop (git-fixes). - power: supply: max17042_battery: Clear status bits in interrupt handler (git-fixes). - powerpc/64s: fix program check interrupt emergency stack path (bsc#1156395). - powerpc/fadump: Fix inaccurate CPU state info in vmcore generated with panic (bsc#1193901 ltc#194976). - powerpc/perf: Fix PMU callbacks to clear pending PMI before resetting an overflown PMC (bsc#1156395). - powerpc/perf: Fix data source encodings for L2.1 and L3.1 accesses (bsc#1065729). - powerpc/prom_init: Fix improper check of prom_getprop() (bsc#1065729). - powerpc/pseries/cpuhp: cache node corrections (bsc#1065729). - powerpc/pseries/cpuhp: delete add/remove_by_count code (bsc#1065729). - powerpc/pseries/mobility: ignore ibm, platform-facilities updates (bsc#1065729). - powerpc/traps: do not enable irqs in _exception (bsc#1065729). - powerpc/xive: Add missing null check after calling kmalloc (bsc#1177437 ltc#188522 jsc#SLE-13294 git-fixes). - powerpc: add interrupt_cond_local_irq_enable helper (bsc#1065729). - powerpc: handle kdump appropriately with crash_kexec_post_notifiers option (bsc#1193901 ltc#194976). - pwm: mxs: Do not modify HW state in .probe() after the PWM chip was registered (git-fixes). - pwm: tiecap: Drop .free() callback (git-fixes). - qlcnic: potential dereference null pointer of rx_queue->page_ring (git-fixes). - quota: check block number when reading the block in quota file (bsc#1194589). - quota: correct error number in free_dqentry() (bsc#1194590). - random: fix data race on crng init time (git-fixes). - random: fix data race on crng_node_pool (git-fixes). - regmap: Call regmap_debugfs_exit() prior to _init() (git-fixes). - rndis_host: support Hytera digital radios (git-fixes). - rpmsg: core: Clean up resources on announce_create failure (git-fixes). - rtl8xxxu: Fix the handling of TX A-MPDU aggregation (git-fixes). - rtlwifi: rtl8192cu: Fix WARNING when calling local_irq_restore() with interrupts enabled (git-fixes). - rtw88: use read_poll_timeout instead of fixed sleep (git-fixes). - rtw88: wow: build wow function only if CONFIG_PM is on (git-fixes). - rtw88: wow: fix size access error of probe request (git-fixes). - sata: nv: fix debug format string mismatch (git-fixes). - scsi: lpfc: Add additional debugfs support for CMF (bsc#1194266). - scsi: lpfc: Adjust CMF total bytes and rxmonitor (bsc#1194266). - scsi: lpfc: Cap CMF read bytes to MBPI (bsc#1194266). - scsi: lpfc: Change return code on I/Os received during link bounce (bsc#1194266). - scsi: lpfc: Fix NPIV port deletion crash (bsc#1194266). - scsi: lpfc: Fix leaked lpfc_dmabuf mbox allocations with NPIV (bsc#1194266). - scsi: lpfc: Fix lpfc_force_rscn ndlp kref imbalance (bsc#1194266). - scsi: lpfc: Trigger SLI4 firmware dump before doing driver cleanup (bsc#1194266). - scsi: lpfc: Update lpfc version to 14.0.0.4 (bsc#1194266). - scsi: qla2xxx: Fix mailbox direction flags in qla2xxx_get_adapter_id() (git-fixes). - scsi: qla2xxx: Format log strings only if needed (git-fixes). - scsi: qla2xxx: edif: Fix EDIF bsg (git-fixes). - scsi: qla2xxx: edif: Fix app start delay (git-fixes). - scsi: qla2xxx: edif: Fix app start fail (git-fixes). - scsi: qla2xxx: edif: Fix off by one bug in qla_edif_app_getfcinfo() (git-fixes). - scsi: qla2xxx: edif: Flush stale events and msgs on session down (git-fixes). - scsi: qla2xxx: edif: Increase ELS payload (git-fixes). - select: Fix indefinitely sleeping task in poll_schedule_timeout() (bsc#1194027). - selftests: KVM: Explicitly use movq to read xmm registers (git-fixes). - selinux: fix potential memleak in selinux_add_opt() (git-fixes). - seq_buf: Fix overflow in seq_buf_putmem_hex() (git-fixes). - seq_buf: Make trace_seq_putmem_hex() support data longer than 8 (git-fixes). - serial: pl011: Add ACPI SBSA UART match id (git-fixes). - serial: tty: uartlite: fix console setup (git-fixes). - sfc: Check null pointer of rx_queue->page_ring (git-fixes). - sfc: The RX page_ring is optional (git-fixes). - sfc: falcon: Check null pointer of rx_queue->page_ring (git-fixes). - sfc_ef100: potential dereference of null pointer (jsc#SLE-16683). - shmem: shmem_writepage() split unlikely i915 THP (git-fixes). - slimbus: qcom: fix potential NULL dereference in qcom_slim_prg_slew() (git-fixes). - soc/tegra: fuse: Fix bitwise vs. logical OR warning (git-fixes). - soc: fsl: dpaa2-console: free buffer before returning from dpaa2_console_read (git-fixes). - soc: fsl: dpio: rename the enqueue descriptor variable (git-fixes). - soc: fsl: dpio: replace smp_processor_id with raw_smp_processor_id (git-fixes). - soc: fsl: dpio: use an explicit NULL instead of 0 (git-fixes). - soc: fsl: dpio: use the combined functions to protect critical zone (git-fixes). - spi: change clk_disable_unprepare to clk_unprepare (git-fixes). - spi: spi-meson-spifc: Add missing pm_runtime_disable() in meson_spifc_probe (git-fixes). - spi: spi-rspi: Drop redeclaring ret variable in qspi_transfer_in() (git-fixes). - staging: emxx_udc: Fix passing of NULL to dma_alloc_coherent() (git-fixes). - staging: fbtft: Do not spam logs when probe is deferred (git-fixes). - staging: fbtft: Rectify GPIO handling (git-fixes). - staging: fieldbus: anybuss: jump to correct label in an error path (git-fixes). - staging: ks7010: select CRYPTO_HASH/CRYPTO_MICHAEL_MIC (git-fixes). - staging: rtl8192e: return error code from rtllib_softmac_init() (git-fixes). - staging: rtl8192e: rtllib_module: fix error handle case in alloc_rtllib() (git-fixes). - staging: wlan-ng: Avoid bitwise vs logical OR warning in hfa384x_usb_throttlefn() (git-fixes). - string.h: fix incompatibility between FORTIFY_SOURCE and KASAN (git-fixes). - thermal/drivers/imx8mm: Enable ADC when enabling monitor (git-fixes). - thermal/drivers/int340x: Do not set a wrong tcc offset on resume (git-fixes). - thermal: core: Reset previous low and high trip during thermal zone init (git-fixes). - tpm: add request_locality before write TPM_INT_ENABLE (git-fixes). - tpm: fix potential NULL pointer access in tpm_del_char_device (git-fixes). - tracing/kprobes: 'nmissed' not showed correctly for kretprobe (git-fixes). - tracing/uprobes: Check the return value of kstrdup() for tu->filename (git-fixes). - tracing: Add test for user space strings when filtering on string pointers (git-fixes). - tracing: Fix check for trace_percpu_buffer validity in get_trace_buf() (git-fixes). - tty: max310x: fix flexible_array.cocci warnings (git-fixes). - tty: serial: atmel: Call dma_async_issue_pending() (git-fixes). - tty: serial: atmel: Check return code of dmaengine_submit() (git-fixes). - tty: serial: earlycon dependency (git-fixes). - tty: serial: qcom_geni_serial: Drop __init from qcom_geni_console_setup (git-fixes). - tty: serial: uartlite: allow 64 bit address (git-fixes). - tty: synclink_gt: rename a conflicting function name (git-fixes). - udf: Fix crash after seekdir (bsc#1194592). - uio: uio_dmem_genirq: Catch the Exception (git-fixes). - usb: core: config: fix validation of wMaxPacketValue entries (git-fixes). - usb: core: config: using bit mask instead of individual bits (git-fixes). - usb: dwc2: check return value after calling platform_get_resource() (git-fixes). - usb: dwc3: gadget: Continue to process pending requests (git-fixes). - usb: dwc3: gadget: Ignore EP queue requests during bus reset (git-fixes). - usb: dwc3: gadget: Reclaim extra TRBs after request completion (git-fixes). - usb: dwc3: pci: Enable dis_uX_susphy_quirk for Intel Merrifield (git-fixes). - usb: dwc3: ulpi: Fix USB2.0 HS/FS/LS PHY suspend regression (git-fixes). - usb: dwc3: ulpi: Replace CPU-based busyloop with Protocol-based one (git-fixes). - usb: dwc3: ulpi: fix checkpatch warning (git-fixes). - usb: ftdi-elan: fix memory leak on device disconnect (git-fixes). - usb: gadget: composite: Allow bMaxPower=0 if self-powered (git-fixes). - usb: gadget: f_fs: Clear ffs_eventfd in ffs_data_clear (git-fixes). - usb: gadget: u_ether: fix race in setting MAC address in setup phase (git-fixes). - usb: mtu3: add memory barrier before set GPD's HWO (git-fixes). - usb: mtu3: fix interval value for intr and isoc (git-fixes). - usb: mtu3: fix list_head check warning (git-fixes). - usb: mtu3: set interval of FS intr and isoc endpoint (git-fixes). - usb: typec: tcpm: handle SRC_STARTUP state if cc changes (git-fixes). - usb: xhci: Extend support for runtime power management for AMD's Yellow carp (git-fixes). - usermodehelper: reset umask to default before executing user process (git-fixes). - vfs: check fd has read access in kernel_read_file_from_fd() (bsc#1194888). - video: backlight: Drop maximum brightness override for brightness zero (git-fixes). - watchdog: Fix OMAP watchdog early handling (git-fixes). - watchdog: f71808e_wdt: fix inaccurate report in WDIOC_GETTIMEOUT (git-fixes). - wcn36xx: Fix missing frame timestamp for beacon/probe-resp (git-fixes). - wcn36xx: Indicate beacon not connection loss on MISSED_BEACON_IND (git-fixes). - wcn36xx: Release DMA channel descriptor allocations (git-fixes). - wcn36xx: handle connection loss indication (git-fixes). - wireguard: allowedips: add missing __rcu annotation to satisfy sparse (git-fixes). - wireguard: device: reset peer src endpoint when netns exits (git-fixes). - wireguard: ratelimiter: use kvcalloc() instead of kvzalloc() (git-fixes). - wireguard: receive: drop handshakes if queue lock is contended (git-fixes). - wireguard: receive: use ring buffer for incoming handshakes (git-fixes). - wireguard: selftests: actually test for routing loops (git-fixes). - wireguard: selftests: increase default dmesg log size (git-fixes). - wireless: iwlwifi: Fix a double free in iwl_txq_dyn_alloc_dma (git-fixes). - x86/platform/uv: Add more to secondary CPU kdump info (bsc#1194493). - xhci: Fresco FL1100 controller should not have BROKEN_MSI quirk set (git-fixes). - xhci: Remove CONFIG_USB_DEFAULT_PERSIST to prevent xHCI from runtime suspending (git-fixes). - xhci: avoid race between disable slot command and host runtime suspend (git-fixes). - xhci: fix unsafe memory usage in xhci tracing (git-fixes). cluster-md-kmp-preempt-5.3.18-150300.59.43.1.x86_64.rpm True dlm-kmp-preempt-5.3.18-150300.59.43.1.x86_64.rpm True gfs2-kmp-preempt-5.3.18-150300.59.43.1.x86_64.rpm True kernel-preempt-5.3.18-150300.59.43.1.nosrc.rpm True kernel-preempt-5.3.18-150300.59.43.1.x86_64.rpm True kernel-preempt-devel-5.3.18-150300.59.43.1.x86_64.rpm True kernel-preempt-extra-5.3.18-150300.59.43.1.x86_64.rpm True kernel-preempt-livepatch-devel-5.3.18-150300.59.43.1.x86_64.rpm True kernel-preempt-optional-5.3.18-150300.59.43.1.x86_64.rpm True kselftests-kmp-preempt-5.3.18-150300.59.43.1.x86_64.rpm True ocfs2-kmp-preempt-5.3.18-150300.59.43.1.x86_64.rpm True reiserfs-kmp-preempt-5.3.18-150300.59.43.1.x86_64.rpm True dtb-aarch64-5.3.18-150300.59.43.1.src.rpm True dtb-al-5.3.18-150300.59.43.1.aarch64.rpm True dtb-zte-5.3.18-150300.59.43.1.aarch64.rpm True openSUSE-SLE-15.4-2022-491 moderate SUSE Updates openSUSE-SLE 15.4 This update for rust fixes the following issues: - CVE-2022-21658: Fixed race condition in std::fs::remove_dir_all (bsc#1194767). cargo-doc-1.53.0-22.1.noarch.rpm rust-1.53.0-22.1.src.rpm rust-analysis-1.53.0-22.1.x86_64.rpm rust-doc-1.53.0-22.1.x86_64.rpm rust-src-1.53.0-22.1.noarch.rpm rust-analysis-1.53.0-22.1.aarch64.rpm rust-doc-1.53.0-22.1.aarch64.rpm openSUSE-SLE-15.4-2022-492 important SUSE Updates openSUSE-SLE 15.4 This update for strongswan fixes the following issues: - CVE-2021-45079: Fixed authentication bypass in EAP authentication. (bsc#1194471) strongswan-5.8.2-11.24.1.src.rpm strongswan-5.8.2-11.24.1.x86_64.rpm strongswan-doc-5.8.2-11.24.1.noarch.rpm strongswan-hmac-5.8.2-11.24.1.x86_64.rpm strongswan-ipsec-5.8.2-11.24.1.x86_64.rpm strongswan-libs0-5.8.2-11.24.1.x86_64.rpm strongswan-mysql-5.8.2-11.24.1.x86_64.rpm strongswan-nm-5.8.2-11.24.1.x86_64.rpm strongswan-sqlite-5.8.2-11.24.1.x86_64.rpm strongswan-5.8.2-11.24.1.s390x.rpm strongswan-hmac-5.8.2-11.24.1.s390x.rpm strongswan-ipsec-5.8.2-11.24.1.s390x.rpm strongswan-libs0-5.8.2-11.24.1.s390x.rpm strongswan-mysql-5.8.2-11.24.1.s390x.rpm strongswan-nm-5.8.2-11.24.1.s390x.rpm strongswan-sqlite-5.8.2-11.24.1.s390x.rpm strongswan-5.8.2-11.24.1.ppc64le.rpm strongswan-hmac-5.8.2-11.24.1.ppc64le.rpm strongswan-ipsec-5.8.2-11.24.1.ppc64le.rpm strongswan-libs0-5.8.2-11.24.1.ppc64le.rpm strongswan-mysql-5.8.2-11.24.1.ppc64le.rpm strongswan-nm-5.8.2-11.24.1.ppc64le.rpm strongswan-sqlite-5.8.2-11.24.1.ppc64le.rpm strongswan-5.8.2-11.24.1.aarch64.rpm strongswan-hmac-5.8.2-11.24.1.aarch64.rpm strongswan-ipsec-5.8.2-11.24.1.aarch64.rpm strongswan-libs0-5.8.2-11.24.1.aarch64.rpm strongswan-mysql-5.8.2-11.24.1.aarch64.rpm strongswan-nm-5.8.2-11.24.1.aarch64.rpm strongswan-sqlite-5.8.2-11.24.1.aarch64.rpm openSUSE-SLE-15.4-2022-214 important SUSE Updates openSUSE-SLE 15.4 This update for log4j fixes the following issues: - CVE-2022-23307: Fixed deserialization flaw in the chainsaw component of log4j leading to malicious code execution. (bsc#1194844) - CVE-2022-23305: Fixed SQL injection when application is configured to use JDBCAppender. (bsc#1194843) - CVE-2022-23302: Fixed remote code execution when application is configured to use JMSSink. (bsc#1194842) log4j-1.2.17-5.9.1.src.rpm log4j-manual-1.2.17-5.9.1.noarch.rpm openSUSE-SLE-15.4-2022-282 low SUSE Updates openSUSE-SLE 15.4 This is a relogin-suggested test update for SUSE:SLE-15-SP2:Update update-test-relogin-suggested-5.1-33.2.x86_64.rpm True update-test-relogin-suggested-5.1-33.2.s390x.rpm True update-test-relogin-suggested-5.1-33.2.ppc64le.rpm True update-test-relogin-suggested-5.1-33.2.aarch64.rpm True openSUSE-SLE-15.4-2022-274 low SUSE Updates openSUSE-SLE 15.4 This is a affects-package-manager test update for SUSE:SLE-15-SP2:Update update-test-affects-package-manager-5.1-33.2.x86_64.rpm True update-test-affects-package-manager-5.1-33.2.s390x.rpm True update-test-affects-package-manager-5.1-33.2.ppc64le.rpm True update-test-affects-package-manager-5.1-33.2.aarch64.rpm True openSUSE-SLE-15.4-2022-275 low SUSE Updates openSUSE-SLE 15.4 This is a retracted test update for SUSE:SLE-15-SP2:Update update-test-retracted-5.1-33.2.x86_64.rpm update-test-retracted-5.1-33.2.s390x.rpm update-test-retracted-5.1-33.2.ppc64le.rpm update-test-retracted-5.1-33.2.aarch64.rpm openSUSE-SLE-15.4-2022-276 low SUSE Updates openSUSE-SLE 15.4 This is a optional test update for SUSE:SLE-15-SP2:Update update-test-optional-5.1-33.2.x86_64.rpm update-test-optional-5.1-33.2.s390x.rpm update-test-optional-5.1-33.2.ppc64le.rpm update-test-optional-5.1-33.2.aarch64.rpm openSUSE-SLE-15.4-2022-277 important SUSE Updates openSUSE-SLE 15.4 This is a security test update for SUSE:SLE-15-SP2:Update update-test-security-5.1-33.2.x86_64.rpm update-test-security-5.1-33.2.s390x.rpm update-test-security-5.1-33.2.ppc64le.rpm update-test-security-5.1-33.2.aarch64.rpm openSUSE-SLE-15.4-2022-278 low SUSE Updates openSUSE-SLE 15.4 This is a trivial test update for SUSE:SLE-15-SP2:Update update-test-trivial-5.1-33.2.src.rpm update-test-trivial-5.1-33.2.x86_64.rpm update-test-trivial-5.1-33.2.s390x.rpm update-test-trivial-5.1-33.2.ppc64le.rpm update-test-trivial-5.1-33.2.aarch64.rpm openSUSE-SLE-15.4-2022-279 low SUSE Updates openSUSE-SLE 15.4 This is a feature test update for SUSE:SLE-15-SP2:Update update-test-feature-5.1-33.2.x86_64.rpm update-test-feature-5.1-33.2.s390x.rpm update-test-feature-5.1-33.2.ppc64le.rpm update-test-feature-5.1-33.2.aarch64.rpm openSUSE-SLE-15.4-2022-280 low SUSE Updates openSUSE-SLE 15.4 This is a reboot-needed test update for SUSE:SLE-15-SP2:Update update-test-reboot-needed-5.1-33.2.x86_64.rpm True update-test-reboot-needed-5.1-33.2.s390x.rpm True update-test-reboot-needed-5.1-33.2.ppc64le.rpm True update-test-reboot-needed-5.1-33.2.aarch64.rpm True openSUSE-SLE-15.4-2022-281 low SUSE Updates openSUSE-SLE 15.4 This is a interactive test update for SUSE:SLE-15-SP2:Update Is this message visible? update-test-interactive-5.1-33.2.x86_64.rpm update-test-interactive-5.1-33.2.s390x.rpm update-test-interactive-5.1-33.2.ppc64le.rpm update-test-interactive-5.1-33.2.aarch64.rpm openSUSE-SLE-15.4-2022-888 moderate SUSE Updates openSUSE-SLE 15.4 This update for avahi fixes the following issues: - Change python3-Twisted to a soft dependency. It is not available on SLED or PackageHub, and it is only needed by avahi-bookmarks (bsc#1196282) - Fix warning when Twisted is not available - Have python3-avahi require python3-dbus-python, not the python 2 dbus-1-python package (bsc#1195614) - Ensure that NetworkManager or wicked have already started before initializing (bsc#1194561) - Move sftp-ssh and ssh services to the doc directory. They allow a host's up/down status to be easily discovered and should not be enabled by default (bsc#1179060) avahi-glib2-0.7-3.18.1.src.rpm libavahi-ui0-0.7-3.18.1.x86_64.rpm libavahi-ui0-0.7-3.18.1.s390x.rpm libavahi-ui0-0.7-3.18.1.ppc64le.rpm libavahi-ui0-0.7-3.18.1.aarch64.rpm openSUSE-SLE-15.4-2022-476 moderate SUSE Updates openSUSE-SLE 15.4 This update for nfs-utils fixes the following issues: - If an error or warning message is produced before closeall() is called, mountd doesn't work. (bsc#1194661) nfs-client-2.1.1-10.21.1.x86_64.rpm nfs-doc-2.1.1-10.21.1.x86_64.rpm nfs-kernel-server-2.1.1-10.21.1.x86_64.rpm nfs-utils-2.1.1-10.21.1.src.rpm nfs-client-2.1.1-10.21.1.s390x.rpm nfs-doc-2.1.1-10.21.1.s390x.rpm nfs-kernel-server-2.1.1-10.21.1.s390x.rpm nfs-client-2.1.1-10.21.1.ppc64le.rpm nfs-doc-2.1.1-10.21.1.ppc64le.rpm nfs-kernel-server-2.1.1-10.21.1.ppc64le.rpm nfs-client-2.1.1-10.21.1.aarch64.rpm nfs-doc-2.1.1-10.21.1.aarch64.rpm nfs-kernel-server-2.1.1-10.21.1.aarch64.rpm openSUSE-SLE-15.4-2022-287 critical SUSE Updates openSUSE-SLE 15.4 This update for samba fixes the following issues: - CVE-2021-44142: Fixed out-of-Bound Read/Write on Samba vfs_fruit module. (bsc#1194859) libndr0-32bit-4.11.14+git.319.91d693db37c-4.35.1.x86_64.rpm libndr0-4.11.14+git.319.91d693db37c-4.35.1.x86_64.rpm samba-4.11.14+git.319.91d693db37c-4.35.1.src.rpm libndr0-4.11.14+git.319.91d693db37c-4.35.1.s390x.rpm libndr0-4.11.14+git.319.91d693db37c-4.35.1.ppc64le.rpm libndr0-4.11.14+git.319.91d693db37c-4.35.1.aarch64.rpm openSUSE-SLE-15.4-2022-284 critical SUSE Updates openSUSE-SLE 15.4 This update for samba fixes the following issues: - CVE-2021-44142: Fixed out-of-Bound Read/Write on Samba vfs_fruit module. (bsc#1194859) libsamba-policy-python-devel-4.9.5+git.483.212a7ebca6b-3.64.1.x86_64.rpm libsamba-policy0-32bit-4.9.5+git.483.212a7ebca6b-3.64.1.x86_64.rpm libsamba-policy0-4.9.5+git.483.212a7ebca6b-3.64.1.x86_64.rpm samba-4.9.5+git.483.212a7ebca6b-3.64.1.src.rpm samba-libs-python-32bit-4.9.5+git.483.212a7ebca6b-3.64.1.x86_64.rpm samba-libs-python-4.9.5+git.483.212a7ebca6b-3.64.1.x86_64.rpm samba-python-4.9.5+git.483.212a7ebca6b-3.64.1.x86_64.rpm libsamba-policy-python-devel-4.9.5+git.483.212a7ebca6b-3.64.1.s390x.rpm libsamba-policy0-4.9.5+git.483.212a7ebca6b-3.64.1.s390x.rpm samba-libs-python-4.9.5+git.483.212a7ebca6b-3.64.1.s390x.rpm samba-python-4.9.5+git.483.212a7ebca6b-3.64.1.s390x.rpm libsamba-policy-python-devel-4.9.5+git.483.212a7ebca6b-3.64.1.ppc64le.rpm libsamba-policy0-4.9.5+git.483.212a7ebca6b-3.64.1.ppc64le.rpm samba-libs-python-4.9.5+git.483.212a7ebca6b-3.64.1.ppc64le.rpm samba-python-4.9.5+git.483.212a7ebca6b-3.64.1.ppc64le.rpm libsamba-policy-python-devel-4.9.5+git.483.212a7ebca6b-3.64.1.aarch64.rpm libsamba-policy0-4.9.5+git.483.212a7ebca6b-3.64.1.aarch64.rpm samba-libs-python-4.9.5+git.483.212a7ebca6b-3.64.1.aarch64.rpm samba-python-4.9.5+git.483.212a7ebca6b-3.64.1.aarch64.rpm openSUSE-SLE-15.4-2022-330 important SUSE Updates openSUSE-SLE 15.4 This update for glibc fixes the following issues: - CVE-2021-3999: Fixed incorrect errno in getcwd (bsc#1194640) - CVE-2022-23219: Fixed buffer overflow in sunrpc clnt_create for "unix" (bsc#1194768) - CVE-2022-23218: Fixed buffer overflow in sunrpc svcunix_create (bsc#1194770) Features added: - IBM Power 10 string operation improvements (bsc#1194785, jsc#SLE-18195) glibc-2.31-150300.9.12.1.src.rpm glibc-2.31-150300.9.12.1.x86_64.rpm glibc-32bit-2.31-150300.9.12.1.x86_64.rpm glibc-devel-2.31-150300.9.12.1.x86_64.rpm glibc-devel-32bit-2.31-150300.9.12.1.x86_64.rpm glibc-devel-static-2.31-150300.9.12.1.x86_64.rpm glibc-devel-static-32bit-2.31-150300.9.12.1.x86_64.rpm glibc-extra-2.31-150300.9.12.1.x86_64.rpm glibc-html-2.31-150300.9.12.1.noarch.rpm glibc-i18ndata-2.31-150300.9.12.1.noarch.rpm glibc-info-2.31-150300.9.12.1.noarch.rpm glibc-lang-2.31-150300.9.12.1.noarch.rpm glibc-locale-2.31-150300.9.12.1.x86_64.rpm glibc-locale-base-2.31-150300.9.12.1.x86_64.rpm glibc-locale-base-32bit-2.31-150300.9.12.1.x86_64.rpm glibc-profile-2.31-150300.9.12.1.x86_64.rpm glibc-profile-32bit-2.31-150300.9.12.1.x86_64.rpm glibc-utils-2.31-150300.9.12.1.x86_64.rpm glibc-utils-32bit-2.31-150300.9.12.1.x86_64.rpm glibc-utils-src-2.31-150300.9.12.1.src.rpm nscd-2.31-150300.9.12.1.x86_64.rpm glibc-2.31-150300.9.12.1.s390x.rpm glibc-devel-2.31-150300.9.12.1.s390x.rpm glibc-devel-static-2.31-150300.9.12.1.s390x.rpm glibc-extra-2.31-150300.9.12.1.s390x.rpm glibc-locale-2.31-150300.9.12.1.s390x.rpm glibc-locale-base-2.31-150300.9.12.1.s390x.rpm glibc-profile-2.31-150300.9.12.1.s390x.rpm glibc-utils-2.31-150300.9.12.1.s390x.rpm nscd-2.31-150300.9.12.1.s390x.rpm glibc-2.31-150300.9.12.1.ppc64le.rpm glibc-devel-2.31-150300.9.12.1.ppc64le.rpm glibc-devel-static-2.31-150300.9.12.1.ppc64le.rpm glibc-extra-2.31-150300.9.12.1.ppc64le.rpm glibc-locale-2.31-150300.9.12.1.ppc64le.rpm glibc-locale-base-2.31-150300.9.12.1.ppc64le.rpm glibc-profile-2.31-150300.9.12.1.ppc64le.rpm glibc-utils-2.31-150300.9.12.1.ppc64le.rpm nscd-2.31-150300.9.12.1.ppc64le.rpm glibc-2.31-150300.9.12.1.aarch64.rpm glibc-devel-2.31-150300.9.12.1.aarch64.rpm glibc-devel-static-2.31-150300.9.12.1.aarch64.rpm glibc-extra-2.31-150300.9.12.1.aarch64.rpm glibc-locale-2.31-150300.9.12.1.aarch64.rpm glibc-locale-base-2.31-150300.9.12.1.aarch64.rpm glibc-profile-2.31-150300.9.12.1.aarch64.rpm glibc-utils-2.31-150300.9.12.1.aarch64.rpm nscd-2.31-150300.9.12.1.aarch64.rpm openSUSE-SLE-15.4-2022-1099 moderate SUSE Updates openSUSE-SLE 15.4 This update for aaa_base fixes the following issues: - Set net.ipv4.ping_group_range to allow ICMP ping (bsc#1194883) - Include all fixes and changes for systemwide inputrc to remove the 8 bit escape sequence which interfere with UTF-8 multi byte characters as well as support the vi mode of readline library aaa_base-84.87+git20180409.04c9dae-3.57.1.s390x.rpm aaa_base-84.87+git20180409.04c9dae-3.57.1.src.rpm aaa_base-extras-84.87+git20180409.04c9dae-3.57.1.s390x.rpm aaa_base-malloccheck-84.87+git20180409.04c9dae-3.57.1.s390x.rpm aaa_base-wsl-84.87+git20180409.04c9dae-3.57.1.s390x.rpm aaa_base-84.87+git20180409.04c9dae-3.57.1.aarch64.rpm aaa_base-extras-84.87+git20180409.04c9dae-3.57.1.aarch64.rpm aaa_base-malloccheck-84.87+git20180409.04c9dae-3.57.1.aarch64.rpm aaa_base-wsl-84.87+git20180409.04c9dae-3.57.1.aarch64.rpm aaa_base-84.87+git20180409.04c9dae-3.57.1.ppc64le.rpm aaa_base-extras-84.87+git20180409.04c9dae-3.57.1.ppc64le.rpm aaa_base-malloccheck-84.87+git20180409.04c9dae-3.57.1.ppc64le.rpm aaa_base-wsl-84.87+git20180409.04c9dae-3.57.1.ppc64le.rpm aaa_base-84.87+git20180409.04c9dae-3.57.1.x86_64.rpm aaa_base-extras-84.87+git20180409.04c9dae-3.57.1.x86_64.rpm aaa_base-malloccheck-84.87+git20180409.04c9dae-3.57.1.x86_64.rpm aaa_base-wsl-84.87+git20180409.04c9dae-3.57.1.x86_64.rpm openSUSE-SLE-15.4-2022-546 important SUSE Updates openSUSE-SLE 15.4 This update for monitoring-plugins fixes the following issues: the patch just reverts the problem, if you get more than 64K on stdout - recommend syslog for monitoring-plugins-log, as people probably want to analize logs generated by (r)syslog or journald check_snmp will segfaults at line 489 if number of lines returned by SNMPD is greater than number of defined thresholds - Remove unneeded build requirement on "syslog" - Remove unneeded BuildRequires on python-devel (bsc#1191011) - Call gettextize with --no-changelog to make package build reproducible (bsc#1047218) - Update to 2.3.1: Enhancements * check_curl: Add an option to verify the peer certificate and host using the system CA's Fixes * check_curl: fixed help, usage and errors for TLS 1.3 * check_curl: fixed a potential buffer overflow in url buffer * check_dns: split multiple IP addresses passed in one -a argument * check_curl: added string_statuscode function for printing HTTP/1.1 and HTTP/2 correctly * check_curl: fix crash if http header contains leading spaces * check_curl: display a specific human-readable error message where possible * check_pgsql: Using snprintf which honors the buffers size and guarantees null termination. * check_snmp: put the "c" (to mark a counter) after the perfdata value * check_http: Increase regexp limit * check_http: make -C obvious * check_curl: Increase regexp limit (to 1024 as in check_http) * check_curl: make -C obvious (from check_http) - Update to 2.3 (final): Enhancements * check_dns: allow 'expected address' (-a) to be specified in CIDR notation (IPv4 only). * check_dns: allow for IPv6 RDNS * check_dns: Accept CIDR * check_dns: allow unsorted addresses * check_dns: allow forcing complete match of all addresses * check_apt: add --only-critical switch * check_apt: add -l/--list option to print packages * check_file_age: add range checking * check_file_age: enable to test for maximum file size * check_apt: adding packages-warning option * check_load: Adding top consuming processes option * check_http: Adding Proxy-Authorization and extra headers * check_snmp: make calcualtion of timeout value in help output more clear * check_uptime: new plugin for checking uptime to see how long the system is running * check_curl: check_http replacement based on libcurl * check_http: Allow user to specify HTTP method after proxy CONNECT * check_http: Add new flag --show-body/-B to print body * check_cluster: Added data argument validation * check_icmp: Add IPv6 support * check_icmp: Automatically detect IP protocol * check_icmp: emit error if multiple protocol version * check_disk: add support to display inodes usage in perfdata * check_hpjd: Added -D option to disable warning on 'out of paper' * check_http: support the --show-body/-B flag when --expect is used * check_mysql: allow mariadbclient to be used * check_tcp: add --sni * check_dns: detect unreachable dns service in nslookup output Fixes * Fix regression where check_dhcp was rereading response in a tight loop * check_dns: fix error detection on sles nslookup * check_disk_smb: fix timeout issue * check_swap: repaired -n behaviour * check_icmp: Correctly set address_family on lookup * check_icmp: Do not overwrite -4,-6 on lookup * check_smtp: initializes n before it is used * check_dns: fix typo in parameter description * check_by_ssh: fix child process leak on timeouts * check_mysql: Allow sockets to be specified to -H * check_procs: improve command examples for 'at least' processes * check_disk: include -P switch in help * check_mailq: restore accidentially removed options - change version to 2.3~alpha.$date.$commit changes summarized * detect unreachable dns service in nslookup output * check_curl: host_name may be null * update test parameter according to check_http * check_curl: use CURLOPT_RESOLVE to fix connecting to the right ip * workaround for issue #1550 - better use "ping -4" instead of "ping" if supported * Use size_t instead of int when calling sysctl(3) * check_tcp: add --sni * Fix timeout_interval declarations * check_curl: NSS, parse more date formats from certificate (in -C cert check) * check_curl: more tolerant CN= parsing when checking certificates (hit on Centos 8) * setting no_body to TRUE when we have a HEAD request * some LIBCURL_VERSION checks around HTTP/2 feature * added --http-version option to check_curl to choose HTTP * improved curlhelp_parse_statusline to handle both HTTP/1.x and HTTP/2 * check_curl: updates embedded picohttpparser to newest git version * setting progname of check_curl plugin to check_curl (at least for now) * Allow mariadbclient to be used for check_mysql * fix maxfd being zero * include -P switch in help * check_swap: repaired "-n" behaviour * improve command examples for 'at least' processes * check_mysql: Allow sockets to be specified to -H * Adding packages-warning option to check_apt plugin * Adding print top consuming processes option to check_load * check_snmp: make calcualtion of timeout value in help output more clear * [check_disk] add support to display inodes usage in perfdata * check_by_ssh: fix child process leak on timeouts * check_icmp: Add IPv6 support * check_dns: fix typo in parameter description * Also support the --show-body/-B flag when --expect is used * check_dns: improve support for checking multiple addresses * check_hpjd: Added -D option to disable warning on 'out of paper' * check_icmp: Do not overwrite -4,-6 on lookup * check_icmp: emit error if multiple protocol version * check_icmp: move opts string into a variable * check_cluster.c: Added data argument validation. * check_icmp: Correctly set address_family on lookup * check_icmp: process protocol version args first * check_icmp: Add IPv6 support - drop explicit attr in filelist for check_host and check_rta_multi as they are symlinks to check_icmp - add new subpackage monitoring-plugins-uptime - include upstream fixes for check_swap - simply fix the plugin name in the comment - improve the output if the swap has zero size - use unknown exit code for help/version in plugins - updated context in - monitoring-plugins-mysql should also provide monitoring-plugins-mysql_query - Provide/Obsolete nagios-plugins in old version for better compatibility and to allow dist upgrade (bsc#1114483) freeradius-client-1.1.7-3.2.1.src.rpm freeradius-client-1.1.7-3.2.1.x86_64.rpm freeradius-client-devel-1.1.7-3.2.1.x86_64.rpm freeradius-client-libs-1.1.7-3.2.1.x86_64.rpm monitoring-plugins-2.3.1-3.9.2.src.rpm monitoring-plugins-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-all-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-breeze-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-by_ssh-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-cluster-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-common-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-cups-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-dbi-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-dbi-mysql-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-dbi-pgsql-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-dbi-sqlite3-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-dhcp-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-dig-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-disk-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-disk_smb-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-dns-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-dummy-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-extras-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-file_age-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-flexlm-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-fping-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-hpjd-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-http-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-icmp-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-ide_smart-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-ifoperstatus-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-ifstatus-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-ircd-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-ldap-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-load-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-log-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-mailq-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-mrtg-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-mrtgtraf-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-mysql-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-nagios-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-nt-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-ntp_peer-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-ntp_time-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-nwstat-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-oracle-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-overcr-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-pgsql-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-ping-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-procs-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-radius-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-real-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-rpc-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-sensors-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-smtp-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-snmp-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-ssh-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-swap-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-tcp-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-time-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-ups-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-users-2.3.1-3.9.2.x86_64.rpm monitoring-plugins-wave-2.3.1-3.9.2.x86_64.rpm perl-Crypt-DES-2.07-3.2.1.src.rpm perl-Crypt-DES-2.07-3.2.1.x86_64.rpm perl-Crypt-Rijndael-1.13-3.2.1.src.rpm perl-Crypt-Rijndael-1.13-3.2.1.x86_64.rpm perl-Net-SNMP-6.0.1-3.2.1.noarch.rpm perl-Net-SNMP-6.0.1-3.2.1.src.rpm freeradius-client-1.1.7-3.2.1.s390x.rpm freeradius-client-devel-1.1.7-3.2.1.s390x.rpm freeradius-client-libs-1.1.7-3.2.1.s390x.rpm monitoring-plugins-2.3.1-3.9.2.s390x.rpm monitoring-plugins-all-2.3.1-3.9.2.s390x.rpm monitoring-plugins-breeze-2.3.1-3.9.2.s390x.rpm monitoring-plugins-by_ssh-2.3.1-3.9.2.s390x.rpm monitoring-plugins-cluster-2.3.1-3.9.2.s390x.rpm monitoring-plugins-common-2.3.1-3.9.2.s390x.rpm monitoring-plugins-cups-2.3.1-3.9.2.s390x.rpm monitoring-plugins-dbi-2.3.1-3.9.2.s390x.rpm monitoring-plugins-dbi-mysql-2.3.1-3.9.2.s390x.rpm monitoring-plugins-dbi-pgsql-2.3.1-3.9.2.s390x.rpm monitoring-plugins-dbi-sqlite3-2.3.1-3.9.2.s390x.rpm monitoring-plugins-dhcp-2.3.1-3.9.2.s390x.rpm monitoring-plugins-dig-2.3.1-3.9.2.s390x.rpm monitoring-plugins-disk-2.3.1-3.9.2.s390x.rpm monitoring-plugins-disk_smb-2.3.1-3.9.2.s390x.rpm monitoring-plugins-dns-2.3.1-3.9.2.s390x.rpm monitoring-plugins-dummy-2.3.1-3.9.2.s390x.rpm monitoring-plugins-extras-2.3.1-3.9.2.s390x.rpm monitoring-plugins-file_age-2.3.1-3.9.2.s390x.rpm monitoring-plugins-flexlm-2.3.1-3.9.2.s390x.rpm monitoring-plugins-fping-2.3.1-3.9.2.s390x.rpm monitoring-plugins-hpjd-2.3.1-3.9.2.s390x.rpm monitoring-plugins-http-2.3.1-3.9.2.s390x.rpm monitoring-plugins-icmp-2.3.1-3.9.2.s390x.rpm monitoring-plugins-ide_smart-2.3.1-3.9.2.s390x.rpm monitoring-plugins-ifoperstatus-2.3.1-3.9.2.s390x.rpm monitoring-plugins-ifstatus-2.3.1-3.9.2.s390x.rpm monitoring-plugins-ircd-2.3.1-3.9.2.s390x.rpm monitoring-plugins-ldap-2.3.1-3.9.2.s390x.rpm monitoring-plugins-load-2.3.1-3.9.2.s390x.rpm monitoring-plugins-log-2.3.1-3.9.2.s390x.rpm monitoring-plugins-mailq-2.3.1-3.9.2.s390x.rpm monitoring-plugins-mrtg-2.3.1-3.9.2.s390x.rpm monitoring-plugins-mrtgtraf-2.3.1-3.9.2.s390x.rpm monitoring-plugins-mysql-2.3.1-3.9.2.s390x.rpm monitoring-plugins-nagios-2.3.1-3.9.2.s390x.rpm monitoring-plugins-nt-2.3.1-3.9.2.s390x.rpm monitoring-plugins-ntp_peer-2.3.1-3.9.2.s390x.rpm monitoring-plugins-ntp_time-2.3.1-3.9.2.s390x.rpm monitoring-plugins-nwstat-2.3.1-3.9.2.s390x.rpm monitoring-plugins-oracle-2.3.1-3.9.2.s390x.rpm monitoring-plugins-overcr-2.3.1-3.9.2.s390x.rpm monitoring-plugins-pgsql-2.3.1-3.9.2.s390x.rpm monitoring-plugins-ping-2.3.1-3.9.2.s390x.rpm monitoring-plugins-procs-2.3.1-3.9.2.s390x.rpm monitoring-plugins-radius-2.3.1-3.9.2.s390x.rpm monitoring-plugins-real-2.3.1-3.9.2.s390x.rpm monitoring-plugins-rpc-2.3.1-3.9.2.s390x.rpm monitoring-plugins-smtp-2.3.1-3.9.2.s390x.rpm monitoring-plugins-snmp-2.3.1-3.9.2.s390x.rpm monitoring-plugins-ssh-2.3.1-3.9.2.s390x.rpm monitoring-plugins-swap-2.3.1-3.9.2.s390x.rpm monitoring-plugins-tcp-2.3.1-3.9.2.s390x.rpm monitoring-plugins-time-2.3.1-3.9.2.s390x.rpm monitoring-plugins-ups-2.3.1-3.9.2.s390x.rpm monitoring-plugins-users-2.3.1-3.9.2.s390x.rpm monitoring-plugins-wave-2.3.1-3.9.2.s390x.rpm perl-Crypt-DES-2.07-3.2.1.s390x.rpm perl-Crypt-Rijndael-1.13-3.2.1.s390x.rpm freeradius-client-1.1.7-3.2.1.ppc64le.rpm freeradius-client-devel-1.1.7-3.2.1.ppc64le.rpm freeradius-client-libs-1.1.7-3.2.1.ppc64le.rpm monitoring-plugins-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-all-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-breeze-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-by_ssh-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-cluster-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-common-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-cups-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-dbi-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-dbi-mysql-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-dbi-pgsql-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-dbi-sqlite3-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-dhcp-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-dig-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-disk-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-disk_smb-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-dns-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-dummy-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-extras-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-file_age-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-flexlm-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-fping-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-hpjd-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-http-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-icmp-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-ide_smart-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-ifoperstatus-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-ifstatus-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-ircd-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-ldap-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-load-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-log-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-mailq-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-mrtg-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-mrtgtraf-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-mysql-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-nagios-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-nt-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-ntp_peer-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-ntp_time-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-nwstat-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-oracle-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-overcr-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-pgsql-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-ping-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-procs-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-radius-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-real-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-rpc-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-sensors-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-smtp-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-snmp-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-ssh-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-swap-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-tcp-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-time-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-ups-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-users-2.3.1-3.9.2.ppc64le.rpm monitoring-plugins-wave-2.3.1-3.9.2.ppc64le.rpm perl-Crypt-DES-2.07-3.2.1.ppc64le.rpm perl-Crypt-Rijndael-1.13-3.2.1.ppc64le.rpm freeradius-client-1.1.7-3.2.1.aarch64.rpm freeradius-client-devel-1.1.7-3.2.1.aarch64.rpm freeradius-client-libs-1.1.7-3.2.1.aarch64.rpm monitoring-plugins-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-all-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-breeze-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-by_ssh-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-cluster-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-common-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-cups-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-dbi-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-dbi-mysql-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-dbi-pgsql-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-dbi-sqlite3-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-dhcp-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-dig-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-disk-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-disk_smb-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-dns-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-dummy-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-extras-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-file_age-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-flexlm-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-fping-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-hpjd-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-http-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-icmp-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-ide_smart-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-ifoperstatus-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-ifstatus-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-ircd-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-ldap-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-load-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-log-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-mailq-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-mrtg-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-mrtgtraf-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-mysql-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-nagios-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-nt-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-ntp_peer-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-ntp_time-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-nwstat-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-oracle-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-overcr-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-pgsql-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-ping-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-procs-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-radius-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-real-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-rpc-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-sensors-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-smtp-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-snmp-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-ssh-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-swap-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-tcp-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-time-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-ups-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-users-2.3.1-3.9.2.aarch64.rpm monitoring-plugins-wave-2.3.1-3.9.2.aarch64.rpm perl-Crypt-DES-2.07-3.2.1.aarch64.rpm perl-Crypt-Rijndael-1.13-3.2.1.aarch64.rpm openSUSE-SLE-15.4-2022-480 important SUSE Updates openSUSE-SLE 15.4 This update for tiff fixes the following issues: - CVE-2017-17095: Fixed DoS in tools/pal2rgb.c in pal2rgb (bsc#1071031). - CVE-2019-17546: Fixed integer overflow that potentially causes a heap-based buffer overflow via a crafted RGBA image (bsc#1154365). - CVE-2020-19131: Fixed buffer overflow in tiffcrop that may cause DoS via the invertImage() function (bsc#1190312). - CVE-2020-35521: Fixed memory allocation failure in tif_read.c (bsc#1182808). - CVE-2020-35522: Fixed memory allocation failure in tif_pixarlog.c (bsc#1182809). - CVE-2020-35523: Fixed integer overflow in tif_getimage.c (bsc#1182811). - CVE-2020-35524: Fixed heap-based buffer overflow in TIFF2PDF tool (bsc#1182812). - CVE-2022-22844: Fixed out-of-bounds read in _TIFFmemcpy in tif_unix.c (bsc#1194539). libtiff-devel-32bit-4.0.9-45.5.1.x86_64.rpm libtiff-devel-4.0.9-45.5.1.x86_64.rpm libtiff5-32bit-4.0.9-45.5.1.x86_64.rpm libtiff5-4.0.9-45.5.1.x86_64.rpm tiff-4.0.9-45.5.1.src.rpm tiff-4.0.9-45.5.1.x86_64.rpm libtiff-devel-4.0.9-45.5.1.s390x.rpm libtiff5-4.0.9-45.5.1.s390x.rpm tiff-4.0.9-45.5.1.s390x.rpm libtiff-devel-4.0.9-45.5.1.ppc64le.rpm libtiff5-4.0.9-45.5.1.ppc64le.rpm tiff-4.0.9-45.5.1.ppc64le.rpm libtiff-devel-4.0.9-45.5.1.aarch64.rpm libtiff5-4.0.9-45.5.1.aarch64.rpm tiff-4.0.9-45.5.1.aarch64.rpm openSUSE-SLE-15.4-2022-520 moderate SUSE Updates openSUSE-SLE 15.4 This update for rpm fixes the following issues: - Revert unwanted /usr/bin/python to /usr/bin/python2 change we got with the update to 4.14.3 (bsc#1194968) python-rpm-4.14.3-150300.46.1.src.rpm python2-rpm-4.14.3-150300.46.1.x86_64.rpm python2-rpm-4.14.3-150300.46.1.s390x.rpm python2-rpm-4.14.3-150300.46.1.ppc64le.rpm python2-rpm-4.14.3-150300.46.1.aarch64.rpm openSUSE-SLE-15.4-2022-523 moderate SUSE Updates openSUSE-SLE 15.4 This update for systemd fixes the following issues: - systemctl: exit with 1 if no unit files found (bsc#1193841). - add rules for virtual devices (bsc#1193759). - enforce "none" for loop devices (bsc#1193759). systemd-234-24.105.1.src.rpm True systemd-bash-completion-234-24.105.1.noarch.rpm True openSUSE-SLE-15.4-2022-366 critical SUSE Updates openSUSE-SLE 15.4 The SUSE Linux Enterprise 15 SP1 LTSS kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-0435: Fixed remote stack overflow in net/tipc module that validate domain record count on input (bsc#1195254). - CVE-2022-0330: Fixed flush TLBs before releasing backing store (bsc#1194880). - CVE-2021-45486: Fixed an information leak because the hash table is very small in net/ipv4/route.c (bnc#1194087). - CVE-2021-45095: Fixed refcount leak in pep_sock_accept in net/phonet/pep.c (bnc#1193867). - CVE-2021-44733: Fixed a use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem, that could have occured because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object (bnc#1193767). - CVE-2021-43976: Fixed a flaw that could allow an attacker (who can connect a crafted USB device) to cause a denial of service. (bnc#1192847) - CVE-2021-43975: Fixed a flaw in hw_atl_utils_fw_rpc_wait that could allow an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value. (bsc#1192845) - CVE-2021-4202: Fixed NFC race condition by adding NCI_UNREG flag (bsc#1194529). - CVE-2021-4197: Use cgroup open-time credentials for process migraton perm checks (bsc#1194302). - CVE-2021-4159: Fixed kernel ptr leak vulnerability via BPF in coerce_reg_to_size (bsc#1194227). - CVE-2021-4149: Fixed btrfs unlock newly allocated extent buffer after error (bsc#1194001). - CVE-2021-4135: Fixed zero-initialize memory inside netdevsim for new map's value in function nsim_bpf_map_alloc (bsc#1193927). - CVE-2021-4083: Fixed a read-after-free memory flaw inside the garbage collection for Unix domain socket file handlers when users call close() and fget() simultaneouslyand can potentially trigger a race condition (bnc#1193727). - CVE-2021-4002: Fixed incorrect TLBs flush in hugetlbfs after huge_pmd_unshare (bsc#1192946). - CVE-2021-39657: Fixed out of bounds read due to a missing bounds check in ufshcd_eh_device_reset_handler of ufshcd.c. This could lead to local information disclosure with System execution privileges needed (bnc#1193864). - CVE-2021-39648: Fixed possible disclosure of kernel heap memory due to a race condition in gadget_dev_desc_UDC_show of configfs.c. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation (bnc#1193861). - CVE-2021-3564: Fixed double-free memory corruption in the Linux kernel HCI device initialization subsystem that could have been used by attaching malicious HCI TTY Bluetooth devices. A local user could use this flaw to crash the system (bnc#1186207). - CVE-2021-33098: Fixed a potential denial of service in Intel(R) Ethernet ixgbe driver due to improper input validation. (bsc#1192877) - CVE-2021-28715: Fixed issue with xen/netback to do not queue unlimited number of packages (XSA-392) (bsc#1193442). - CVE-2021-28714: Fixed issue with xen/netback to handle rx queue stall detection (XSA-392) (bsc#1193442). - CVE-2021-28713: Fixed issue with xen/console to harden hvc_xen against event channel storms (XSA-391) (bsc#1193440). - CVE-2021-28712: Fixed issue with xen/netfront to harden netfront against event channel storms (XSA-391) (bsc#1193440). - CVE-2021-28711: Fixed issue with xen/blkfront to harden blkfront against event channel storms (XSA-391) (bsc#1193440). - CVE-2021-0935: Fixed possible out of bounds write in ip6_xmit of ip6_output.c due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation (bnc#1192032). - CVE-2021-0920: Fixed a local privilege escalation due to an use after free bug in unix_gc (bsc#1193731). - CVE-2020-27820: Fixed a vulnerability where a use-after-frees in nouveau's postclose() handler could happen if removing device (bsc#1179599). - CVE-2019-15126: Fixed a vulnerability in Broadcom and Cypress Wi-Fi chips, used in RPi family of devices aka "Kr00k". (bsc#1167162) - CVE-2018-25020: Fixed an overflow in the BPF subsystem due to a mishandling of a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions. This affects kernel/bpf/core.c and net/core/filter.c (bnc#1193575). The following non-security bugs were fixed: - Bluetooth: fix the erroneous flush_work() order (git-fixes). - Build: Add obsolete_rebuilds_subpackage (boo#1172073 bsc#1191731). - ICMPv6: Add ICMPv6 Parameter Problem, code 3 definition (bsc#1191241 bsc#1195166). - IPv6: reply ICMP error if the first fragment do not include all headers (bsc#1191241). - elfcore: fix building with clang (bsc#1169514). - hv_netvsc: Set needed_headroom according to VF (bsc#1193506). - ipv6/netfilter: Discard first fragment not including all headers (bsc#1191241 bsc#1195166). - kernel-*-subpackage: Add dependency on kernel scriptlets (bsc#1192740). - kernel-binary.spec.in Stop templating the scriptlets for subpackages (bsc#1190358). - kernel-binary.spec.in: add zstd to BuildRequires if used - kernel-binary.spec.in: make sure zstd is supported by kmod if used - kernel-binary.spec: Check for no kernel signing certificates. Also remove unused variable. - kernel-binary.spec: Define $image as rpm macro (bsc#1189841). - kernel-binary.spec: Do not fail silently when KMP is empty (bsc#1190358). Copy the code from kernel-module-subpackage that deals with empty KMPs. - kernel-binary.spec: Do not sign kernel when no key provided (bsc#1187167). - kernel-binary.spec: Fix kernel-default-base scriptlets after packaging merge. - kernel-binary.spec: Require dwarves for kernel-binary-devel when BTF is enabled (jsc#SLE-17288). - kernel-binary.spec: suse-kernel-rpm-scriptlets required for uninstall as well. - kernel-cert-subpackage: Fix certificate location in scriptlets (bsc#1189841). - kernel-source.spec: install-kernel-tools also required on 15.4 - kernel-spec-macros: Since rpm 4.17 %verbose is unusable (bsc#1191229). The semantic changed in an incompatible way so invoking the macro now causes a build failure. - kprobes: Limit max data_size of the kretprobe instances (bsc#1193669). - livepatch: Avoid CPU hogging with cond_resched (bsc#1071995). - memstick: rtsx_usb_ms: fix UAF (bsc#1194516). - moxart: fix potential use-after-free on remove path (bsc#1194516). - net, xdp: Introduce xdp_init_buff utility routine (bsc#1193506). - net, xdp: Introduce xdp_prepare_buff utility routine (bsc#1193506). - net: Using proper atomic helper (bsc#1186222). - net: ipv6: Discard next-hop MTU less than minimum link MTU (bsc#1191241). - net: mana: Add RX fencing (bsc#1193506). - net: mana: Add XDP support (bsc#1193506). - net: mana: Allow setting the number of queues while the NIC is down (bsc#1193506). - net: mana: Fix spelling mistake "calledd" -> "called" (bsc#1193506). - net: mana: Fix the netdev_err()'s vPort argument in mana_init_port() (bsc#1193506). - net: mana: Improve the HWC error handling (bsc#1193506). - net: mana: Support hibernation and kexec (bsc#1193506). - net: mana: Use kcalloc() instead of kzalloc() (bsc#1193506). - objtool: Support Clang non-section symbols in ORC generation (bsc#1169514). - post.sh: detect /usr mountpoint too - recordmcount.pl: fix typo in s390 mcount regex (bsc#1192267). - recordmcount.pl: look for jgnop instruction as well as bcrl on s390 (bsc#1192267). - rpm/kernel-binary.spec.in: Use kmod-zstd provide. This makes it possible to use kmod with ZSTD support on non-Tumbleweed. - rpm/kernel-binary.spec.in: avoid conflicting suse-release suse-release had arbitrary values in staging, we can't use it for dependencies. The filesystem one has to be enough (boo#1184804). - rpm/kernel-binary.spec.in: do not strip vmlinux again (bsc#1193306). - rpm/kernel-binary.spec: Use only non-empty certificates. - rpm/kernel-obs-build.spec.in: make builds reproducible (bsc#1189305). - rpm/kernel-source.rpmlintrc: ignore new include/config files. - rpm/kernel-source.spec.in: do some more for vanilla_only. - rpm: Abolish image suffix (bsc#1189841). - rpm: Abolish scritplet templating (bsc#1189841). Outsource kernel-binary and KMP scriptlets to suse-module-tools. - rpm: Define $certs as rpm macro (bsc#1189841). - rpm: Fold kernel-devel and kernel-source scriptlets into spec files (bsc#1189841). - rpm: fix kmp install path - rpm: use _rpmmacrodir (boo#1191384) - tty: hvc: replace BUG_ON() with negative return value. - vfs: check fd has read access in kernel_read_file_from_fd() (bsc#1194888). - x86/xen: Mark cpu_bringup_and_idle() as dead_end_function (bsc#1169514). - xen/blkfront: do not take local copy of a request from the ring page (git-fixes). - xen/blkfront: do not trust the backend response data blindly (git-fixes). - xen/blkfront: read response from backend only once (git-fixes). - xen/netfront: disentangle tx_skb_freelist (git-fixes). - xen/netfront: do not read data from request on the ring page (git-fixes). - xen/netfront: do not trust the backend response data blindly (git-fixes). - xen/netfront: read response from backend only once (git-fixes). - xen: sync include/xen/interface/io/ring.h with Xen's newest version (git-fixes). - xfrm: fix MTU regression (bsc#1185377, bsc#1194048). kernel-debug-4.12.14-197.105.1.nosrc.rpm True kernel-debug-base-4.12.14-197.105.1.x86_64.rpm True kernel-default-4.12.14-197.105.1.nosrc.rpm True kernel-kvmsmall-4.12.14-197.105.1.nosrc.rpm True kernel-kvmsmall-base-4.12.14-197.105.1.x86_64.rpm True kernel-vanilla-4.12.14-197.105.1.nosrc.rpm True kernel-vanilla-4.12.14-197.105.1.x86_64.rpm True kernel-vanilla-base-4.12.14-197.105.1.x86_64.rpm True kernel-vanilla-devel-4.12.14-197.105.1.x86_64.rpm True kernel-vanilla-livepatch-devel-4.12.14-197.105.1.x86_64.rpm True kernel-default-man-4.12.14-197.105.1.s390x.rpm True kernel-vanilla-4.12.14-197.105.1.s390x.rpm True kernel-vanilla-base-4.12.14-197.105.1.s390x.rpm True kernel-vanilla-devel-4.12.14-197.105.1.s390x.rpm True kernel-vanilla-livepatch-devel-4.12.14-197.105.1.s390x.rpm True kernel-zfcpdump-4.12.14-197.105.1.nosrc.rpm True kernel-zfcpdump-man-4.12.14-197.105.1.s390x.rpm True kernel-debug-base-4.12.14-197.105.1.ppc64le.rpm True kernel-vanilla-4.12.14-197.105.1.ppc64le.rpm True kernel-vanilla-base-4.12.14-197.105.1.ppc64le.rpm True kernel-vanilla-devel-4.12.14-197.105.1.ppc64le.rpm True kernel-vanilla-livepatch-devel-4.12.14-197.105.1.ppc64le.rpm True kernel-vanilla-4.12.14-197.105.1.aarch64.rpm True kernel-vanilla-base-4.12.14-197.105.1.aarch64.rpm True kernel-vanilla-devel-4.12.14-197.105.1.aarch64.rpm True kernel-vanilla-livepatch-devel-4.12.14-197.105.1.aarch64.rpm True openSUSE-SLE-15.4-2022-884 moderate SUSE Updates openSUSE-SLE 15.4 This update for python-jsonschema, python-rfc3987, python-strict-rfc3339 fixes the following issues: - Add patch to fix build with new webcolors. - update to version 3.2.0 (jsc#SLE-18756): * Added a format_nongpl setuptools extra, which installs only format dependencies that are non-GPL (#619). - specfile: * require python-importlib-metadata - update to version 3.1.1: * Temporarily revert the switch to js-regex until #611 and #612 are resolved. - changes from version 3.1.0: - Regular expressions throughout schemas now respect the ECMA 262 dialect, as recommended by the specification (#609). - Activate more of the test suite - Remove tests and benchmarking from the runtime package - Update to v3.0.2 - Fixed a bug where 0 and False were considered equal by const and enum - from v3.0.1 - Fixed a bug where extending validators did not preserve their notion of which validator property contains $id information. - Update to 3.0.1: - Support for Draft 6 and Draft 7 - Draft 7 is now the default - New TypeChecker object for more complex type definitions (and overrides) - Falling back to isodate for the date-time format checker is no longer attempted, in accordance with the specification - Use %license instead of %doc (bsc#1082318) - Remove hashbang from runtime module - Replace PyPI URL with https://github.com/dgerber/rfc3987 - Activate doctests - Add missing runtime dependency on timezone - Replace dead link with GitHub URL - Activate test suite - Trim bias from descriptions. - Initial commit, needed by flex python-attrs-19.3.0-3.4.1.src.rpm python-backports-4.0.0-3.2.1.src.rpm python-configparser2-4.0.0-3.2.1.src.rpm python-pyrsistent-0.14.4-3.2.1.src.rpm python-six-1.14.0-12.1.src.rpm python-six-doc-1.14.0-12.1.noarch.rpm python-six-test-1.14.0-12.1.src.rpm python2-attrs-19.3.0-3.4.1.noarch.rpm python2-backports-4.0.0-3.2.1.noarch.rpm python2-configparser2-4.0.0-3.2.1.noarch.rpm python2-pyrsistent-0.14.4-3.2.1.x86_64.rpm python2-six-1.14.0-12.1.noarch.rpm python3-attrs-19.3.0-3.4.1.noarch.rpm python3-backports-4.0.0-3.2.1.noarch.rpm python3-configparser2-4.0.0-3.2.1.noarch.rpm python3-pyrsistent-0.14.4-3.2.1.x86_64.rpm python3-six-1.14.0-12.1.noarch.rpm python2-pyrsistent-0.14.4-3.2.1.s390x.rpm python3-pyrsistent-0.14.4-3.2.1.s390x.rpm python2-pyrsistent-0.14.4-3.2.1.ppc64le.rpm python3-pyrsistent-0.14.4-3.2.1.ppc64le.rpm python2-pyrsistent-0.14.4-3.2.1.aarch64.rpm python3-pyrsistent-0.14.4-3.2.1.aarch64.rpm openSUSE-SLE-15.4-2022-522 moderate SUSE Updates openSUSE-SLE 15.4 This update for fetchmail fixes the following issues: - Restore autoprobe functionality (bsc#1193894) fetchmail-6.4.22-20.26.1.src.rpm fetchmail-6.4.22-20.26.1.x86_64.rpm fetchmailconf-6.4.22-20.26.1.x86_64.rpm fetchmail-6.4.22-20.26.1.s390x.rpm fetchmailconf-6.4.22-20.26.1.s390x.rpm fetchmail-6.4.22-20.26.1.ppc64le.rpm fetchmailconf-6.4.22-20.26.1.ppc64le.rpm fetchmail-6.4.22-20.26.1.aarch64.rpm fetchmailconf-6.4.22-20.26.1.aarch64.rpm openSUSE-SLE-15.4-2022-817 moderate SUSE Updates openSUSE-SLE 15.4 This update for xstream fixes the following issues: - CVE-2021-43859: Fixed a denial of service when unmarshalling highly recursive collections or maps (bsc#1195458). xstream-1.4.19-3.18.2.noarch.rpm xstream-1.4.19-3.18.2.src.rpm xstream-benchmark-1.4.19-3.18.2.noarch.rpm xstream-javadoc-1.4.19-3.18.2.noarch.rpm xstream-parent-1.4.19-3.18.2.noarch.rpm openSUSE-SLE-15.4-2022-803 important SUSE Updates openSUSE-SLE 15.4 This update for python-lxml fixes the following issues: - CVE-2018-19787: Fixed XSS vulnerability via unescaped URL (bsc#1118088). - CVE-2021-28957: Fixed XSS vulnerability ia HTML5 attributes unescaped (bsc#1184177). - CVE-2021-43818: Fixed XSS vulnerability via script content in SVG images using data URIs (bnc#1193752). - CVE-2020-27783: Fixed mutation XSS with improper parser use (bnc#1179534). python-lxml-4.7.1-3.7.1.src.rpm python2-lxml-4.7.1-3.7.1.x86_64.rpm python2-lxml-devel-4.7.1-3.7.1.x86_64.rpm python3-lxml-4.7.1-3.7.1.x86_64.rpm python3-lxml-devel-4.7.1-3.7.1.x86_64.rpm python2-lxml-4.7.1-3.7.1.s390x.rpm python2-lxml-devel-4.7.1-3.7.1.s390x.rpm python3-lxml-4.7.1-3.7.1.s390x.rpm python3-lxml-devel-4.7.1-3.7.1.s390x.rpm python2-lxml-4.7.1-3.7.1.ppc64le.rpm python2-lxml-devel-4.7.1-3.7.1.ppc64le.rpm python3-lxml-4.7.1-3.7.1.ppc64le.rpm python3-lxml-devel-4.7.1-3.7.1.ppc64le.rpm python2-lxml-4.7.1-3.7.1.aarch64.rpm python2-lxml-devel-4.7.1-3.7.1.aarch64.rpm python3-lxml-4.7.1-3.7.1.aarch64.rpm python3-lxml-devel-4.7.1-3.7.1.aarch64.rpm openSUSE-SLE-15.4-2022-344 moderate SUSE Updates openSUSE-SLE 15.4 This update for obs-service-kiwi_metainfo_helper fixes the following issues: - Generate OS_VERSION based on os-release VERSION (bsc#1195061). - Add test suite obs-service-kiwi_metainfo_helper-0.5-1.15.1.noarch.rpm obs-service-kiwi_metainfo_helper-0.5-1.15.1.src.rpm openSUSE-SLE-15.4-2022-479 important SUSE Updates openSUSE-SLE 15.4 This update for virglrenderer fixes the following issues: - CVE-2022-0135: Fixed out-of-bonds write in read_transfer_data() (bsc#1195389). libvirglrenderer0-0.6.0-4.9.1.x86_64.rpm virglrenderer-0.6.0-4.9.1.src.rpm libvirglrenderer0-0.6.0-4.9.1.s390x.rpm libvirglrenderer0-0.6.0-4.9.1.ppc64le.rpm libvirglrenderer0-0.6.0-4.9.1.aarch64.rpm openSUSE-SLE-15.4-2022-519 moderate SUSE Updates openSUSE-SLE 15.4 This update for sysstat fixes the following issues: - Fix possible segfault (bsc#1194679). sysstat-12.0.2-3.33.1.src.rpm sysstat-12.0.2-3.33.1.x86_64.rpm sysstat-isag-12.0.2-3.33.1.x86_64.rpm sysstat-12.0.2-3.33.1.s390x.rpm sysstat-isag-12.0.2-3.33.1.s390x.rpm sysstat-12.0.2-3.33.1.ppc64le.rpm sysstat-isag-12.0.2-3.33.1.ppc64le.rpm sysstat-12.0.2-3.33.1.aarch64.rpm sysstat-isag-12.0.2-3.33.1.aarch64.rpm openSUSE-SLE-15.4-2022-595 moderate SUSE Updates openSUSE-SLE 15.4 This update fixes the following issues: ansible: - Require python macros for building mgr-cfg: - Version 4.2.6-1 * Do not build python 2 package for SLE15SP4 and higher - Version 4.2.5-1 * do not build python 2 package for SLE15 - Version 4.2.4-1 * Fix python selinux package name depending on build target (bsc#1193600) mgr-custom-info: - Version 4.2.3-1 * require python macros for building mgr-osad: - Version 4.2.7-1 * Do not build python 2 package for SLE15SP4 and higher * require python macros for building mgr-push: - Version 4.2.4-1 * Do not build python 2 package for SLE15SP4 and higher mgr-virtualization: - Version 4.2.3-1 * Do not build python 2 package for SLE15SP4 and higher * require python macros for building rhnlib: - Version 4.2.5-1 * do not build python 2 package for SLE15 spacecmd: - Version 4.2.15-1 * require python macros for building spacewalk-client-tools: - Version 4.2.16-1 * do not build python 2 package for SLE15 * require python macros for building spacewalk-koan: - Version 4.2.5-1 * Do not build python 2 package for SLE15SP4 and higher spacewalk-oscap: - Version 4.2.3-1 * Do not build python 2 package for SLE15SP4 and higher * require python macros for building spacewalk-remote-utils: - Version 4.2.2-1 * require python macros for building suseRegisterInfo: - Version 4.2.5-1 * require python macros for building * Do not build python 2 package for SLE15 and higher uyuni-common-libs: - Version 4.2.6-1 * Read modularity data from DISTTAG tag as fallback (bsc#1192487) * require python macros for building zypp-plugin-spacewalk: - 1.0.11 * require python macros for building ansible-2.9.21-1.10.1.noarch.rpm ansible-2.9.21-1.10.1.src.rpm ansible-doc-2.9.21-1.10.1.noarch.rpm ansible-test-2.9.21-1.10.1.noarch.rpm python2-rhnlib-4.2.5-3.31.1.noarch.rpm python3-rhnlib-4.2.5-3.31.1.noarch.rpm rhnlib-4.2.5-3.31.1.src.rpm spacecmd-4.2.15-3.74.1.noarch.rpm spacecmd-4.2.15-3.74.1.src.rpm openSUSE-SLE-15.4-2022-652 moderate SUSE Updates openSUSE-SLE 15.4 This update for raspberrypi-eeprom fixes the following issues: Update to version 2021.04.29 (bsc#1194950) - Use upstream version schema (year.month.day) instead of arbitrary 0.0 - Add support for NVMe to the bootloader with a new NVMe boot mode - Add support for [cm4] and [pi400] config conditionals filters - TFTP - reply to duplicate ACKS - Skip rendering of HDMI diagnostics display for the first 8 seconds unless an error occurs - Add support for the BCM2711 XHCI controller - BOOT_ORDER 0x5 - Add XHCI protocol layer fixes for non-VLI controllers - Avoid USB MSD timeout of there is only one device - Fix recovery.bin error handler so that the LED error pattern is still displayed even if HDMI or SDRAM fail - Fix GPIO expander reset issue on some Pi4B 1.1 to 1.3 boards - Fix regression for GPIO expander reset change which caused PMIC reset to get card out of 1V8 mode to be missed - Timeout USB MSD commands and move to the next boot mode if a device stops responding - Add support for booting from the BCM2711 XHCI controller which is the USB-C socket on Pi 4B / Pi 400 and the type A sockets on Compute Module 4 IO board - Validate SDRAM in recovery mode raspberrypi-eeprom-2021.04.29-150300.3.3.1.noarch.rpm raspberrypi-eeprom-2021.04.29-150300.3.3.1.src.rpm raspberrypi-eeprom-firmware-2021.04.29-150300.3.3.1.noarch.rpm openSUSE-SLE-15.4-2022-525 moderate SUSE Updates openSUSE-SLE 15.4 This update for polkit fixes the following issues: - CVE-2021-4115: Fixed a denial of service via file descriptor leak (bsc#1195542). libpolkit0-0.116-3.9.1.x86_64.rpm libpolkit0-32bit-0.116-3.9.1.x86_64.rpm polkit-0.116-3.9.1.src.rpm polkit-0.116-3.9.1.x86_64.rpm polkit-devel-0.116-3.9.1.x86_64.rpm polkit-doc-0.116-3.9.1.noarch.rpm typelib-1_0-Polkit-1_0-0.116-3.9.1.x86_64.rpm libpolkit0-0.116-3.9.1.s390x.rpm polkit-0.116-3.9.1.s390x.rpm polkit-devel-0.116-3.9.1.s390x.rpm typelib-1_0-Polkit-1_0-0.116-3.9.1.s390x.rpm libpolkit0-0.116-3.9.1.ppc64le.rpm polkit-0.116-3.9.1.ppc64le.rpm polkit-devel-0.116-3.9.1.ppc64le.rpm typelib-1_0-Polkit-1_0-0.116-3.9.1.ppc64le.rpm libpolkit0-0.116-3.9.1.aarch64.rpm polkit-0.116-3.9.1.aarch64.rpm polkit-devel-0.116-3.9.1.aarch64.rpm typelib-1_0-Polkit-1_0-0.116-3.9.1.aarch64.rpm openSUSE-SLE-15.4-2022-675 moderate SUSE Updates openSUSE-SLE 15.4 This update for ldns fixes the following issues: - CVE-2020-19860: Fixed heap-based out of bounds read when verifying a zone file (bsc#1195057). - CVE-2020-19861: Fixed heap-based out of bounds read in ldns_nsec3_salt_data() (bsc#1195058). ldns-1.7.0-4.6.1.src.rpm ldns-1.7.0-4.6.1.x86_64.rpm ldns-devel-1.7.0-4.6.1.x86_64.rpm libldns2-1.7.0-4.6.1.x86_64.rpm perl-DNS-LDNS-1.7.0-4.6.1.x86_64.rpm python3-ldns-1.7.0-4.6.1.x86_64.rpm ldns-1.7.0-4.6.1.s390x.rpm ldns-devel-1.7.0-4.6.1.s390x.rpm libldns2-1.7.0-4.6.1.s390x.rpm perl-DNS-LDNS-1.7.0-4.6.1.s390x.rpm python3-ldns-1.7.0-4.6.1.s390x.rpm ldns-1.7.0-4.6.1.ppc64le.rpm ldns-devel-1.7.0-4.6.1.ppc64le.rpm libldns2-1.7.0-4.6.1.ppc64le.rpm perl-DNS-LDNS-1.7.0-4.6.1.ppc64le.rpm python3-ldns-1.7.0-4.6.1.ppc64le.rpm ldns-1.7.0-4.6.1.aarch64.rpm ldns-devel-1.7.0-4.6.1.aarch64.rpm libldns2-1.7.0-4.6.1.aarch64.rpm perl-DNS-LDNS-1.7.0-4.6.1.aarch64.rpm python3-ldns-1.7.0-4.6.1.aarch64.rpm openSUSE-SLE-15.4-2022-370 critical SUSE Updates openSUSE-SLE 15.4 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-0435: Fixed remote stack overflow in net/tipc module that validate domain record count on input (bsc#1195254). - CVE-2022-0330: Fixed flush TLBs before releasing backing store (bsc#1194880). - CVE-2022-0286: Fixed null pointer dereference in bond_ipsec_add_sa() that may have lead to local denial of service (bnc#1195371). - CVE-2022-22942: Fixed stale file descriptors on failed usercopy (bsc#1195065). - CVE-2021-45095: Fixed refcount leak in pep_sock_accept in net/phonet/pep.c (bnc#1193867). - CVE-2021-44733: Fixed a use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem, that could have occured because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object (bnc#1193767). - CVE-2021-39685: Fixed USB gadget buffer overflow caused by too large endpoint 0 requests (bsc#1193802). - CVE-2021-39657: Fixed out of bounds read due to a missing bounds check in ufshcd_eh_device_reset_handler of ufshcd.c. This could lead to local information disclosure with System execution privileges needed (bnc#1193864). - CVE-2021-39648: Fixed possible disclosure of kernel heap memory due to a race condition in gadget_dev_desc_UDC_show of configfs.c. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation (bnc#1193861). - CVE-2021-22600: Fixed double free bug in packet_set_ring() in net/packet/af_packet.c that could have been exploited by a local user through crafted syscalls to escalate privileges or deny service (bnc#1195184). - CVE-2020-28097: Fixed out-of-bounds read in vgacon subsystem that mishandled software scrollback (bnc#1187723). The following non-security bugs were fixed: - ACPI: battery: Add the ThinkPad "Not Charging" quirk (git-fixes). - ACPICA: Executer: Fix the REFCLASS_REFOF case in acpi_ex_opcode_1A_0T_1R() (git-fixes). - ACPICA: Fix wrong interpretation of PCC address (git-fixes). - ACPICA: Hardware: Do not flush CPU cache when entering S4 and S5 (git-fixes). - ACPICA: Utilities: Avoid deleting the same object twice in a row (git-fixes). - ACPICA: actypes.h: Expand the ACPI_ACCESS_ definitions (git-fixes). - ALSA: seq: Set upper limit of processed events (git-fixes). - ALSA: usb-audio: Correct quirk for VF0770 (git-fixes). - ALSA: usb-audio: initialize variables that could ignore errors (git-fixes). - ASoC: cpcap: Check for NULL pointer after calling of_get_child_by_name (git-fixes). - ASoC: fsl: Add missing error handling in pcm030_fabric_probe (git-fixes). - ASoC: max9759: fix underflow in speaker_gain_control_put() (git-fixes). - ASoC: mediatek: mt8173: fix device_node leak (git-fixes). - ASoC: xilinx: xlnx_formatter_pcm: Make buffer bytes multiple of period bytes (git-fixes). - Bluetooth: Fix debugfs entry leak in hci_register_dev() (git-fixes). - Bluetooth: refactor malicious adv data check (git-fixes). - Documentation: fix firewire.rst ABI file path error (git-fixes). - HID: apple: Do not reset quirks when the Fn key is not found (git-fixes). - HID: quirks: Allow inverting the absolute X/Y values (git-fixes). - HID: uhid: Fix worker destroying device without any protection (git-fixes). - HID: wacom: Reset expected and received contact counts at the same time (git-fixes). - IB/cm: Avoid a loop when device has 255 ports (git-fixes) - IB/hfi1: Fix error return code in parse_platform_config() (git-fixes) - IB/hfi1: Use kzalloc() for mmu_rb_handler allocation (git-fixes) - IB/isert: Fix a use after free in isert_connect_request (git-fixes) - IB/mlx4: Separate tunnel and wire bufs parameters (git-fixes) - IB/mlx5: Add missing error code (git-fixes) - IB/mlx5: Add mutex destroy call to cap_mask_mutex mutex (git-fixes) - IB/mlx5: Fix error unwinding when set_has_smi_cap fails (git-fixes) - IB/mlx5: Return appropriate error code instead of ENOMEM (git-fixes) - IB/umad: Return EIO in case of when device disassociated (git-fixes) - IB/umad: Return EPOLLERR in case of when device disassociated (git-fixes) - Input: wm97xx: Simplify resource management (git-fixes). - NFS: Ensure the server had an up to date ctime before renaming (git-fixes). - NFSv4: Handle case where the lookup of a directory fails (git-fixes). - NFSv4: nfs_atomic_open() can race when looking up a non-regular file (git-fixes). - PCI: Add function 1 DMA alias quirk for Marvell 88SE9125 SATA controller (git-fixes). - PM: wakeup: simplify the output logic of pm_show_wakelocks() (git-fixes). - RDMA/addr: Be strict with gid size (git-fixes) - RDMA/bnxt_re: Fix a double free in bnxt_qplib_alloc_res (git-fixes) - RDMA/bnxt_re: Fix error return code in bnxt_qplib_cq_process_terminal() (git-fixes) - RDMA/bnxt_re: Set queue pair state when being queried (git-fixes) - RDMA/cm: Fix an attempt to use non-valid pointer when cleaning timewait (git-fixes) - RDMA/core: Clean up cq pool mechanism (jsc#SLE-15176). - RDMA/core: Do not access cm_id after its destruction (git-fixes) - RDMA/core: Do not indicate device ready when device enablement fails (git-fixes) - RDMA/core: Fix corrupted SL on passive side (git-fixes) - RDMA/core: Unify RoCE check and re-factor code (git-fixes) - RDMA/cxgb4: Fix adapter LE hash errors while destroying ipv6 listening server (git-fixes) - RDMA/cxgb4: Fix the reported max_recv_sge value (git-fixes) - RDMA/cxgb4: Validate the number of CQEs (git-fixes) - RDMA/cxgb4: add missing qpid increment (git-fixes) - RDMA/hns: Add a check for current state before modifying QP (git-fixes) - RDMA/hns: Remove the portn field in UD SQ WQE (git-fixes) - RDMA/hns: Remove unnecessary access right set during INIT2INIT (git-fixes) - RDMA/i40iw: Address an mmap handler exploit in i40iw (git-fixes) - RDMA/i40iw: Fix error unwinding when i40iw_hmc_sd_one fails (git-fixes) - RDMA/mlx5: Fix corruption of reg_pages in mlx5_ib_rereg_user_mr() (git-fixes) - RDMA/mlx5: Fix potential race between destroy and CQE poll (git-fixes) - RDMA/mlx5: Fix query DCT via DEVX (git-fixes) - RDMA/mlx5: Fix type warning of sizeof in __mlx5_ib_alloc_counters() (git-fixes) - RDMA/mlx5: Fix wrong free of blue flame register on error (git-fixes) - RDMA/mlx5: Issue FW command to destroy SRQ on reentry (git-fixes) - RDMA/mlx5: Recover from fatal event in dual port mode (git-fixes) - RDMA/mlx5: Use the correct obj_id upon DEVX TIR creation (git-fixes) - RDMA/ocrdma: Fix use after free in ocrdma_dealloc_ucontext_pd() (git-fixes) - RDMA/rxe: Clear all QP fields if creation failed (git-fixes) - RDMA/rxe: Compute PSN windows correctly (git-fixes) - RDMA/rxe: Correct skb on loopback path (git-fixes) - RDMA/rxe: Fix coding error in rxe_rcv_mcast_pkt (git-fixes) - RDMA/rxe: Fix coding error in rxe_recv.c (git-fixes) - RDMA/rxe: Fix missing kconfig dependency on CRYPTO (git-fixes) - RDMA/rxe: Remove the unnecessary variable (jsc#SLE-15176). - RDMA/rxe: Remove useless code in rxe_recv.c (git-fixes) - RDMA/siw: Fix a use after free in siw_alloc_mr (git-fixes) - RDMA/siw: Fix calculation of tx_valid_cpus size (git-fixes) - RDMA/siw: Fix handling of zero-sized Read and Receive Queues. (git-fixes) - RDMA/siw: Properly check send and receive CQ pointers (git-fixes) - RDMA/usnic: Fix memleak in find_free_vf_and_create_qp_grp (git-fixes) - RDMA/uverbs: Fix a NULL vs IS_ERR() bug (git-fixes) - RDMA/uverbs: Tidy input validation of ib_uverbs_rereg_mr() (git-fixes) - RMDA/sw: Do not allow drivers using dma_virt_ops on highmem configs (git-fixes) - USB: core: Fix hang in usb_kill_urb by adding memory barriers (git-fixes). - USB: serial: mos7840: fix probe error handling (git-fixes). - ar5523: Fix null-ptr-deref with unexpected WDCMSG_TARGET_START reply (git-fixes). - arm64: Kconfig: add a choice for endianness (jsc#SLE-23432). - asix: fix wrong return value in asix_check_host_enable() (git-fixes). - ata: pata_platform: Fix a NULL pointer dereference in __pata_platform_probe() (git-fixes). - ath10k: Fix tx hanging (git-fixes). - ath9k: Fix out-of-bound memcpy in ath9k_hif_usb_rx_stream (git-fixes). - batman-adv: allow netlink usage in unprivileged containers (git-fixes). - blk-cgroup: fix missing put device in error path from blkg_conf_pref() (bsc#1195481). - blk-mq: introduce blk_mq_set_request_complete (git-fixes). - bpf: Verifer, adjust_scalar_min_max_vals to always call update_reg_bounds() (bsc#1194227). - btrfs: tree-checker: Add EXTENT_ITEM and METADATA_ITEM check (bsc#1195009). - btrfs: tree-checker: annotate all error branches as unlikely (bsc#1195009). - btrfs: tree-checker: check for BTRFS_BLOCK_FLAG_FULL_BACKREF being set improperly (bsc#1195009). - cgroup/cpuset: Fix a partition bug with hotplug (bsc#1194291). - clk: si5341: Fix clock HW provider cleanup (git-fixes). - crypto: qat - fix undetected PFVF timeout in ACK loop (git-fixes). - dma-buf: heaps: Fix potential spectre v1 gadget (git-fixes). - drm/amdgpu: fixup bad vram size on gmc v8 (git-fixes). - drm/bridge: megachips: Ensure both bridges are probed before registration (git-fixes). - drm/etnaviv: limit submit sizes (git-fixes). - drm/etnaviv: relax submit size limits (git-fixes). - drm/i915/overlay: Prevent divide by zero bugs in scaling (git-fixes). - drm/lima: fix warning when CONFIG_DEBUG_SG=y & CONFIG_DMA_API_DEBUG=y (git-fixes). - drm/msm/dpu: invalid parameter check in dpu_setup_dspp_pcc (git-fixes). - drm/msm/dsi: Fix missing put_device() call in dsi_get_phy (git-fixes). - drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable (git-fixes). - drm/msm/hdmi: Fix missing put_device() call in msm_hdmi_get_phy (git-fixes). - drm/msm: Fix wrong size calculation (git-fixes). - drm/nouveau/kms/nv04: use vzalloc for nv04_display (git-fixes). - drm/nouveau/pmu/gm200-: avoid touching PMU outside of DEVINIT/PREOS/ACR (git-fixes). - drm/nouveau: fix off by one in BIOS boundary checking (git-fixes). - drm: panel-orientation-quirks: Add quirk for the Lenovo Yoga Book X91F/L (git-fixes). - ext4: fix an use-after-free issue about data=journal writeback mode (bsc#1195482). - ext4: make sure quota gets properly shutdown on error (bsc#1195480). - ext4: set csum seed in tmp inode while migrating to extents (bsc#1195267). - floppy: Add max size check for user space request (git-fixes). - fsnotify: fix fsnotify hooks in pseudo filesystems (bsc#1195479). - fsnotify: invalidate dcache before IN_DELETE event (bsc#1195478). - gpio: aspeed: Convert aspeed_gpio.lock to raw_spinlock (git-fixes). - gpiolib: acpi: Do not set the IRQ type if the IRQ is already in use (git-fixes). - hv_netvsc: Set needed_headroom according to VF (bsc#1193506). - hwmom: (lm90) Fix citical alarm status for MAX6680/MAX6681 (git-fixes). - hwmon: (lm90) Mark alert as broken for MAX6646/6647/6649 (git-fixes). - hwmon: (lm90) Mark alert as broken for MAX6654 (git-fixes). - hwmon: (lm90) Mark alert as broken for MAX6680 (git-fixes). - hwmon: (lm90) Reduce maximum conversion rate for G781 (git-fixes). - i2c: designware-pci: Fix to change data types of hcnt and lcnt parameters (git-fixes). - i2c: i801: Do not silently correct invalid transfer size (git-fixes). - i2c: mpc: Correct I2C reset procedure (git-fixes). - i40iw: Add support to make destroy QP synchronous (git-fixes) - ibmvnic: Allow extra failures before disabling (bsc#1195073 ltc#195713). - ibmvnic: Update driver return codes (bsc#1195293 ltc#196198). - ibmvnic: do not spin in tasklet (bsc#1195073 ltc#195713). - ibmvnic: init ->running_cap_crqs early (bsc#1195073 ltc#195713). - ibmvnic: remove unused ->wait_capability (bsc#1195073 ltc#195713). - ibmvnic: remove unused defines (bsc#1195293 ltc#196198). - igc: Fix TX timestamp support for non-MSI-X platforms (bsc#1160634). - iwlwifi: fix leaks/bad data after failed firmware load (git-fixes). - iwlwifi: mvm: Fix calculation of frame length (git-fixes). - iwlwifi: mvm: Increase the scan timeout guard to 30 seconds (git-fixes). - iwlwifi: mvm: synchronize with FW after multicast commands (git-fixes). - iwlwifi: remove module loading failure message (git-fixes). - lib82596: Fix IRQ check in sni_82596_probe (git-fixes). - lightnvm: Remove lightnvm implemenation (bsc#1191881). - mac80211: allow non-standard VHT MCS-10/11 (git-fixes). - media: b2c2: Add missing check in flexcop_pci_isr: (git-fixes). - media: coda/imx-vdoa: Handle dma_set_coherent_mask error codes (git-fixes). - media: igorplugusb: receiver overflow should be reported (git-fixes). - media: m920x: do not use stack on USB reads (git-fixes). - media: saa7146: hexium_gemini: Fix a NULL pointer dereference in hexium_attach() (git-fixes). - media: saa7146: hexium_orion: Fix a NULL pointer dereference in hexium_attach() (git-fixes). - media: uvcvideo: Increase UVC_CTRL_CONTROL_TIMEOUT to 5 seconds (git-fixes). - mlxsw: Only advertise link modes supported by both driver and device (bsc#1154488). - mmc: core: Fixup storing of OCR for MMC_QUIRK_NONSTD_SDIO (git-fixes). - mtd: nand: bbt: Fix corner case in bad block table handling (git-fixes). - mtd: rawnand: gpmi: Add ERR007117 protection for nfc_apply_timings (git-fixes). - mtd: rawnand: gpmi: Remove explicit default gpmi clock setting for i.MX6 (git-fixes). - net, xdp: Introduce xdp_init_buff utility routine (bsc#1193506). - net, xdp: Introduce xdp_prepare_buff utility routine (bsc#1193506). - net/mlx5: DR, Proper handling of unsupported Connect-X6DX SW steering (jsc#SLE-8464). - net/mlx5: E-Switch, fix changing vf VLANID (jsc#SLE-15172). - net/mlx5e: Protect encap route dev from concurrent release (jsc#SLE-8464). - net: allow retransmitting a TCP packet if original is still in queue (bsc#1188605 bsc#1187428). - net: bonding: fix bond_xmit_broadcast return value error bug (bsc#1176447). - net: bridge: vlan: fix memory leak in __allowed_ingress (bsc#1176447). - net: bridge: vlan: fix single net device option dumping (bsc#1176447). - net: mana: Add RX fencing (bsc#1193506). - net: mana: Add XDP support (bsc#1193506). - net: sch_generic: aviod concurrent reset and enqueue op for lockless qdisc (bsc#1183405). - net: sched: add barrier to ensure correct ordering for lockless qdisc (bsc#1183405). - net: sched: avoid unnecessary seqcount operation for lockless qdisc (bsc#1183405). - net: sched: fix packet stuck problem for lockless qdisc (bsc#1183405). - net: sched: fix tx action reschedule issue with stopped queue (bsc#1183405). - net: sched: fix tx action rescheduling issue during deactivation (bsc#1183405). - net: sched: replaced invalid qdisc tree flush helper in qdisc_replace (bsc#1183405). - net: sfp: fix high power modules without diagnostic monitoring (bsc#1154353). - netdevsim: set .owner to THIS_MODULE (bsc#1154353). - nfc: llcp: fix NULL error pointer dereference on sendmsg() after failed bind() (git-fixes). - nvme-core: use list_add_tail_rcu instead of list_add_tail for nvme_init_ns_head (git-fixes). - nvme-fabrics: avoid double completions in nvmf_fail_nonready_command (git-fixes). - nvme-fabrics: ignore invalid fast_io_fail_tmo values (git-fixes). - nvme-fabrics: remove superfluous nvmf_host_put in nvmf_parse_options (git-fixes). - nvme-tcp: fix data digest pointer calculation (git-fixes). - nvme-tcp: fix incorrect h2cdata pdu offset accounting (git-fixes). - nvme-tcp: fix memory leak when freeing a queue (git-fixes). - nvme-tcp: fix possible use-after-completion (git-fixes). - nvme-tcp: validate R2T PDU in nvme_tcp_handle_r2t() (git-fixes). - nvme: add 'iopolicy' module parameter (bsc#1177599 bsc#1193096). - nvme: fix use after free when disconnecting a reconnecting ctrl (git-fixes). - nvme: introduce a nvme_host_path_error helper (git-fixes). - nvme: refactor ns->ctrl by request (git-fixes). - phy: uniphier-usb3ss: fix unintended writing zeros to PHY register (git-fixes). - phylib: fix potential use-after-free (git-fixes). - pinctrl: bcm2835: Add support for wake-up interrupts (git-fixes). - pinctrl: bcm2835: Match BCM7211 compatible string (git-fixes). - pinctrl: intel: Fix a glitch when updating IRQ flags on a preconfigured line (git-fixes). - pinctrl: intel: fix unexpected interrupt (git-fixes). - powerpc/book3s64/radix: make tlb_single_page_flush_ceiling a debugfs entry (bsc#1195183 ltc#193865). - powerpc/perf: Fix power_pmu_disable to call clear_pmi_irq_pending only if PMI is pending (bsc#1156395). - regulator: qcom_smd: Align probe function with rpmh-regulator (git-fixes). - rpmsg: char: Fix race between the release of rpmsg_ctrldev and cdev (git-fixes). - rpmsg: char: Fix race between the release of rpmsg_eptdev and cdev (git-fixes). - rsi: Fix use-after-free in rsi_rx_done_handler() (git-fixes). - sched/fair: Fix detection of per-CPU kthreads waking a task (git fixes (sched/fair)). - sched/numa: Fix is_core_idle() (git fixes (sched/numa)). - scripts/dtc: dtx_diff: remove broken example from help text (git-fixes). - scripts/dtc: only append to HOST_EXTRACFLAGS instead of overwriting (git-fixes). - serial: 8250: of: Fix mapped region size when using reg-offset property (git-fixes). - serial: Fix incorrect rs485 polarity on uart open (git-fixes). - serial: amba-pl011: do not request memory region twice (git-fixes). - serial: core: Keep mctrl register state and cached copy in sync (git-fixes). - serial: pl010: Drop CR register reset on set_termios (git-fixes). - serial: stm32: fix software flow control transfer (git-fixes). - spi: bcm-qspi: check for valid cs before applying chip select (git-fixes). - spi: mediatek: Avoid NULL pointer crash in interrupt (git-fixes). - spi: meson-spicc: add IRQ check in meson_spicc_probe (git-fixes). - supported.conf: mark rtw88 modules as supported (jsc#SLE-22690) - tty: Add support for Brainboxes UC cards (git-fixes). - tty: n_gsm: fix SW flow control encoding/handling (git-fixes). - ucsi_ccg: Check DEV_INT bit only when starting CCG4 (git-fixes). - udf: Fix NULL ptr deref when converting from inline format (bsc#1195476). - udf: Restore i_lenAlloc when inode expansion fails (bsc#1195477). - usb-storage: Add unusual-devs entry for VL817 USB-SATA bridge (git-fixes). - usb: common: ulpi: Fix crash in ulpi_match() (git-fixes). - usb: gadget: f_fs: Use stream_open() for endpoint files (git-fixes). - usb: gadget: f_sourcesink: Fix isoc transfer for USB_SPEED_SUPER_PLUS (git-fixes). - usb: hub: Add delay for SuperSpeed hub resume to let links transit to U0 (git-fixes). - usb: roles: fix include/linux/usb/role.h compile issue (git-fixes). - usb: typec: tcpm: Do not disconnect while receiving VBUS off (git-fixes). - usb: uhci: add aspeed ast2600 uhci support (git-fixes). - vfio/iommu_type1: replace kfree with kvfree (git-fixes). - video: hyperv_fb: Fix validation of screen resolution (git-fixes). - vxlan: fix error return code in __vxlan_dev_create() (bsc#1154353). - workqueue: Fix unbind_workers() VS wq_worker_running() race (bsc#1195062). - x86/gpu: Reserve stolen memory for first integrated Intel GPU (git-fixes). - xfrm: fix MTU regression (bsc#1185377, bsc#1194048). - xhci-pci: Allow host runtime PM as default for Intel Alpine Ridge LP (git-fixes). cluster-md-kmp-preempt-5.3.18-150300.59.49.1.x86_64.rpm True dlm-kmp-preempt-5.3.18-150300.59.49.1.x86_64.rpm True gfs2-kmp-preempt-5.3.18-150300.59.49.1.x86_64.rpm True kernel-preempt-5.3.18-150300.59.49.1.nosrc.rpm True kernel-preempt-5.3.18-150300.59.49.1.x86_64.rpm True kernel-preempt-devel-5.3.18-150300.59.49.1.x86_64.rpm True kernel-preempt-extra-5.3.18-150300.59.49.1.x86_64.rpm True kernel-preempt-livepatch-devel-5.3.18-150300.59.49.1.x86_64.rpm True kernel-preempt-optional-5.3.18-150300.59.49.1.x86_64.rpm True kselftests-kmp-preempt-5.3.18-150300.59.49.1.x86_64.rpm True ocfs2-kmp-preempt-5.3.18-150300.59.49.1.x86_64.rpm True reiserfs-kmp-preempt-5.3.18-150300.59.49.1.x86_64.rpm True cluster-md-kmp-preempt-5.3.18-150300.59.49.1.aarch64.rpm True dlm-kmp-preempt-5.3.18-150300.59.49.1.aarch64.rpm True dtb-aarch64-5.3.18-150300.59.49.1.src.rpm True dtb-al-5.3.18-150300.59.49.1.aarch64.rpm True dtb-zte-5.3.18-150300.59.49.1.aarch64.rpm True gfs2-kmp-preempt-5.3.18-150300.59.49.1.aarch64.rpm True kernel-preempt-5.3.18-150300.59.49.1.aarch64.rpm True kernel-preempt-devel-5.3.18-150300.59.49.1.aarch64.rpm True kernel-preempt-extra-5.3.18-150300.59.49.1.aarch64.rpm True kernel-preempt-livepatch-devel-5.3.18-150300.59.49.1.aarch64.rpm True kernel-preempt-optional-5.3.18-150300.59.49.1.aarch64.rpm True kselftests-kmp-preempt-5.3.18-150300.59.49.1.aarch64.rpm True ocfs2-kmp-preempt-5.3.18-150300.59.49.1.aarch64.rpm True reiserfs-kmp-preempt-5.3.18-150300.59.49.1.aarch64.rpm True openSUSE-SLE-15.4-2022-539 moderate SUSE Updates openSUSE-SLE 15.4 This update for systemd fixes the following issues: - CVE-2021-3997: Fixed an uncontrolled recursion in systemd's systemd-tmpfiles (bsc#1194178). The following non-security bugs were fixed: - udev/net_id: don't generate slot based names if multiple devices might claim the same slot (bsc#1192637) - localectl: don't omit keymaps files that are symlinks (bsc#1191826) systemd-246.16-150300.7.39.1.src.rpm systemd-logger-246.16-150300.7.39.1.x86_64.rpm systemd-logger-246.16-150300.7.39.1.s390x.rpm systemd-logger-246.16-150300.7.39.1.ppc64le.rpm systemd-logger-246.16-150300.7.39.1.aarch64.rpm openSUSE-SLE-15.4-2022-540 moderate SUSE Updates openSUSE-SLE 15.4 This update for ImageMagick fixes the following issues: - CVE-2022-0284: Fixed heap buffer overread in GetPixelAlpha() in MagickCore/pixel-accessor.h (bsc#1195563). ImageMagick-7.0.7.34-10.21.1.src.rpm libMagick++-7_Q16HDRI4-32bit-7.0.7.34-10.21.1.x86_64.rpm libMagick++-7_Q16HDRI4-7.0.7.34-10.21.1.x86_64.rpm libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-10.21.1.x86_64.rpm libMagickCore-7_Q16HDRI6-7.0.7.34-10.21.1.x86_64.rpm libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-10.21.1.x86_64.rpm libMagickWand-7_Q16HDRI6-7.0.7.34-10.21.1.x86_64.rpm libMagick++-7_Q16HDRI4-7.0.7.34-10.21.1.s390x.rpm libMagickCore-7_Q16HDRI6-7.0.7.34-10.21.1.s390x.rpm libMagickWand-7_Q16HDRI6-7.0.7.34-10.21.1.s390x.rpm libMagick++-7_Q16HDRI4-7.0.7.34-10.21.1.ppc64le.rpm libMagickCore-7_Q16HDRI6-7.0.7.34-10.21.1.ppc64le.rpm libMagickWand-7_Q16HDRI6-7.0.7.34-10.21.1.ppc64le.rpm libMagick++-7_Q16HDRI4-7.0.7.34-10.21.1.aarch64.rpm libMagickCore-7_Q16HDRI6-7.0.7.34-10.21.1.aarch64.rpm libMagickWand-7_Q16HDRI6-7.0.7.34-10.21.1.aarch64.rpm openSUSE-SLE-15.4-2022-373 moderate SUSE Updates openSUSE-SLE 15.4 This update for rpmlint fixes the following issues: - Whitelisting `kdenetwork-filesharing`. (bsc#1195548) - Whitelisting of `powerdevil5`. (bsc#1195662) - Whitelisting of `plasma5-disks`. (bsc#1195491) rpmlint-1.10-7.38.1.noarch.rpm rpmlint-1.10-7.38.1.src.rpm openSUSE-SLE-15.4-2022-384 moderate SUSE Updates openSUSE-SLE 15.4 This update for python-python-docs-theme fixes the following issues: - Switch to setup.py based installation for compatibility with old SLE distros. - Update to 2022.1: - Add a configuration for license URL. - Exclude the floating navbar from CHM help. - Make sidebar scrollable and sticky (on modern browsers) - Fix monospace again, on buggy Google Chrome - Add the copyright_url variable in the theme - Improve readability - Remove #searchbox on mobile to fix a layout bug - Fix the appearance of version/language selects - Make the theme responsive - Use default pygments theme - Test Github action to validate the theme against docsbuild scripts. - Add the copy button to pycon3 highlighted code blocks. - Updated the readme, to remind user to install the package in a virtual environment. - Updated the package url, using the GitHub repository instead of docs.python.org - Added license information to the footer of the doc - Fixed typo in the footer - Added information on how to use the package - Fixed code formatting - Fixed code bgcolor and codetextcolor for Sphinx 3.1.0+ python-python-docs-theme-2022.1-150300.3.3.1.src.rpm python3-python-docs-theme-2022.1-150300.3.3.1.noarch.rpm openSUSE-SLE-15.4-2022-716 important SUSE Updates openSUSE-SLE 15.4 This update for wpa_supplicant fixes the following issues: - CVE-2022-23303: Fixed side-channel attacks in SAE (bsc#1194732). - CVE-2022-23304: Fixed side-channel attacks in EAP-pwd (bsc#1194733). wpa_supplicant-2.9-4.33.1.src.rpm wpa_supplicant-2.9-4.33.1.x86_64.rpm wpa_supplicant-gui-2.9-4.33.1.x86_64.rpm wpa_supplicant-2.9-4.33.1.s390x.rpm wpa_supplicant-gui-2.9-4.33.1.s390x.rpm wpa_supplicant-2.9-4.33.1.ppc64le.rpm wpa_supplicant-gui-2.9-4.33.1.ppc64le.rpm wpa_supplicant-2.9-4.33.1.aarch64.rpm wpa_supplicant-gui-2.9-4.33.1.aarch64.rpm openSUSE-SLE-15.4-2022-696 important SUSE Updates openSUSE-SLE 15.4 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.6.0 ESR / MFSA 2022-05 (bsc#1195682) - CVE-2022-22753: Privilege Escalation to SYSTEM on Windows via Maintenance Service - CVE-2022-22754: Extensions could have bypassed permission confirmation during update - CVE-2022-22756: Drag and dropping an image could have resulted in the dropped object being an executable - CVE-2022-22759: Sandboxed iframes could have executed script if the parent appended elements - CVE-2022-22760: Cross-Origin responses could be distinguished between script and non-script content-types - CVE-2022-22761: frame-ancestors Content Security Policy directive was not enforced for framed extension pages - CVE-2022-22763: Script Execution during invalid object state - CVE-2022-22764: Memory safety bugs fixed in Firefox 97 and Firefox ESR 91.6 Firefox Extended Support Release 91.5.1 ESR (bsc#1195230) - Fixed an issue that allowed unexpected data to be submitted in some of our search telemetry MozillaFirefox-91.6.0-152.15.1.src.rpm MozillaFirefox-91.6.0-152.15.1.x86_64.rpm MozillaFirefox-branding-upstream-91.6.0-152.15.1.x86_64.rpm MozillaFirefox-devel-91.6.0-152.15.1.x86_64.rpm MozillaFirefox-translations-common-91.6.0-152.15.1.x86_64.rpm MozillaFirefox-translations-other-91.6.0-152.15.1.x86_64.rpm MozillaFirefox-91.6.0-152.15.1.s390x.rpm MozillaFirefox-branding-upstream-91.6.0-152.15.1.s390x.rpm MozillaFirefox-devel-91.6.0-152.15.1.s390x.rpm MozillaFirefox-translations-common-91.6.0-152.15.1.s390x.rpm MozillaFirefox-translations-other-91.6.0-152.15.1.s390x.rpm MozillaFirefox-91.6.0-152.15.1.ppc64le.rpm MozillaFirefox-branding-upstream-91.6.0-152.15.1.ppc64le.rpm MozillaFirefox-devel-91.6.0-152.15.1.ppc64le.rpm MozillaFirefox-translations-common-91.6.0-152.15.1.ppc64le.rpm MozillaFirefox-translations-other-91.6.0-152.15.1.ppc64le.rpm MozillaFirefox-91.6.0-152.15.1.aarch64.rpm MozillaFirefox-branding-upstream-91.6.0-152.15.1.aarch64.rpm MozillaFirefox-devel-91.6.0-152.15.1.aarch64.rpm MozillaFirefox-translations-common-91.6.0-152.15.1.aarch64.rpm MozillaFirefox-translations-other-91.6.0-152.15.1.aarch64.rpm openSUSE-SLE-15.4-2022-718 moderate SUSE Updates openSUSE-SLE 15.4 This feature update for duperemove fixes the following issue: Update from version 0.11.beta4 to version 0.11.3 (jsc#SLE-11306) - Increase open file limit. - Create hash database file with 600 permission for improved security. - Read more data per pread, for v2 hashfile format this reduces the overall number of syscalls made which in turns results in better performance. - Fix truncated file handling, eliminating a an infinite loop case. btrfs-extent-same-0.11.3-3.3.1.x86_64.rpm duperemove-0.11.3-3.3.1.src.rpm duperemove-0.11.3-3.3.1.x86_64.rpm btrfs-extent-same-0.11.3-3.3.1.s390x.rpm duperemove-0.11.3-3.3.1.s390x.rpm btrfs-extent-same-0.11.3-3.3.1.ppc64le.rpm duperemove-0.11.3-3.3.1.ppc64le.rpm btrfs-extent-same-0.11.3-3.3.1.aarch64.rpm duperemove-0.11.3-3.3.1.aarch64.rpm openSUSE-SLE-15.4-2022-692 moderate SUSE Updates openSUSE-SLE 15.4 This update for filesystem fixes the following issues: - Release ported filesystem to LTSS channels (bsc#1190447). filesystem-15.0-11.5.1.src.rpm filesystem-15.0-11.5.1.x86_64.rpm filesystem-15.0-11.5.1.s390x.rpm filesystem-15.0-11.5.1.ppc64le.rpm filesystem-15.0-11.5.1.aarch64.rpm openSUSE-SLE-15.4-2022-503 important SUSE Updates openSUSE-SLE 15.4 This update for xerces-j2 fixes the following issues: - CVE-2022-23437: Fixed infinite loop within Apache XercesJ xml parser (bsc#1195108). xerces-j2-2.12.0-3.3.1.noarch.rpm xerces-j2-2.12.0-3.3.1.src.rpm xerces-j2-demo-2.12.0-3.3.1.noarch.rpm xerces-j2-javadoc-2.12.0-3.3.1.noarch.rpm openSUSE-SLE-15.4-2022-500 important SUSE Updates openSUSE-SLE 15.4 This update for xerces-j2 fixes the following issues: - CVE-2022-23437: Fixed infinite loop within Apache XercesJ xml parser (bsc#1195108). xerces-j2-2.11.0-4.3.1.src.rpm xerces-j2-scripts-2.11.0-4.3.1.noarch.rpm xerces-j2-xml-apis-2.11.0-4.3.1.noarch.rpm xerces-j2-xml-resolver-2.11.0-4.3.1.noarch.rpm openSUSE-SLE-15.4-2022-773 moderate SUSE Updates openSUSE-SLE 15.4 This update for fwupd fixes the following issues: - Ignore non-PCI NVMe devices (e.g. NVMe-over-Fabrics) when probing (bsc#1193921) fwupd-1.5.8-150300.3.3.1.src.rpm libfwupdplugin1-1.5.8-150300.3.3.1.x86_64.rpm libfwupdplugin1-1.5.8-150300.3.3.1.s390x.rpm libfwupdplugin1-1.5.8-150300.3.3.1.ppc64le.rpm libfwupdplugin1-1.5.8-150300.3.3.1.aarch64.rpm openSUSE-SLE-15.4-2022-775 moderate SUSE Updates openSUSE-SLE 15.4 This update for pciutils fixes the following issues: - Report the theoretical speeds for PCIe 5.0 and 6.0 (bsc#1192862) libpci3-3.5.6-150300.13.3.1.x86_64.rpm libpci3-32bit-3.5.6-150300.13.3.1.x86_64.rpm pciutils-3.5.6-150300.13.3.1.src.rpm pciutils-3.5.6-150300.13.3.1.x86_64.rpm pciutils-devel-3.5.6-150300.13.3.1.x86_64.rpm pciutils-devel-32bit-3.5.6-150300.13.3.1.x86_64.rpm libpci3-3.5.6-150300.13.3.1.s390x.rpm pciutils-3.5.6-150300.13.3.1.s390x.rpm pciutils-devel-3.5.6-150300.13.3.1.s390x.rpm libpci3-3.5.6-150300.13.3.1.ppc64le.rpm pciutils-3.5.6-150300.13.3.1.ppc64le.rpm pciutils-devel-3.5.6-150300.13.3.1.ppc64le.rpm libpci3-3.5.6-150300.13.3.1.aarch64.rpm pciutils-3.5.6-150300.13.3.1.aarch64.rpm pciutils-devel-3.5.6-150300.13.3.1.aarch64.rpm openSUSE-SLE-15.4-2022-499 important SUSE Updates openSUSE-SLE 15.4 This update for python-Twisted fixes the following issues: - CVE-2022-21712: Fixed secret exposure in cross-origin redirects by properly removing sensitive headers when redirecting to a different origin (bsc#1195667). python-Twisted-19.10.0-3.6.1.src.rpm python2-Twisted-19.10.0-3.6.1.x86_64.rpm python2-Twisted-19.10.0-3.6.1.s390x.rpm python2-Twisted-19.10.0-3.6.1.ppc64le.rpm python2-Twisted-19.10.0-3.6.1.aarch64.rpm openSUSE-SLE-15.4-2022-574 important SUSE Updates openSUSE-SLE 15.4 This update for ucode-intel fixes the following issues: Updated to Intel CPU Microcode 20220207 release. - CVE-2021-0146: Fixed a potential security vulnerability in some Intel Processors may allow escalation of privilege (bsc#1192615) - CVE-2021-0127: Intel Processor Breakpoint Control Flow (bsc#1195779) - CVE-2021-0145: Fast store forward predictor - Cross Domain Training (bsc#1195780) - CVE-2021-33120: Out of bounds read for some Intel Atom processors (bsc#1195781) - Security updates for [INTEL-SA-00528](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00528.html) - Security updates for [INTEL-SA-00532](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00532.html) ucode-intel-20220207-10.1.src.rpm ucode-intel-20220207-10.1.x86_64.rpm openSUSE-SLE-15.4-2022-562 moderate SUSE Updates openSUSE-SLE 15.4 This update for jasper fixes the following issues: - CVE-2021-27845: Fixed divide-by-zery issue in cp_create() (bsc#1188437). jasper-2.0.14-3.22.1.src.rpm jasper-2.0.14-3.22.1.x86_64.rpm libjasper-devel-2.0.14-3.22.1.x86_64.rpm libjasper4-2.0.14-3.22.1.x86_64.rpm libjasper4-32bit-2.0.14-3.22.1.x86_64.rpm jasper-2.0.14-3.22.1.s390x.rpm libjasper-devel-2.0.14-3.22.1.s390x.rpm libjasper4-2.0.14-3.22.1.s390x.rpm jasper-2.0.14-3.22.1.ppc64le.rpm libjasper-devel-2.0.14-3.22.1.ppc64le.rpm libjasper4-2.0.14-3.22.1.ppc64le.rpm jasper-2.0.14-3.22.1.aarch64.rpm libjasper-devel-2.0.14-3.22.1.aarch64.rpm libjasper4-2.0.14-3.22.1.aarch64.rpm openSUSE-SLE-15.4-2022-808 moderate SUSE Updates openSUSE-SLE 15.4 This update for procps fixes the following issues: - Stop registering signal handler for SIGURG, to avoid `ps` failure if someone sends such signal. Without the signal handler, SIGURG will just be ignored. (bsc#1195468) libprocps7-3.3.15-7.22.1.x86_64.rpm procps-3.3.15-7.22.1.src.rpm procps-3.3.15-7.22.1.x86_64.rpm procps-devel-3.3.15-7.22.1.x86_64.rpm libprocps7-3.3.15-7.22.1.s390x.rpm procps-3.3.15-7.22.1.s390x.rpm procps-devel-3.3.15-7.22.1.s390x.rpm libprocps7-3.3.15-7.22.1.ppc64le.rpm procps-3.3.15-7.22.1.ppc64le.rpm procps-devel-3.3.15-7.22.1.ppc64le.rpm libprocps7-3.3.15-7.22.1.aarch64.rpm procps-3.3.15-7.22.1.aarch64.rpm procps-devel-3.3.15-7.22.1.aarch64.rpm openSUSE-SLE-15.4-2022-776 moderate SUSE Updates openSUSE-SLE 15.4 This update for mutter fixes the following issues: - Improve mutter behavior when receiving a ClientMessage event, not to just assume that it's a WM_PROTOCOLS event but to actually check the type before using it (bsc#1188759) libmutter-5-0-3.34.6-3.9.1.x86_64.rpm mutter-3.34.6-3.9.1.src.rpm mutter-data-3.34.6-3.9.1.x86_64.rpm libmutter-5-0-3.34.6-3.9.1.s390x.rpm mutter-data-3.34.6-3.9.1.s390x.rpm libmutter-5-0-3.34.6-3.9.1.ppc64le.rpm mutter-data-3.34.6-3.9.1.ppc64le.rpm libmutter-5-0-3.34.6-3.9.1.aarch64.rpm mutter-data-3.34.6-3.9.1.aarch64.rpm openSUSE-SLE-15.4-2022-791 moderate SUSE Updates openSUSE-SLE 15.4 This update for scap-security-guide fixes the following issues: scap-security-guide (ComplianceAsCode) was updated to 0.1.60 (jsc#ECO-3319) - Various bugfixes - New draft stig profile v1r1 for OL8 - New product Amazon EKS platform and initial CIS profiles - New product CentOS Stream 9, as a derivative from RHEL9 product Note that SUSE only supports for SUSE Linux Enterprise 12 and 15: - STIG profiles - HIPAA profiles - PCI-DSS profiles The CIS profile is community supplied and currently not supported by SUSE. scap-security-guide-0.1.60-1.29.1.noarch.rpm scap-security-guide-0.1.60-1.29.1.src.rpm scap-security-guide-debian-0.1.60-1.29.1.noarch.rpm scap-security-guide-redhat-0.1.60-1.29.1.noarch.rpm scap-security-guide-ubuntu-0.1.60-1.29.1.noarch.rpm openSUSE-SLE-15.4-2022-699 moderate SUSE Updates openSUSE-SLE 15.4 This update for php7 fixes the following issues: - CVE-2017-8923: Fixed denial of service (application crash) when using .= with a long string (zend_string_extend func in Zend/zend_string.h) (bsc#1038980). php7-7.4.6-3.32.1.src.rpm php7-firebird-7.4.6-3.32.1.x86_64.rpm php7-firebird-7.4.6-3.32.1.s390x.rpm php7-firebird-7.4.6-3.32.1.ppc64le.rpm php7-firebird-7.4.6-3.32.1.aarch64.rpm openSUSE-SLE-15.4-2022-1091 moderate SUSE Updates openSUSE-SLE 15.4 This update for python fixes the following issues: - CVE-2022-0391: Fixed URL sanitization containing ASCII newline and tabs in urlparse (bsc#1195396). - CVE-2021-4189: Fixed ftplib not to trust the PASV response (bsc#1194146). - CVE-2021-3572: Fixed an improper handling of unicode characters in pip (bsc#1186819). libpython2_7-1_0-2.7.18-150000.38.2.x86_64.rpm libpython2_7-1_0-32bit-2.7.18-150000.38.2.x86_64.rpm python-2.7.18-150000.38.1.src.rpm python-2.7.18-150000.38.1.x86_64.rpm python-32bit-2.7.18-150000.38.1.x86_64.rpm python-base-2.7.18-150000.38.2.src.rpm python-base-2.7.18-150000.38.2.x86_64.rpm python-base-32bit-2.7.18-150000.38.2.x86_64.rpm python-curses-2.7.18-150000.38.1.x86_64.rpm python-demo-2.7.18-150000.38.1.x86_64.rpm python-devel-2.7.18-150000.38.2.x86_64.rpm python-doc-2.7.18-150000.38.1.noarch.rpm python-doc-2.7.18-150000.38.1.src.rpm python-doc-pdf-2.7.18-150000.38.1.noarch.rpm python-gdbm-2.7.18-150000.38.1.x86_64.rpm python-idle-2.7.18-150000.38.1.x86_64.rpm python-tk-2.7.18-150000.38.1.x86_64.rpm python-xml-2.7.18-150000.38.2.x86_64.rpm libpython2_7-1_0-2.7.18-150000.38.2.s390x.rpm python-2.7.18-150000.38.1.s390x.rpm python-base-2.7.18-150000.38.2.s390x.rpm python-curses-2.7.18-150000.38.1.s390x.rpm python-demo-2.7.18-150000.38.1.s390x.rpm python-devel-2.7.18-150000.38.2.s390x.rpm python-gdbm-2.7.18-150000.38.1.s390x.rpm python-idle-2.7.18-150000.38.1.s390x.rpm python-tk-2.7.18-150000.38.1.s390x.rpm python-xml-2.7.18-150000.38.2.s390x.rpm libpython2_7-1_0-2.7.18-150000.38.2.ppc64le.rpm python-2.7.18-150000.38.1.ppc64le.rpm python-base-2.7.18-150000.38.2.ppc64le.rpm python-curses-2.7.18-150000.38.1.ppc64le.rpm python-demo-2.7.18-150000.38.1.ppc64le.rpm python-devel-2.7.18-150000.38.2.ppc64le.rpm python-gdbm-2.7.18-150000.38.1.ppc64le.rpm python-idle-2.7.18-150000.38.1.ppc64le.rpm python-tk-2.7.18-150000.38.1.ppc64le.rpm python-xml-2.7.18-150000.38.2.ppc64le.rpm libpython2_7-1_0-2.7.18-150000.38.2.aarch64.rpm python-2.7.18-150000.38.1.aarch64.rpm python-base-2.7.18-150000.38.2.aarch64.rpm python-curses-2.7.18-150000.38.1.aarch64.rpm python-demo-2.7.18-150000.38.1.aarch64.rpm python-devel-2.7.18-150000.38.2.aarch64.rpm python-gdbm-2.7.18-150000.38.1.aarch64.rpm python-idle-2.7.18-150000.38.1.aarch64.rpm python-tk-2.7.18-150000.38.1.aarch64.rpm python-xml-2.7.18-150000.38.2.aarch64.rpm openSUSE-SLE-15.4-2022-898 moderate SUSE Updates openSUSE-SLE 15.4 This update for lifecycle-data-sle-module-live-patching fixes the following issues: - Added data for 5_3_18-150300_59_43, 5_3_18-24_99, 5_3_18-59_40. (bsc#1020320) lifecycle-data-sle-module-live-patching-15-4.69.1.noarch.rpm lifecycle-data-sle-module-live-patching-15-4.69.1.src.rpm openSUSE-SLE-15.4-2022-681 critical SUSE Updates openSUSE-SLE 15.4 This update for cloud-regionsrv-client fixes the following issues: - Update -addon-azure to 1.0.2 (bsc#1196305) - Fix regression in the cloud-regionsrv-client' with OnDemand images - Update to version 10.0.0 (bsc#1195414, bsc#1195564) - Refactor removes check_registration() function in utils implementation - Only start the registration service for PAYG images - addon-azure sub-package to version 1.0.1 cloud-regionsrv-client-10.0.0-6.62.1.noarch.rpm cloud-regionsrv-client-10.0.0-6.62.1.src.rpm cloud-regionsrv-client-addon-azure-1.0.2-6.62.1.noarch.rpm cloud-regionsrv-client-generic-config-1.0.0-6.62.1.noarch.rpm cloud-regionsrv-client-plugin-azure-2.0.0-6.62.1.noarch.rpm cloud-regionsrv-client-plugin-ec2-1.0.2-6.62.1.noarch.rpm cloud-regionsrv-client-plugin-gce-1.0.0-6.62.1.noarch.rpm openSUSE-SLE-15.4-2022-687 moderate SUSE Updates openSUSE-SLE 15.4 This update for libvirt fixes the following issues: - libxl: Mark auto-allocated graphics ports to used on reconnect. - libxl: Release all auto-allocated graphics ports. (bsc#1191668) - libxl: Add lock process indicator to saved VM state. (bsc#1191668) - spec: Weaken apparmor-abstractions dependency to Recommends. (bsc#1192119, jsc#SLE-23394) libvirt-7.1.0-150300.6.26.1.src.rpm libvirt-admin-7.1.0-150300.6.26.1.x86_64.rpm libvirt-bash-completion-7.1.0-150300.6.26.1.noarch.rpm libvirt-admin-7.1.0-150300.6.26.1.s390x.rpm libvirt-admin-7.1.0-150300.6.26.1.ppc64le.rpm libvirt-admin-7.1.0-150300.6.26.1.aarch64.rpm openSUSE-SLE-15.4-2022-789 moderate SUSE Updates openSUSE-SLE 15.4 This update for update-alternatives fixes the following issues: - Break bash - update-alternatives cycle rewrite of '%post' in 'lua'. (bsc#1195654) update-alternatives-1.19.0.4-4.3.1.src.rpm update-alternatives-1.19.0.4-4.3.1.x86_64.rpm update-alternatives-1.19.0.4-4.3.1.s390x.rpm update-alternatives-1.19.0.4-4.3.1.ppc64le.rpm update-alternatives-1.19.0.4-4.3.1.aarch64.rpm openSUSE-SLE-15.4-2022-893 moderate SUSE Updates openSUSE-SLE 15.4 This update for postgresql13 fixes the following issues: - Upgrade to 13.6: (bsc#1195680) * https://www.postgresql.org/docs/13/release-13-6.html * Reindexing might be needed after applying this upgrade, so please read the release notes carefully. - Add constraints file with 12GB of memory for s390x as a workaround. (bsc#1190740) - Add a llvmjit-devel subpackage to pull in the right versions of clang and llvm for building extensions. - Fix some mistakes in the interdependencies between the implementation packages and their noarch counterpart. - Update the BuildIgnore section. postgresql13-13.6-5.25.1.src.rpm postgresql13-13.6-5.25.1.x86_64.rpm postgresql13-contrib-13.6-5.25.1.x86_64.rpm postgresql13-devel-13.6-5.25.1.x86_64.rpm postgresql13-docs-13.6-5.25.1.noarch.rpm postgresql13-llvmjit-13.6-5.25.1.x86_64.rpm postgresql13-plperl-13.6-5.25.1.x86_64.rpm postgresql13-plpython-13.6-5.25.1.x86_64.rpm postgresql13-pltcl-13.6-5.25.1.x86_64.rpm postgresql13-server-13.6-5.25.1.x86_64.rpm postgresql13-server-devel-13.6-5.25.1.x86_64.rpm postgresql13-test-13.6-5.25.1.x86_64.rpm postgresql13-13.6-5.25.1.s390x.rpm postgresql13-contrib-13.6-5.25.1.s390x.rpm postgresql13-devel-13.6-5.25.1.s390x.rpm postgresql13-llvmjit-13.6-5.25.1.s390x.rpm postgresql13-plperl-13.6-5.25.1.s390x.rpm postgresql13-plpython-13.6-5.25.1.s390x.rpm postgresql13-pltcl-13.6-5.25.1.s390x.rpm postgresql13-server-13.6-5.25.1.s390x.rpm postgresql13-server-devel-13.6-5.25.1.s390x.rpm postgresql13-test-13.6-5.25.1.s390x.rpm postgresql13-13.6-5.25.1.ppc64le.rpm postgresql13-contrib-13.6-5.25.1.ppc64le.rpm postgresql13-devel-13.6-5.25.1.ppc64le.rpm postgresql13-llvmjit-13.6-5.25.1.ppc64le.rpm postgresql13-plperl-13.6-5.25.1.ppc64le.rpm postgresql13-plpython-13.6-5.25.1.ppc64le.rpm postgresql13-pltcl-13.6-5.25.1.ppc64le.rpm postgresql13-server-13.6-5.25.1.ppc64le.rpm postgresql13-server-devel-13.6-5.25.1.ppc64le.rpm postgresql13-test-13.6-5.25.1.ppc64le.rpm postgresql13-13.6-5.25.1.aarch64.rpm postgresql13-contrib-13.6-5.25.1.aarch64.rpm postgresql13-devel-13.6-5.25.1.aarch64.rpm postgresql13-llvmjit-13.6-5.25.1.aarch64.rpm postgresql13-plperl-13.6-5.25.1.aarch64.rpm postgresql13-plpython-13.6-5.25.1.aarch64.rpm postgresql13-pltcl-13.6-5.25.1.aarch64.rpm postgresql13-server-13.6-5.25.1.aarch64.rpm postgresql13-server-devel-13.6-5.25.1.aarch64.rpm postgresql13-test-13.6-5.25.1.aarch64.rpm openSUSE-SLE-15.4-2022-572 moderate SUSE Updates openSUSE-SLE 15.4 This update for psmisc fixes the following issues: - Determine the namespace of a process only once to speed up the parsing of 'fdinfo'. (bsc#1194172) psmisc-23.0-6.19.1.src.rpm psmisc-23.0-6.19.1.x86_64.rpm psmisc-lang-23.0-6.19.1.noarch.rpm psmisc-23.0-6.19.1.s390x.rpm psmisc-23.0-6.19.1.ppc64le.rpm psmisc-23.0-6.19.1.aarch64.rpm openSUSE-SLE-15.4-2022-899 moderate SUSE Updates openSUSE-SLE 15.4 This update for smartmontools fixes the following issues: - Restart smartd and generate smartd_opts only if there are real sysconfig changes; do not trigger generate_smartd_opts by YaST, systemd is enough. (bsc#1195785) - Update smartmontools to the latest version from the upstream branch. (jsc#SLE-21751) - Fix update needed logic. - update to 7.2 (jsc#SLE-21751): - smartctl: New option '--json=y[c]' selects YAML output. - smartctl '-i': Prints ATA TRIM and Zoned Device capabilities. - smartctl '-j': Fixed 'scsi_grown_defect_list' value. - smartctl '-a': Prints SCSI 'Accumulated power on time'. - smartctl '-n POWERMODE': SCSI support. - smartctl '-s standby,now' and '-s standby,off': SCSI support. - smartctl '-c': NVMe 1.4 additions. - smartd: Support for staggered self-tests. - smartd: No longer writes attribute log if no attributes were read due to standby mode or other error. - smartd: Now resolves symlinks before device names are checked for duplicates. - smartd: Fixed SMARTD_DEVICETYPE environment variable if DEVICESCAN is used without '-d TYPE'. - ATA: Device type '-d jmb39x-q,N' for JMB39x protocol variant used by some QNAP NAS devices. - ATA: Device type '-d jms56x,N' for JMS562 USB to SATA RAID bridges. - SCSI: Improved heuristics for log subpages of new and very old disks. - NVMe: Log transfer size limited to avoid device or kernel crashes. - NVMEe/USB: Device type '-d sntrealtek' for Realtek RTL9210 USB to NVMe bridges. - update-smart-drivedb: New option '--branch X.Y'. - HDD, SSD and USB additions to drive database. - Dropped support for pre-C99 snprintf(). - configure: Dropped option '--without-working-snprintf'. - configure: Fixed '-fstack-protector*' detection. - Linux: Various fixes of smartd.service file (bsc#1183699). - Darwin: NVMe log support. - FreeBSD: Device scan does no longer include T_ENCLOSURE devices. - NetBSD: Fixed timeout handling. - NetBSD big endian: Fixed ATA register handling. - OpenBSD: Fixed timeout handling. - Windows: Dropped backward compatibility fixes for very old compilers. - Update to version 7.1: - smartctl: Fixed bogus exception on unknown form factor value. - smartctl '--json=cg': Suppresses extra spaces also in 'g' format. - smartctl '-i': ATA ACS-4 and ACS-5 enhancements. - smartd: No longer truncates very long device names in warning emails. - smartd: No longer skips scheduled tests if system clock has been adjusted to the past. - smartd '-A': Attribute logs now use local time instead of UTC. - Autodetection of '-d sntjmicron' type for JMicron USB to NVMe bridges. - Fixed segfault on CCISS transfer sizes. - Fixed smartd.service 'Type' if libsystemd-dev is not available. - Fixed '/dev/megaraid_sas_ioctl_node' fd leak. smartmontools-7.2-150300.8.5.1.src.rpm smartmontools-7.2-150300.8.5.1.x86_64.rpm smartmontools-7.2-150300.8.5.1.s390x.rpm smartmontools-7.2-150300.8.5.1.ppc64le.rpm smartmontools-7.2-150300.8.5.1.aarch64.rpm openSUSE-SLE-15.4-2022-599 moderate SUSE Updates openSUSE-SLE 15.4 This feature update for golang-github-prometheus-prometheus provides the following changes: Upgrade `golang-github-prometheus-prometheus` from version 2.27.1 to version 2.32.1: (jsc#SLE-22863) - Use `obs-service-go_modules` - Added hardening to systemd service(s). Modified `prometheus.service` (bsc#1181400) - Bugfixes: * Scrape: Fix reporting metrics when sample limit is reached during the report. * Scrape: Ensure that scrape interval and scrape timeout are always set. * TSDB: Expose and fix bug in iterators' Seek() method. * TSDB: Add more size checks when writing individual sections in the index. * PromQL: Make deriv() return zero values for constant series. * TSDB: Fix panic when checkpoint directory is empty. #9687 * TSDB: Fix panic, out of order chunks, and race warning during WAL replay. * UI: Correctly render links for targets with IPv6 addresses that contain a Zone ID. * Promtool: Fix checking of `authorization.credentials_file` and `bearer_token_file` fields. * Uyuni SD: Fix null pointer exception during initialization. * TSDB: Fix queries after a failed snapshot replay. * SD: Fix a panic when the experimental discovery manager receives targets during a reload. * Backfill: Apply rule labels after query labels. * Scrape: Resolve conflicts between multiple exported label prefixes. * Scrape: Restart scrape loops when __scrape_interval__ is changed. * TSDB: Fix memory leak in samples deletion. * UI: Use consistent margin-bottom for all alert kinds. * TSDB: Fix panic on failed snapshot replay. * TSDB: Don't fail snapshot replay with exemplar storage disabled when the snapshot contains exemplars. * TSDB: Don't error on overlapping m-mapped chunks during WAL replay. * promtool rules backfill: Prevent creation of data before the start time. * promtool rules backfill: Do not query after the end time. * Azure SD: Fix panic when no computername is set. * Exemplars: Fix panic when resizing exemplar storage from 0 to a non-zero size. * TSDB: Correctly decrement `prometheus_tsdb_head_active_appenders` when the append has no samples. * promtool rules backfill: Return 1 if backfill was unsuccessful. * promtool rules backfill: Avoid creation of overlapping blocks. * config: Fix a panic when reloading configuration with a null relabel action. * Fix Kubernetes SD failing to discover Ingress in Kubernetes v1.22. * Fix data race in loading write-ahead-log (WAL). * TSDB: align atomically accessed int64 to prevent panic in 32-bit archs. * Log when total symbol size exceeds 2^32 bytes, causing compaction to fail, and skip compaction. * Fix incorrect target_limit reloading of zero value. * Fix head GC and pending readers race condition. * Fix timestamp handling in OpenMetrics parser. * Fix potential duplicate metrics in /federate endpoint when specifying multiple matchers. * Fix server configuration and validation for authentication via client cert. * Allow start and end again as label names in PromQL queries. They were disallowed since the introduction of @ timestamp feature. * HTTP SD: Allow charset specification in Content-Type header. * HTTP SD: Fix handling of disappeared target groups. * Fix incorrect log-level handling after moving to go-kit/log. * UI: In the experimental PromQL editor, fix autocompletion and parsing for special float values and improve series metadata fetching. * TSDB: When merging chunks, split resulting chunks if they would contain more than the maximum of 120 samples. * SD: Fix the computation of the `prometheus_sd_discovered_targets` metric when using multiple service discoveries. - Change: * remote-write: Change default max retry time from 100ms to 5 seconds. * UI: Remove standard PromQL editor in favour of the codemirror-based editor. * Promote `--storage.tsdb.allow-overlapping-blocks` flag to stable. * Promote `--storage.tsdb.retention.size` flag to stable. * UI: Make the new experimental PromQL editor the default. - Features: * Agent: New mode of operation optimized for remote-write only scenarios, without local storage. * Promtool: Add promtool check service-discovery command. * PromQL: Add trigonometric functions and atan2 binary operator. * Remote: Add support for exemplar in the remote write receiver endpoint. * SD: Add PuppetDB service discovery. * SD: Add Uyuni service discovery. * Web: Add support for security-related HTTP headers. * experimental TSDB: Snapshot in-memory chunks on shutdown for faster restarts. * experimental Scrape: Configure scrape interval and scrape timeout via relabeling using `__scrape_interval__` and `__scrape_timeout__` labels respectively. * Scrape: Add scrape_timeout_seconds and scrape_sample_limit metric. * Add Kuma service discovery. * Add present_over_time PromQL function. * Allow configuring exemplar storage via file and make it reloadable. * UI: Allow selecting time range with mouse drag. * promtool: Add feature flags flag `--enable-feature`. * promtool: Add `file_sd` file validation. * Linode SD: Add Linode service discovery. * HTTP SD: Add generic HTTP-based service discovery. * Kubernetes SD: Allow configuring API Server access via a kubeconfig file. * UI: Add exemplar display support to the graphing interface. * Consul SD: Add namespace support for Consul Enterprise. - Enhancements: * Promtool: Improve test output. * Promtool: Use kahan summation for better numerical stability. * Remote-write: Reuse memory for marshalling. * Scrape: Add scrape_body_size_bytes scrape metric behind the `--enable-feature=extra-scrape-metrics` flag. * TSDB: Add windows arm64 support. * TSDB: Optimize query by skipping unneeded sorting in TSDB. * Templates: Support int and uint as datatypes for template formatting. * UI: Prefer rate over rad, delta over deg, and count over cos in autocomplete. * Azure SD: Add proxy_url, follow_redirects, tls_config. * Backfill: Add `--max-block-duration` in promtool `create-blocks-from` rules. * Config: Print human-readable sizes with unit instead of raw numbers. * HTTP: Re-enable HTTP/2. * Kubernetes SD: Warn user if number of endpoints exceeds limit. * OAuth2: Add TLS configuration to token requests. * PromQL: Several optimizations. * PromQL: Make aggregations deterministic in instant queries. * Rules: Add the ability to limit number of alerts or series. * SD: Experimental discovery manager to avoid restarts upon reload. * UI: Debounce timerange setting changes. * Remote Write: Redact remote write URL when used for metric label. * UI: Redact remote write URL and proxy URL passwords in the /config page. * Scrape: Add --scrape.timestamp-tolerance flag to adjust scrape timestamp tolerance when enabled via `--scrape.adjust-timestamps`. * Remote Write: Improve throughput when sending exemplars. * TSDB: Optimise WAL loading by removing extra map and caching min-time * promtool: Speed up checking for duplicate rules. * Scrape: Reduce allocations when parsing the metrics. * docker_sd: Support host network mode * Reduce blocking of outgoing remote write requests from series garbage collection. * Improve write-ahead-log decoding performance. * Improve append performance in TSDB by reducing mutexes usage. * Allow configuring max_samples_per_send for remote write metadata. * Add `__meta_gce_interface_ipv4_<name>` meta label to GCE discovery. * Add `__meta_ec2_availability_zone_id` meta label to EC2 discovery. * Add `__meta_azure_machine_computer_name` meta label to Azure discovery. * Add `__meta_hetzner_hcloud_labelpresent_<labelname>` meta label to Hetzner discovery. * promtool: Add compaction efficiency to promtool tsdb analyze reports. * promtool: Allow configuring max block duration for backfilling via `--max-block-duration` flag. * UI: Add sorting and filtering to flags page. * UI: Improve alerts page rendering performance. * Promtool: Allow silencing output when importing / backfilling data. * Consul SD: Support reading tokens from file. * Rules: Add a new .ExternalURL alert field templating variable, containing the external URL of the Prometheus server. * Scrape: Add experimental body_size_limit scrape configuration setting to limit the allowed response body size for target scrapes. * Kubernetes SD: Add ingress class name label for ingress discovery. * UI: Show a startup screen with progress bar when the TSDB is not ready yet. * SD: Add a target creation failure counter `prometheus_target_sync_failed_total` and improve target creation failure handling. * TSDB: Improve validation of exemplar label set length. * TSDB: Add a prometheus_tsdb_clean_start metric that indicates whether a TSDB lockfile from a previous run still existed upon startup. golang-github-prometheus-prometheus-2.32.1-4.3.2.src.rpm golang-github-prometheus-prometheus-2.32.1-4.3.2.x86_64.rpm golang-github-prometheus-prometheus-2.32.1-4.3.2.s390x.rpm golang-github-prometheus-prometheus-2.32.1-4.3.2.ppc64le.rpm golang-github-prometheus-prometheus-2.32.1-4.3.2.aarch64.rpm openSUSE-SLE-15.4-2022-724 important SUSE Updates openSUSE-SLE 15.4 This update for go1.16 fixes the following issues: - CVE-2022-23806: Fixed incorrect returned value in crypto/elliptic IsOnCurve (bsc#1195838). - CVE-2022-23772: Fixed overflow in Rat.SetString in math/big can lead to uncontrolled memory consumption (bsc#1195835). - CVE-2022-23773: Fixed incorrect access control in cmd/go (bsc#1195834). The following non-security bugs were fixed: - go#50977 crypto/elliptic: IsOnCurve returns true for invalid field elements - go#50700 math/big: Rat.SetString may consume large amount of RAM and crash - go#50686 cmd/go: do not treat branches with semantic-version names as releases - go#50866 cmd/compile: incorrect use of CMN on arm64 - go#50832 runtime/race: NoRaceMutexPureHappensBefore failures - go#50811 cmd/go: remove bitbucket VCS probing - go#50780 runtime: incorrect frame information in traceback traversal may hang the process. - go#50721 debug/pe: reading debug_info section of PE files that use the DWARF5 form DW_FORM_line_strp causes error - go#50682 cmd/compile: MOVWreg missing sign-extension following a Copy from a floating-point LoadReg - go#50645 testing: surprising interaction of subtests with TempDir - go#50585 net/http/httptest: add fipsonly compliant certificate in for NewTLSServer(), for dev.boringcrypto branch - go#50245 runtime: intermittent os/exec.Command.Start() Hang on Darwin in Presence of "plugin" Package go1.16-1.16.14-1.43.1.src.rpm go1.16-1.16.14-1.43.1.x86_64.rpm go1.16-doc-1.16.14-1.43.1.x86_64.rpm go1.16-race-1.16.14-1.43.1.x86_64.rpm go1.16-1.16.14-1.43.1.s390x.rpm go1.16-doc-1.16.14-1.43.1.s390x.rpm go1.16-1.16.14-1.43.1.ppc64le.rpm go1.16-doc-1.16.14-1.43.1.ppc64le.rpm go1.16-1.16.14-1.43.1.aarch64.rpm go1.16-doc-1.16.14-1.43.1.aarch64.rpm go1.16-race-1.16.14-1.43.1.aarch64.rpm openSUSE-SLE-15.4-2022-723 important SUSE Updates openSUSE-SLE 15.4 This update for go1.17 fixes the following issues: - CVE-2022-23806: Fixed incorrect returned value in crypto/elliptic IsOnCurve (bsc#1195838). - CVE-2022-23772: Fixed overflow in Rat.SetString in math/big can lead to uncontrolled memory consumption (bsc#1195835). - CVE-2022-23773: Fixed incorrect access control in cmd/go (bsc#1195834). The following non-security bugs were fixed: - go#50978 crypto/elliptic: IsOnCurve returns true for invalid field elements - go#50701 math/big: Rat.SetString may consume large amount of RAM and crash - go#50687 cmd/go: do not treat branches with semantic-version names as releases - go#50942 cmd/asm: "compile: loop" compiler bug? - go#50867 cmd/compile: incorrect use of CMN on arm64 - go#50812 cmd/go: remove bitbucket VCS probing - go#50781 runtime: incorrect frame information in traceback traversal may hang the process. - go#50722 debug/pe: reading debug_info section of PE files that use the DWARF5 form DW_FORM_line_strp causes error - go#50683 cmd/compile: MOVWreg missing sign-extension following a Copy from a floating-point LoadReg - go#50586 net/http/httptest: add fipsonly compliant certificate in for NewTLSServer(), for dev.boringcrypto branch - go#50297 cmd/link: does not set section type of .init_array correctly - go#50246 runtime: intermittent os/exec.Command.Start() Hang on Darwin in Presence of "plugin" Package go1.17-1.17.7-1.20.1.src.rpm go1.17-1.17.7-1.20.1.x86_64.rpm go1.17-doc-1.17.7-1.20.1.x86_64.rpm go1.17-race-1.17.7-1.20.1.x86_64.rpm go1.17-1.17.7-1.20.1.s390x.rpm go1.17-doc-1.17.7-1.20.1.s390x.rpm go1.17-1.17.7-1.20.1.ppc64le.rpm go1.17-doc-1.17.7-1.20.1.ppc64le.rpm go1.17-1.17.7-1.20.1.aarch64.rpm go1.17-doc-1.17.7-1.20.1.aarch64.rpm go1.17-race-1.17.7-1.20.1.aarch64.rpm openSUSE-SLE-15.4-2022-704 important SUSE Updates openSUSE-SLE 15.4 This update for nodejs8 fixes the following issues: - CVE-2021-23343: Fixed ReDoS via splitDeviceRe, splitTailRe and splitPathRe (bsc#1192153). - CVE-2021-32803: Fixed insufficient symlink protection in node-tar allowing arbitrary file creation and overwrite (bsc#1191963). - CVE-2021-32804: Fixed insufficient absolute path sanitization in node-tar allowing arbitrary file creation and overwrite (bsc#1191962). - CVE-2021-3918: Fixed improper controlled modification of object prototype attributes in json-schema (bsc#1192696). - CVE-2021-3807: Fixed regular expression denial of service (ReDoS) matching ANSI escape codes in node-ansi-regex (bsc#1192154). nodejs8-8.17.0-10.19.2.src.rpm nodejs8-8.17.0-10.19.2.x86_64.rpm nodejs8-devel-8.17.0-10.19.2.x86_64.rpm nodejs8-docs-8.17.0-10.19.2.noarch.rpm npm8-8.17.0-10.19.2.x86_64.rpm nodejs8-8.17.0-10.19.2.s390x.rpm nodejs8-devel-8.17.0-10.19.2.s390x.rpm npm8-8.17.0-10.19.2.s390x.rpm nodejs8-8.17.0-10.19.2.ppc64le.rpm nodejs8-devel-8.17.0-10.19.2.ppc64le.rpm npm8-8.17.0-10.19.2.ppc64le.rpm nodejs8-8.17.0-10.19.2.aarch64.rpm nodejs8-devel-8.17.0-10.19.2.aarch64.rpm npm8-8.17.0-10.19.2.aarch64.rpm openSUSE-SLE-15.4-2022-705 important SUSE Updates openSUSE-SLE 15.4 This update for webkit2gtk3 fixes the following issues: Update to version 2.34.6 (bsc#1196133): - CVE-2022-22620: Processing maliciously crafted web content may have lead to arbitrary code execution. Update to version 2.34.5 (bsc#1195735): - CVE-2022-22589: A validation issue was addressed with improved input sanitization. - CVE-2022-22590: A use after free issue was addressed with improved memory management. - CVE-2022-22592: A logic issue was addressed with improved state management. Update to version 2.34.4 (bsc#1195064): - CVE-2021-30934: A buffer overflow issue was addressed with improved memory handling. - CVE-2021-30936: A use after free issue was addressed with improved memory management. - CVE-2021-30951: A use after free issue was addressed with improved memory management. - CVE-2021-30952: An integer overflow was addressed with improved input validation. - CVE-2021-30953: An out-of-bounds read was addressed with improved bounds checking. - CVE-2021-30954: A type confusion issue was addressed with improved memory handling. - CVE-2021-30984: A race condition was addressed with improved state handling. - CVE-2022-22594: A cross-origin issue in the IndexDB API was addressed with improved input validation. The following CVEs were addressed in a previous update: - CVE-2021-45481: Incorrect memory allocation in WebCore::ImageBufferCairoImageSurfaceBackend::create. - CVE-2021-45482: A use-after-free in WebCore::ContainerNode::firstChild. - CVE-2021-45483: A use-after-free in WebCore::Frame::page. libwebkit2gtk3-lang-2.34.6-29.1.noarch.rpm webkit2gtk3-2.34.6-29.1.src.rpm openSUSE-SLE-15.4-2022-657 important SUSE Updates openSUSE-SLE 15.4 This update for nodejs12 fixes the following issues: - CVE-2021-23343: Fixed ReDoS via splitDeviceRe, splitTailRe and splitPathRe (bsc#1192153). - CVE-2021-32803: Fixed insufficient symlink protection in node-tar allowing arbitrary file creation and overwrite (bsc#1191963). - CVE-2021-32804: Fixed insufficient absolute path sanitization in node-tar allowing arbitrary file creation and overwrite (bsc#1191962). - CVE-2021-3918: Fixed improper controlled modification of object prototype attributes in json-schema (bsc#1192696). - CVE-2021-3807: Fixed regular expression denial of service (ReDoS) matching ANSI escape codes in node-ansi-regex (bsc#1192154). nodejs12-12.22.10-4.29.3.src.rpm nodejs12-12.22.10-4.29.3.x86_64.rpm nodejs12-devel-12.22.10-4.29.3.x86_64.rpm nodejs12-docs-12.22.10-4.29.3.noarch.rpm npm12-12.22.10-4.29.3.x86_64.rpm nodejs12-12.22.10-4.29.3.s390x.rpm nodejs12-devel-12.22.10-4.29.3.s390x.rpm npm12-12.22.10-4.29.3.s390x.rpm nodejs12-12.22.10-4.29.3.ppc64le.rpm nodejs12-devel-12.22.10-4.29.3.ppc64le.rpm npm12-12.22.10-4.29.3.ppc64le.rpm nodejs12-12.22.10-4.29.3.aarch64.rpm nodejs12-devel-12.22.10-4.29.3.aarch64.rpm npm12-12.22.10-4.29.3.aarch64.rpm openSUSE-SLE-15.4-2022-904 moderate SUSE Updates openSUSE-SLE 15.4 This update for go1.18 fixes the following issues: go1.18 (released 2022-03-15) is a major release of Go. (boo#1193742) go1.18.x minor releases will be provided through February 2023, please see: https://github.com/golang/go/wiki/Go-Release-Cycle Go 1.18 is a significant release, including changes to the language, implementation of the toolchain, runtime, and libraries. Go 1.18 arrives seven months after Go 1.17. As always, the release maintains the Go 1 promise of compatibility. We expect almost all Go programs to continue to compile and run as before. * See release notes https://golang.org/doc/go1.18. Excerpts relevant to OBS environment and for SUSE/openSUSE follow: * Go 1.18 includes an implementation of generic features as described by the Type Parameters Proposal. This includes major but fully backward-compatible changes to the language. * The Go 1.18 compiler now correctly reports declared but not used errors for variables that are set inside a function literal but are never used. Before Go 1.18, the compiler did not report an error in such cases. This fixes long-outstanding compiler issue go#8560. * The Go 1.18 compiler now reports an overflow when passing a rune constant expression such as '1' << 32 as an argument to the predeclared functions print and println, consistent with the behavior of user-defined functions. Before Go 1.18, the compiler did not report an error in such cases but silently accepted such constant arguments if they fit into an int64. Since go vet always pointed out this error, the number of affected programs is likely very small. * AMD64: Go 1.18 introduces the new GOAMD64 environment variable, which selects at compile time a minimum target version of the AMD64 architecture. Allowed values are v1, v2, v3, or v4. Each higher level requires, and takes advantage of, additional processor features. A detailed description can be found here. The GOAMD64 environment variable defaults to v1. * RISC-V: The 64-bit RISC-V architecture on Linux (the linux/riscv64 port) now supports the c-archive and c-shared build modes. * Linux: Go 1.18 requires Linux kernel version 2.6.32 or later. * Fuzzing: Go 1.18 includes an implementation of fuzzing as described by the fuzzing proposal. See the fuzzing landing page to get started. Please be aware that fuzzing can consume a lot of memory and may impact your machine’s performance while it runs. * go get: go get no longer builds or installs packages in module-aware mode. go get is now dedicated to adjusting dependencies in go.mod. Effectively, the -d flag is always enabled. To install the latest version of an executable outside the context of the current module, use go install example.com/cmd@latest. Any version query may be used instead of latest. This form of go install was added in Go 1.16, so projects supporting older versions may need to provide install instructions for both go install and go get. go get now reports an error when used outside a module, since there is no go.mod file to update. In GOPATH mode (with GO111MODULE=off), go get still builds and installs packages, as before. * Automatic go.mod and go.sum updates: The go mod graph, go mod vendor, go mod verify, and go mod why subcommands no longer automatically update the go.mod and go.sum files. (Those files can be updated explicitly using go get, go mod tidy, or go mod download.) * go version: The go command now embeds version control information in binaries. It includes the currently checked-out revision, commit time, and a flag indicating whether edited or untracked files are present. Version control information is embedded if the go command is invoked in a directory within a Git, Mercurial, Fossil, or Bazaar repository, and the main package and its containing main module are in the same repository. This information may be omitted using the flag -buildvcs=false. Additionally, the go command embeds information about the build, including build and tool tags (set with -tags), compiler, assembler, and linker flags (like -gcflags), whether cgo was enabled, and if it was, the values of the cgo environment variables (like CGO_CFLAGS). Both VCS and build information may be read together with module information using go version -m file or runtime/debug.ReadBuildInfo (for the currently running binary) or the new debug/buildinfo package. The underlying data format of the embedded build information can change with new go releases, so an older version of go may not handle the build information produced with a newer version of go. To read the version information from a binary built with go 1.18, use the go version command and the debug/buildinfo package from go 1.18+. * go mod download: If the main module's go.mod file specifies go 1.17 or higher, go mod download without arguments now downloads source code for only the modules explicitly required in the main module's go.mod file. (In a go 1.17 or higher module, that set already includes all dependencies needed to build the packages and tests in the main module.) To also download source code for transitive dependencies, use go mod download all. * go mod vendor: The go mod vendor subcommand now supports a -o flag to set the output directory. (Other go commands still read from the vendor directory at the module root when loading packages with -mod=vendor, so the main use for this flag is for third-party tools that need to collect package source code.) * go mod tidy: The go mod tidy command now retains additional checksums in the go.sum file for modules whose source code is needed to verify that each imported package is provided by only one module in the build list. Because this condition is rare and failure to apply it results in a build error, this change is not conditioned on the go version in the main module's go.mod file. * go work: The go command now supports a "Workspace" mode. If a go.work file is found in the working directory or a parent directory, or one is specified using the GOWORK environment variable, it will put the go command into workspace mode. In workspace mode, the go.work file will be used to determine the set of main modules used as the roots for module resolution, instead of using the normally-found go.mod file to specify the single main module. For more information see the go work documentation. * go build -asan: The go build command and related commands now support an -asan flag that enables interoperation with C (or C++) code compiled with the address sanitizer (C compiler option -fsanitize=address). * //go:build lines: Go 1.17 introduced //go:build lines as a more readable way to write build constraints, instead of // +build lines. As of Go 1.17, gofmt adds //go:build lines to match existing +build lines and keeps them in sync, while go vet diagnoses when they are out of sync. Since the release of Go 1.18 marks the end of support for Go 1.16, all supported versions of Go now understand //go:build lines. In Go 1.18, go fix now removes the now-obsolete // +build lines in modules declaring go 1.17 or later in their go.mod files. For more information, see https://go.dev/design/draft-gobuild. * go vet: The vet tool is updated to support generic code. In most cases, it reports an error in generic code whenever it would report an error in the equivalent non-generic code after substituting for type parameters with a type from their type set. * go vet: The cmd/vet checkers copylock, printf, sortslice, testinggoroutine, and tests have all had moderate precision improvements to handle additional code patterns. This may lead to newly reported errors in existing packages. * Runtime: The garbage collector now includes non-heap sources of garbage collector work (e.g., stack scanning) when determining how frequently to run. As a result, garbage collector overhead is more predictable when these sources are significant. For most applications these changes will be negligible; however, some Go applications may now use less memory and spend more time on garbage collection, or vice versa, than before. The intended workaround is to tweak GOGC where necessary. The runtime now returns memory to the operating system more efficiently and has been tuned to work more aggressively as a result. * Compiler: Go 1.17 implemented a new way of passing function arguments and results using registers instead of the stack on 64-bit x86 architecture on selected operating systems. Go 1.18 expands the supported platforms to include 64-bit ARM (GOARCH=arm64), big- and little-endian 64-bit PowerPC (GOARCH=ppc64, ppc64le), as well as 64-bit x86 architecture (GOARCH=amd64) on all operating systems. On 64-bit ARM and 64-bit PowerPC systems, benchmarking shows typical performance improvements of 10% or more. As mentioned in the Go 1.17 release notes, this change does not affect the functionality of any safe Go code and is designed to have no impact on most assembly code. See the Go 1.17 release notes for more details. * Compiler: The compiler now can inline functions that contain range loops or labeled for loops. * Compiler: The new -asan compiler option supports the new go command -asan option. * Compiler: Because the compiler's type checker was replaced in its entirety to support generics, some error messages now may use different wording than before. In some cases, pre-Go 1.18 error messages provided more detail or were phrased in a more helpful way. We intend to address these cases in Go 1.19. Because of changes in the compiler related to supporting generics, the Go 1.18 compile speed can be roughly 15% slower than the Go 1.17 compile speed. The execution time of the compiled code is not affected. We intend to improve the speed of the compiler in Go 1.19. * Linker: The linker emits far fewer relocations. As a result, most codebases will link faster, require less memory to link, and generate smaller binaries. Tools that process Go binaries should use Go 1.18's debug/gosym package to transparently handle both old and new binaries. * Linker: The new -asan linker option supports the new go command -asan option. * Bootstrap: When building a Go release from source and GOROOT_BOOTSTRAP is not set, previous versions of Go looked for a Go 1.4 or later bootstrap toolchain in the directory $HOME/go1.4 (%HOMEDRIVE%%HOMEPATH%\go1.4 on Windows). Go now looks first for $HOME/go1.17 or $HOME/sdk/go1.17 before falling back to $HOME/go1.4. We intend for Go 1.19 to require Go 1.17 or later for bootstrap, and this change should make the transition smoother. For more details, see go#44505. * The new debug/buildinfo package provides access to module versions, version control information, and build flags embedded in executable files built by the go command. The same information is also available via runtime/debug.ReadBuildInfo for the currently running binary and via go version -m on the command line. * The new net/netip package defines a new IP address type, Addr. Compared to the existing net.IP type, the netip.Addr type takes less memory, is immutable, and is comparable so it supports == and can be used as a map key. * TLS 1.0 and 1.1 disabled by default client-side: If Config.MinVersion is not set, it now defaults to TLS 1.2 for client connections. Any safely up-to-date server is expected to support TLS 1.2, and browsers have required it since 2020. TLS 1.0 and 1.1 are still supported by setting Config.MinVersion to VersionTLS10. The server-side default is unchanged at TLS 1.0. The default can be temporarily reverted to TLS 1.0 by setting the GODEBUG=tls10default=1 environment variable. This option will be removed in Go 1.19. * Rejecting SHA-1 certificates: crypto/x509 will now reject certificates signed with the SHA-1 hash function. This doesn't apply to self-signed root certificates. Practical attacks against SHA-1 have been demonstrated since 2017 and publicly trusted Certificate Authorities have not issued SHA-1 certificates since 2015. This can be temporarily reverted by setting the GODEBUG=x509sha1=1 environment variable. This option will be removed in Go 1.19. * crypto/elliptic The P224, P384, and P521 curve implementations are now all backed by code generated by the addchain and fiat-crypto projects, the latter of which is based on a formally-verified model of the arithmetic operations. They now use safer complete formulas and internal APIs. P-224 and P-384 are now approximately four times faster. All specific curve implementations are now constant-time. Operating on invalid curve points (those for which the IsOnCurve method returns false, and which are never returned by Unmarshal or a Curve method operating on a valid point) has always been undefined behavior, can lead to key recovery attacks, and is now unsupported by the new backend. If an invalid point is supplied to a P224, P384, or P521 method, that method will now return a random point. The behavior might change to an explicit panic in a future release. * crypto/tls: The new Conn.NetConn method allows access to the underlying net.Conn. * crypto/x509: Certificate.Verify now uses platform APIs to verify certificate validity on macOS and iOS when it is called with a nil VerifyOpts.Roots or when using the root pool returned from SystemCertPool. SystemCertPool is now available on Windows. * crypto/x509: CertPool.Subjects is deprecated. On Windows, macOS, and iOS the CertPool returned by SystemCertPool will return a pool which does not include system roots in the slice returned by Subjects, as a static list can't appropriately represent the platform policies and might not be available at all from the platform APIs. * crypto/x509: Support for signing certificates using signature algorithms that depend on the MD5 and SHA-1 hashes (MD5WithRSA, SHA1WithRSA, and ECDSAWithSHA1) may be removed in Go 1.19. * net/http: When looking up a domain name containing non-ASCII characters, the Unicode-to-ASCII conversion is now done in accordance with Nontransitional Processing as defined in the Unicode IDNA Compatibility Processing standard (UTS #46). The interpretation of four distinct runes are changed: ß, ς, zero-width joiner U+200D, and zero-width non-joiner U+200C. Nontransitional Processing is consistent with most applications and web browsers. * os/user: User.GroupIds now uses a Go native implementation when cgo is not available. * runtime/debug: The BuildInfo struct has two new fields, containing additional information about how the binary was built: GoVersion holds the version of Go used to build the binary. Settings is a slice of BuildSettings structs holding key/value pairs describing the build. * runtime/pprof: The CPU profiler now uses per-thread timers on Linux. This increases the maximum CPU usage that a profile can observe, and reduces some forms of bias. * syscall: The new function SyscallN has been introduced for Windows, allowing for calls with arbitrary number of arguments. As a result, Syscall, Syscall6, Syscall9, Syscall12, Syscall15, and Syscall18 are deprecated in favor of SyscallN. go1.18-1.18-1.8.1.src.rpm go1.18-1.18-1.8.1.x86_64.rpm go1.18-doc-1.18-1.8.1.x86_64.rpm go1.18-race-1.18-1.8.1.x86_64.rpm go1.18-1.18-1.8.1.s390x.rpm go1.18-doc-1.18-1.8.1.s390x.rpm go1.18-1.18-1.8.1.ppc64le.rpm go1.18-doc-1.18-1.8.1.ppc64le.rpm go1.18-1.18-1.8.1.aarch64.rpm go1.18-doc-1.18-1.8.1.aarch64.rpm go1.18-race-1.18-1.8.1.aarch64.rpm openSUSE-SLE-15.4-2022-846 moderate SUSE Updates openSUSE-SLE 15.4 This update ships log4j 2.17.1 to the SUSE Linux Enterprise Basesystem module. (jsc#SLE-23508) - Removed alias log4j:log4j from log4j-1.2-api, since it is not a drop-in replacement Update to 2.17.1. Fixed bugs: - JdbcAppender now uses JndiManager to access JNDI resources. JNDI is only enabled when system property log4j2.enableJndiJdbc is set to true. - Remove unused method. - ExtendedLoggerWrapper.logMessage no longer double-logs when location is requested. - log4j-to-slf4j no longer re-interpolates formatted message contents. - Correct SpringLookup package name in Interpolator. - log4j-to-slf4j takes the provided MessageFactory into account. - Fix MapLookup to lookup MapMessage before DefaultMap. - Buffered I/O checked had inverted logic in RollingFileAppenderBuidler. - Fix NPE when input is null in StrSubstitutor.replace(String, Properties). - Lookups with no prefix only read values from the configuration properties as expected. - Reduce ignored package scope of KafkaAppender. jackson-annotations-2.10.2-3.2.1.noarch.rpm jackson-annotations-2.10.2-3.2.1.src.rpm jackson-annotations-javadoc-2.10.2-3.2.1.noarch.rpm jackson-core-2.10.2-3.2.1.noarch.rpm jackson-core-2.10.2-3.2.1.src.rpm jackson-core-javadoc-2.10.2-3.2.1.noarch.rpm jackson-databind-2.10.5.1-3.5.1.noarch.rpm jackson-databind-2.10.5.1-3.5.1.src.rpm jackson-databind-javadoc-2.10.5.1-3.5.1.noarch.rpm log4j-2.17.1-4.20.1.noarch.rpm log4j-2.17.1-4.20.1.src.rpm log4j-javadoc-2.17.1-4.20.1.noarch.rpm log4j-jcl-2.17.1-4.20.1.noarch.rpm log4j-slf4j-2.17.1-4.20.1.noarch.rpm openSUSE-SLE-15.4-2022-1115 moderate SUSE Updates openSUSE-SLE 15.4 This feature update for alsa-oss provides the following changes: Update from version 1.0.28 to version 1.1.8 (bsc#1181571) - Drop the superfluous build requires `alsa-topology-devel`. It is no longer mandatory. - Avoid repetition of name in package summary and updated description. - Fix build issues with the recent `glibc` (bsc#1181571) - Update the Free Software Foundation, Inc. address - Provide binaries for non x86_64 architectures directly to SUSE Package Hub. alsa-oss-1.1.8-150300.12.3.2.src.rpm alsa-oss-1.1.8-150300.12.3.2.x86_64.rpm alsa-oss-32bit-1.1.8-150300.12.3.2.x86_64.rpm alsa-oss-1.1.8-150300.12.3.2.s390x.rpm alsa-oss-1.1.8-150300.12.3.2.ppc64le.rpm alsa-oss-1.1.8-150300.12.3.2.aarch64.rpm openSUSE-SLE-15.4-2022-902 moderate SUSE Updates openSUSE-SLE 15.4 This optional update provides the following changes: - Provide binaries for non x86_64 architectures directly to SUSE Package Hub. - There are no visible changes for the final user. - Affected source packages: argyllcms, csync csync-0.50.0-3.5.1.src.rpm csync-0.50.0-3.5.1.x86_64.rpm libcsync-devel-0.50.0-3.5.1.x86_64.rpm libcsync-devel-doc-0.50.0-3.5.1.x86_64.rpm libcsync-doc-0.50.0-3.5.1.x86_64.rpm libcsync-plugin-owncloud-0.50.0-3.5.1.x86_64.rpm libcsync-plugin-sftp-0.50.0-3.5.1.x86_64.rpm libcsync-plugin-smb-0.50.0-3.5.1.x86_64.rpm libcsync0-0.50.0-3.5.1.x86_64.rpm libcsync0-32bit-0.50.0-3.5.1.x86_64.rpm csync-0.50.0-3.5.1.s390x.rpm libcsync-devel-0.50.0-3.5.1.s390x.rpm libcsync-devel-doc-0.50.0-3.5.1.s390x.rpm libcsync-doc-0.50.0-3.5.1.s390x.rpm libcsync-plugin-owncloud-0.50.0-3.5.1.s390x.rpm libcsync-plugin-sftp-0.50.0-3.5.1.s390x.rpm libcsync-plugin-smb-0.50.0-3.5.1.s390x.rpm libcsync0-0.50.0-3.5.1.s390x.rpm csync-0.50.0-3.5.1.ppc64le.rpm libcsync-devel-0.50.0-3.5.1.ppc64le.rpm libcsync-devel-doc-0.50.0-3.5.1.ppc64le.rpm libcsync-doc-0.50.0-3.5.1.ppc64le.rpm libcsync-plugin-owncloud-0.50.0-3.5.1.ppc64le.rpm libcsync-plugin-sftp-0.50.0-3.5.1.ppc64le.rpm libcsync-plugin-smb-0.50.0-3.5.1.ppc64le.rpm libcsync0-0.50.0-3.5.1.ppc64le.rpm csync-0.50.0-3.5.1.aarch64.rpm libcsync-devel-0.50.0-3.5.1.aarch64.rpm libcsync-devel-doc-0.50.0-3.5.1.aarch64.rpm libcsync-doc-0.50.0-3.5.1.aarch64.rpm libcsync-plugin-owncloud-0.50.0-3.5.1.aarch64.rpm libcsync-plugin-sftp-0.50.0-3.5.1.aarch64.rpm libcsync-plugin-smb-0.50.0-3.5.1.aarch64.rpm libcsync0-0.50.0-3.5.1.aarch64.rpm openSUSE-SLE-15.4-2022-722 important SUSE Updates openSUSE-SLE 15.4 This update for wireshark fixes the following issues: Update to Wireshark 3.6.2: - CVE-2022-0586: RTMPT dissector infinite loop (bsc#1195866) - CVE-2022-0585: Large loops in multiple dissectors (bsc#1195867) - CVE-2022-0583: PVFS dissector crash (bsc#1195868) - CVE-2022-0582: CSN.1 dissector crash (bsc#1195869) - CVE-2022-0581: CMS dissector crash (bsc#1195870) libwireshark15-3.6.2-3.71.1.x86_64.rpm libwiretap12-3.6.2-3.71.1.x86_64.rpm libwsutil13-3.6.2-3.71.1.x86_64.rpm wireshark-3.6.2-3.71.1.src.rpm wireshark-3.6.2-3.71.1.x86_64.rpm wireshark-devel-3.6.2-3.71.1.x86_64.rpm wireshark-ui-qt-3.6.2-3.71.1.x86_64.rpm libwireshark15-3.6.2-3.71.1.s390x.rpm libwiretap12-3.6.2-3.71.1.s390x.rpm libwsutil13-3.6.2-3.71.1.s390x.rpm wireshark-3.6.2-3.71.1.s390x.rpm wireshark-devel-3.6.2-3.71.1.s390x.rpm wireshark-ui-qt-3.6.2-3.71.1.s390x.rpm libwireshark15-3.6.2-3.71.1.ppc64le.rpm libwiretap12-3.6.2-3.71.1.ppc64le.rpm libwsutil13-3.6.2-3.71.1.ppc64le.rpm wireshark-3.6.2-3.71.1.ppc64le.rpm wireshark-devel-3.6.2-3.71.1.ppc64le.rpm wireshark-ui-qt-3.6.2-3.71.1.ppc64le.rpm libwireshark15-3.6.2-3.71.1.aarch64.rpm libwiretap12-3.6.2-3.71.1.aarch64.rpm libwsutil13-3.6.2-3.71.1.aarch64.rpm wireshark-3.6.2-3.71.1.aarch64.rpm wireshark-devel-3.6.2-3.71.1.aarch64.rpm wireshark-ui-qt-3.6.2-3.71.1.aarch64.rpm openSUSE-SLE-15.4-2022-715 important SUSE Updates openSUSE-SLE 15.4 This update for nodejs14 fixes the following issues: - CVE-2021-23343: Fixed ReDoS via splitDeviceRe, splitTailRe and splitPathRe (bsc#1192153). - CVE-2021-32803: Fixed insufficient symlink protection in node-tar allowing arbitrary file creation and overwrite (bsc#1191963). - CVE-2021-32804: Fixed insufficient absolute path sanitization in node-tar allowing arbitrary file creation and overwrite (bsc#1191962). - CVE-2021-3918: Fixed improper controlled modification of object prototype attributes in json-schema (bsc#1192696). - CVE-2021-3807: Fixed regular expression denial of service (ReDoS) matching ANSI escape codes in node-ansi-regex (bsc#1192154). nodejs14-14.19.0-15.27.1.src.rpm nodejs14-14.19.0-15.27.1.x86_64.rpm nodejs14-devel-14.19.0-15.27.1.x86_64.rpm nodejs14-docs-14.19.0-15.27.1.noarch.rpm npm14-14.19.0-15.27.1.x86_64.rpm nodejs14-14.19.0-15.27.1.s390x.rpm nodejs14-devel-14.19.0-15.27.1.s390x.rpm npm14-14.19.0-15.27.1.s390x.rpm nodejs14-14.19.0-15.27.1.ppc64le.rpm nodejs14-devel-14.19.0-15.27.1.ppc64le.rpm npm14-14.19.0-15.27.1.ppc64le.rpm nodejs14-14.19.0-15.27.1.aarch64.rpm nodejs14-devel-14.19.0-15.27.1.aarch64.rpm npm14-14.19.0-15.27.1.aarch64.rpm openSUSE-SLE-15.4-2022-559 important SUSE Updates openSUSE-SLE 15.4 This update for MozillaThunderbird fixes the following issues: - Mozilla Thunderbird 91.6.1 / MFSA 2022-07 (bsc#1196072) * CVE-2022-0566 (bmo#1753094) Crafted email could trigger an out-of-bounds write - Mozilla Thunderbird 91.6 / MFSA 2022-06 (bsc#1195682) * CVE-2022-22753 (bmo#1732435) Privilege Escalation to SYSTEM on Windows via Maintenance Service * CVE-2022-22754 (bmo#1750565) Extensions could have bypassed permission confirmation during update * CVE-2022-22756 (bmo#1317873) Drag and dropping an image could have resulted in the dropped object being an executable * CVE-2022-22759 (bmo#1739957) Sandboxed iframes could have executed script if the parent appended elements * CVE-2022-22760 (bmo#1740985, bmo#1748503) Cross-Origin responses could be distinguished between script and non-script content-types * CVE-2022-22761 (bmo#1745566) frame-ancestors Content Security Policy directive was not enforced for framed extension pages * CVE-2022-22763 (bmo#1740534) Script Execution during invalid object state * CVE-2022-22764 (bmo#1742682, bmo#1744165, bmo#1746545, bmo#1748210, bmo#1748279) Memory safety bugs fixed in Thunderbird 91.6 MozillaThunderbird-91.6.1-8.54.1.src.rpm MozillaThunderbird-91.6.1-8.54.1.x86_64.rpm MozillaThunderbird-translations-common-91.6.1-8.54.1.x86_64.rpm MozillaThunderbird-translations-other-91.6.1-8.54.1.x86_64.rpm MozillaThunderbird-91.6.1-8.54.1.s390x.rpm MozillaThunderbird-translations-common-91.6.1-8.54.1.s390x.rpm MozillaThunderbird-translations-other-91.6.1-8.54.1.s390x.rpm MozillaThunderbird-91.6.1-8.54.1.ppc64le.rpm MozillaThunderbird-translations-common-91.6.1-8.54.1.ppc64le.rpm MozillaThunderbird-translations-other-91.6.1-8.54.1.ppc64le.rpm MozillaThunderbird-91.6.1-8.54.1.aarch64.rpm MozillaThunderbird-translations-common-91.6.1-8.54.1.aarch64.rpm MozillaThunderbird-translations-other-91.6.1-8.54.1.aarch64.rpm openSUSE-SLE-15.4-2022-799 moderate SUSE Updates openSUSE-SLE 15.4 This update for sssd fixes the following issues: - Remove caches only when performing a package downgrade. The sssd daemon takes care of upgrading the database format when necessary (bsc#1195552) - Fix 32-bit libraries package. Libraries were moved from sssd to sssd-common to fix bsc#1182058 and baselibs.conf was not updated accordingly; (bsc#1196166); sssd-1.16.1-150300.23.23.1.src.rpm sssd-wbclient-1.16.1-150300.23.23.1.x86_64.rpm sssd-wbclient-devel-1.16.1-150300.23.23.1.x86_64.rpm sssd-wbclient-1.16.1-150300.23.23.1.s390x.rpm sssd-wbclient-devel-1.16.1-150300.23.23.1.s390x.rpm sssd-wbclient-1.16.1-150300.23.23.1.ppc64le.rpm sssd-wbclient-devel-1.16.1-150300.23.23.1.ppc64le.rpm sssd-wbclient-1.16.1-150300.23.23.1.aarch64.rpm sssd-wbclient-devel-1.16.1-150300.23.23.1.aarch64.rpm openSUSE-SLE-15.4-2022-836 moderate SUSE Updates openSUSE-SLE 15.4 This update for gdb fixes the following issues: - Support for new IBM Z Hardware - GDB Part (jsc#SLE-22287) gdb-11.1-8.30.1.src.rpm gdb-11.1-8.30.1.x86_64.rpm gdb-testresults-11.1-8.30.1.nosrc.rpm gdb-testresults-11.1-8.30.1.x86_64.rpm gdbserver-11.1-8.30.1.x86_64.rpm gdb-11.1-8.30.1.s390x.rpm gdb-testresults-11.1-8.30.1.s390x.rpm gdbserver-11.1-8.30.1.s390x.rpm gdb-11.1-8.30.1.ppc64le.rpm gdb-testresults-11.1-8.30.1.ppc64le.rpm gdbserver-11.1-8.30.1.ppc64le.rpm gdb-11.1-8.30.1.aarch64.rpm gdb-testresults-11.1-8.30.1.aarch64.rpm gdbserver-11.1-8.30.1.aarch64.rpm openSUSE-SLE-15.4-2022-739 moderate SUSE Updates openSUSE-SLE 15.4 This update for mdadm fixes the following issues: - Monitor: print message before quit for no array to monitor (bsc#1183229) mdadm-4.1-150300.24.9.1.src.rpm mdadm-4.1-150300.24.9.1.x86_64.rpm mdadm-4.1-150300.24.9.1.s390x.rpm mdadm-4.1-150300.24.9.1.ppc64le.rpm mdadm-4.1-150300.24.9.1.aarch64.rpm openSUSE-SLE-15.4-2022-743 important SUSE Updates openSUSE-SLE 15.4 This update for cyrus-sasl fixes the following issues: - CVE-2022-24407: Fixed SQL injection in sql_auxprop_store in plugins/sql.c (bsc#1196036). The following non-security bugs were fixed: - postfix: sasl authentication with password fails (bsc#1194265). cyrus-sasl-2.1.27-150300.4.6.1.src.rpm cyrus-sasl-2.1.27-150300.4.6.1.x86_64.rpm cyrus-sasl-32bit-2.1.27-150300.4.6.1.x86_64.rpm cyrus-sasl-bdb-2.1.27-150300.4.6.1.src.rpm cyrus-sasl-bdb-2.1.27-150300.4.6.1.x86_64.rpm cyrus-sasl-bdb-crammd5-2.1.27-150300.4.6.1.x86_64.rpm cyrus-sasl-bdb-devel-2.1.27-150300.4.6.1.x86_64.rpm cyrus-sasl-bdb-digestmd5-2.1.27-150300.4.6.1.x86_64.rpm cyrus-sasl-bdb-gs2-2.1.27-150300.4.6.1.x86_64.rpm cyrus-sasl-bdb-gssapi-2.1.27-150300.4.6.1.x86_64.rpm cyrus-sasl-bdb-ntlm-2.1.27-150300.4.6.1.x86_64.rpm cyrus-sasl-bdb-otp-2.1.27-150300.4.6.1.x86_64.rpm cyrus-sasl-bdb-plain-2.1.27-150300.4.6.1.x86_64.rpm cyrus-sasl-bdb-scram-2.1.27-150300.4.6.1.x86_64.rpm cyrus-sasl-crammd5-2.1.27-150300.4.6.1.x86_64.rpm cyrus-sasl-crammd5-32bit-2.1.27-150300.4.6.1.x86_64.rpm cyrus-sasl-devel-2.1.27-150300.4.6.1.x86_64.rpm cyrus-sasl-devel-32bit-2.1.27-150300.4.6.1.x86_64.rpm cyrus-sasl-digestmd5-2.1.27-150300.4.6.1.x86_64.rpm cyrus-sasl-digestmd5-32bit-2.1.27-150300.4.6.1.x86_64.rpm cyrus-sasl-gs2-2.1.27-150300.4.6.1.x86_64.rpm cyrus-sasl-gssapi-2.1.27-150300.4.6.1.x86_64.rpm cyrus-sasl-gssapi-32bit-2.1.27-150300.4.6.1.x86_64.rpm cyrus-sasl-ldap-auxprop-2.1.27-150300.4.6.1.x86_64.rpm cyrus-sasl-ldap-auxprop-32bit-2.1.27-150300.4.6.1.x86_64.rpm cyrus-sasl-ldap-auxprop-bdb-2.1.27-150300.4.6.1.x86_64.rpm cyrus-sasl-ntlm-2.1.27-150300.4.6.1.x86_64.rpm cyrus-sasl-otp-2.1.27-150300.4.6.1.x86_64.rpm cyrus-sasl-otp-32bit-2.1.27-150300.4.6.1.x86_64.rpm cyrus-sasl-plain-2.1.27-150300.4.6.1.x86_64.rpm cyrus-sasl-plain-32bit-2.1.27-150300.4.6.1.x86_64.rpm cyrus-sasl-saslauthd-2.1.27-150300.4.6.1.src.rpm cyrus-sasl-saslauthd-2.1.27-150300.4.6.1.x86_64.rpm cyrus-sasl-saslauthd-bdb-2.1.27-150300.4.6.1.src.rpm cyrus-sasl-saslauthd-bdb-2.1.27-150300.4.6.1.x86_64.rpm cyrus-sasl-scram-2.1.27-150300.4.6.1.x86_64.rpm cyrus-sasl-sqlauxprop-2.1.27-150300.4.6.1.x86_64.rpm cyrus-sasl-sqlauxprop-32bit-2.1.27-150300.4.6.1.x86_64.rpm cyrus-sasl-sqlauxprop-bdb-2.1.27-150300.4.6.1.x86_64.rpm libsasl2-3-2.1.27-150300.4.6.1.x86_64.rpm libsasl2-3-32bit-2.1.27-150300.4.6.1.x86_64.rpm cyrus-sasl-2.1.27-150300.4.6.1.s390x.rpm cyrus-sasl-bdb-2.1.27-150300.4.6.1.s390x.rpm cyrus-sasl-bdb-crammd5-2.1.27-150300.4.6.1.s390x.rpm cyrus-sasl-bdb-devel-2.1.27-150300.4.6.1.s390x.rpm cyrus-sasl-bdb-digestmd5-2.1.27-150300.4.6.1.s390x.rpm cyrus-sasl-bdb-gs2-2.1.27-150300.4.6.1.s390x.rpm cyrus-sasl-bdb-gssapi-2.1.27-150300.4.6.1.s390x.rpm cyrus-sasl-bdb-ntlm-2.1.27-150300.4.6.1.s390x.rpm cyrus-sasl-bdb-otp-2.1.27-150300.4.6.1.s390x.rpm cyrus-sasl-bdb-plain-2.1.27-150300.4.6.1.s390x.rpm cyrus-sasl-bdb-scram-2.1.27-150300.4.6.1.s390x.rpm cyrus-sasl-crammd5-2.1.27-150300.4.6.1.s390x.rpm cyrus-sasl-devel-2.1.27-150300.4.6.1.s390x.rpm cyrus-sasl-digestmd5-2.1.27-150300.4.6.1.s390x.rpm cyrus-sasl-gs2-2.1.27-150300.4.6.1.s390x.rpm cyrus-sasl-gssapi-2.1.27-150300.4.6.1.s390x.rpm cyrus-sasl-ldap-auxprop-2.1.27-150300.4.6.1.s390x.rpm cyrus-sasl-ldap-auxprop-bdb-2.1.27-150300.4.6.1.s390x.rpm cyrus-sasl-ntlm-2.1.27-150300.4.6.1.s390x.rpm cyrus-sasl-otp-2.1.27-150300.4.6.1.s390x.rpm cyrus-sasl-plain-2.1.27-150300.4.6.1.s390x.rpm cyrus-sasl-saslauthd-2.1.27-150300.4.6.1.s390x.rpm cyrus-sasl-saslauthd-bdb-2.1.27-150300.4.6.1.s390x.rpm cyrus-sasl-scram-2.1.27-150300.4.6.1.s390x.rpm cyrus-sasl-sqlauxprop-2.1.27-150300.4.6.1.s390x.rpm cyrus-sasl-sqlauxprop-bdb-2.1.27-150300.4.6.1.s390x.rpm libsasl2-3-2.1.27-150300.4.6.1.s390x.rpm cyrus-sasl-2.1.27-150300.4.6.1.ppc64le.rpm cyrus-sasl-bdb-2.1.27-150300.4.6.1.ppc64le.rpm cyrus-sasl-bdb-crammd5-2.1.27-150300.4.6.1.ppc64le.rpm cyrus-sasl-bdb-devel-2.1.27-150300.4.6.1.ppc64le.rpm cyrus-sasl-bdb-digestmd5-2.1.27-150300.4.6.1.ppc64le.rpm cyrus-sasl-bdb-gs2-2.1.27-150300.4.6.1.ppc64le.rpm cyrus-sasl-bdb-gssapi-2.1.27-150300.4.6.1.ppc64le.rpm cyrus-sasl-bdb-ntlm-2.1.27-150300.4.6.1.ppc64le.rpm cyrus-sasl-bdb-otp-2.1.27-150300.4.6.1.ppc64le.rpm cyrus-sasl-bdb-plain-2.1.27-150300.4.6.1.ppc64le.rpm cyrus-sasl-bdb-scram-2.1.27-150300.4.6.1.ppc64le.rpm cyrus-sasl-crammd5-2.1.27-150300.4.6.1.ppc64le.rpm cyrus-sasl-devel-2.1.27-150300.4.6.1.ppc64le.rpm cyrus-sasl-digestmd5-2.1.27-150300.4.6.1.ppc64le.rpm cyrus-sasl-gs2-2.1.27-150300.4.6.1.ppc64le.rpm cyrus-sasl-gssapi-2.1.27-150300.4.6.1.ppc64le.rpm cyrus-sasl-ldap-auxprop-2.1.27-150300.4.6.1.ppc64le.rpm cyrus-sasl-ldap-auxprop-bdb-2.1.27-150300.4.6.1.ppc64le.rpm cyrus-sasl-ntlm-2.1.27-150300.4.6.1.ppc64le.rpm cyrus-sasl-otp-2.1.27-150300.4.6.1.ppc64le.rpm cyrus-sasl-plain-2.1.27-150300.4.6.1.ppc64le.rpm cyrus-sasl-saslauthd-2.1.27-150300.4.6.1.ppc64le.rpm cyrus-sasl-saslauthd-bdb-2.1.27-150300.4.6.1.ppc64le.rpm cyrus-sasl-scram-2.1.27-150300.4.6.1.ppc64le.rpm cyrus-sasl-sqlauxprop-2.1.27-150300.4.6.1.ppc64le.rpm cyrus-sasl-sqlauxprop-bdb-2.1.27-150300.4.6.1.ppc64le.rpm libsasl2-3-2.1.27-150300.4.6.1.ppc64le.rpm cyrus-sasl-2.1.27-150300.4.6.1.aarch64.rpm cyrus-sasl-bdb-2.1.27-150300.4.6.1.aarch64.rpm cyrus-sasl-bdb-crammd5-2.1.27-150300.4.6.1.aarch64.rpm cyrus-sasl-bdb-devel-2.1.27-150300.4.6.1.aarch64.rpm cyrus-sasl-bdb-digestmd5-2.1.27-150300.4.6.1.aarch64.rpm cyrus-sasl-bdb-gs2-2.1.27-150300.4.6.1.aarch64.rpm cyrus-sasl-bdb-gssapi-2.1.27-150300.4.6.1.aarch64.rpm cyrus-sasl-bdb-ntlm-2.1.27-150300.4.6.1.aarch64.rpm cyrus-sasl-bdb-otp-2.1.27-150300.4.6.1.aarch64.rpm cyrus-sasl-bdb-plain-2.1.27-150300.4.6.1.aarch64.rpm cyrus-sasl-bdb-scram-2.1.27-150300.4.6.1.aarch64.rpm cyrus-sasl-crammd5-2.1.27-150300.4.6.1.aarch64.rpm cyrus-sasl-devel-2.1.27-150300.4.6.1.aarch64.rpm cyrus-sasl-digestmd5-2.1.27-150300.4.6.1.aarch64.rpm cyrus-sasl-gs2-2.1.27-150300.4.6.1.aarch64.rpm cyrus-sasl-gssapi-2.1.27-150300.4.6.1.aarch64.rpm cyrus-sasl-ldap-auxprop-2.1.27-150300.4.6.1.aarch64.rpm cyrus-sasl-ldap-auxprop-bdb-2.1.27-150300.4.6.1.aarch64.rpm cyrus-sasl-ntlm-2.1.27-150300.4.6.1.aarch64.rpm cyrus-sasl-otp-2.1.27-150300.4.6.1.aarch64.rpm cyrus-sasl-plain-2.1.27-150300.4.6.1.aarch64.rpm cyrus-sasl-saslauthd-2.1.27-150300.4.6.1.aarch64.rpm cyrus-sasl-saslauthd-bdb-2.1.27-150300.4.6.1.aarch64.rpm cyrus-sasl-scram-2.1.27-150300.4.6.1.aarch64.rpm cyrus-sasl-sqlauxprop-2.1.27-150300.4.6.1.aarch64.rpm cyrus-sasl-sqlauxprop-bdb-2.1.27-150300.4.6.1.aarch64.rpm libsasl2-3-2.1.27-150300.4.6.1.aarch64.rpm openSUSE-SLE-15.4-2022-787 moderate SUSE Updates openSUSE-SLE 15.4 This update for openldap2 fixes the following issue: - restore CLDAP functionality in CLI tools (jsc#PM-3288) libldap-2_4-2-2.4.46-9.61.1.x86_64.rpm libldap-2_4-2-32bit-2.4.46-9.61.1.x86_64.rpm libldap-data-2.4.46-9.61.1.noarch.rpm openldap2-2.4.46-9.61.1.src.rpm openldap2-2.4.46-9.61.1.x86_64.rpm openldap2-back-meta-2.4.46-9.61.1.x86_64.rpm openldap2-back-perl-2.4.46-9.61.1.x86_64.rpm openldap2-back-sock-2.4.46-9.61.1.x86_64.rpm openldap2-back-sql-2.4.46-9.61.1.x86_64.rpm openldap2-client-2.4.46-9.61.1.x86_64.rpm openldap2-contrib-2.4.46-9.61.1.x86_64.rpm openldap2-devel-2.4.46-9.61.1.x86_64.rpm openldap2-devel-32bit-2.4.46-9.61.1.x86_64.rpm openldap2-devel-static-2.4.46-9.61.1.x86_64.rpm openldap2-doc-2.4.46-9.61.1.noarch.rpm openldap2-ppolicy-check-password-1.2-9.61.1.x86_64.rpm libldap-2_4-2-2.4.46-9.61.1.s390x.rpm openldap2-2.4.46-9.61.1.s390x.rpm openldap2-back-meta-2.4.46-9.61.1.s390x.rpm openldap2-back-perl-2.4.46-9.61.1.s390x.rpm openldap2-back-sock-2.4.46-9.61.1.s390x.rpm openldap2-back-sql-2.4.46-9.61.1.s390x.rpm openldap2-client-2.4.46-9.61.1.s390x.rpm openldap2-contrib-2.4.46-9.61.1.s390x.rpm openldap2-devel-2.4.46-9.61.1.s390x.rpm openldap2-devel-static-2.4.46-9.61.1.s390x.rpm openldap2-ppolicy-check-password-1.2-9.61.1.s390x.rpm libldap-2_4-2-2.4.46-9.61.1.ppc64le.rpm openldap2-2.4.46-9.61.1.ppc64le.rpm openldap2-back-meta-2.4.46-9.61.1.ppc64le.rpm openldap2-back-perl-2.4.46-9.61.1.ppc64le.rpm openldap2-back-sock-2.4.46-9.61.1.ppc64le.rpm openldap2-back-sql-2.4.46-9.61.1.ppc64le.rpm openldap2-client-2.4.46-9.61.1.ppc64le.rpm openldap2-contrib-2.4.46-9.61.1.ppc64le.rpm openldap2-devel-2.4.46-9.61.1.ppc64le.rpm openldap2-devel-static-2.4.46-9.61.1.ppc64le.rpm openldap2-ppolicy-check-password-1.2-9.61.1.ppc64le.rpm libldap-2_4-2-2.4.46-9.61.1.aarch64.rpm openldap2-2.4.46-9.61.1.aarch64.rpm openldap2-back-meta-2.4.46-9.61.1.aarch64.rpm openldap2-back-perl-2.4.46-9.61.1.aarch64.rpm openldap2-back-sock-2.4.46-9.61.1.aarch64.rpm openldap2-back-sql-2.4.46-9.61.1.aarch64.rpm openldap2-client-2.4.46-9.61.1.aarch64.rpm openldap2-contrib-2.4.46-9.61.1.aarch64.rpm openldap2-devel-2.4.46-9.61.1.aarch64.rpm openldap2-devel-static-2.4.46-9.61.1.aarch64.rpm openldap2-ppolicy-check-password-1.2-9.61.1.aarch64.rpm openSUSE-SLE-15.4-2022-876 moderate SUSE Updates openSUSE-SLE 15.4 This update for xorg-x11-server fixes the following issue: - Fix segmentation fault during terminal switches with multiple attached displays. (bsc#1188970) - Fix a regression that may cause gdm/lightdm fail to start. (bsc#1196577) xorg-x11-server-1.20.3-22.5.47.1.src.rpm xorg-x11-server-wayland-1.20.3-22.5.47.1.x86_64.rpm xorg-x11-server-wayland-1.20.3-22.5.47.1.s390x.rpm xorg-x11-server-wayland-1.20.3-22.5.47.1.ppc64le.rpm xorg-x11-server-wayland-1.20.3-22.5.47.1.aarch64.rpm openSUSE-SLE-15.4-2022-889 moderate SUSE Updates openSUSE-SLE 15.4 This update for postgresql10 fixes the following issues: Upgrade to version 10.20 (bsc#1195680): - Reindexing might be needed after applying this upgrade, so please read the release notes carefully https://www.postgresql.org/docs/10/release-10-20.html - Add constraints file with 12GB of memory for s390x as a workaround (bsc#1190740) - Add a llvmjit-devel subpackage to pull in the right versions of clang and llvm for building extensions - Fix some mistakes in the interdependencies between the implementation packages and their noarch counterpart postgresql10-10.20-8.44.1.src.rpm postgresql10-10.20-8.44.1.x86_64.rpm postgresql10-contrib-10.20-8.44.1.x86_64.rpm postgresql10-docs-10.20-8.44.1.noarch.rpm postgresql10-plperl-10.20-8.44.1.x86_64.rpm postgresql10-plpython-10.20-8.44.1.x86_64.rpm postgresql10-pltcl-10.20-8.44.1.x86_64.rpm postgresql10-server-10.20-8.44.1.x86_64.rpm postgresql10-test-10.20-8.44.1.x86_64.rpm postgresql10-10.20-8.44.1.s390x.rpm postgresql10-contrib-10.20-8.44.1.s390x.rpm postgresql10-plperl-10.20-8.44.1.s390x.rpm postgresql10-plpython-10.20-8.44.1.s390x.rpm postgresql10-pltcl-10.20-8.44.1.s390x.rpm postgresql10-server-10.20-8.44.1.s390x.rpm postgresql10-test-10.20-8.44.1.s390x.rpm postgresql10-10.20-8.44.1.ppc64le.rpm postgresql10-contrib-10.20-8.44.1.ppc64le.rpm postgresql10-plperl-10.20-8.44.1.ppc64le.rpm postgresql10-plpython-10.20-8.44.1.ppc64le.rpm postgresql10-pltcl-10.20-8.44.1.ppc64le.rpm postgresql10-server-10.20-8.44.1.ppc64le.rpm postgresql10-test-10.20-8.44.1.ppc64le.rpm postgresql10-10.20-8.44.1.aarch64.rpm postgresql10-contrib-10.20-8.44.1.aarch64.rpm postgresql10-plperl-10.20-8.44.1.aarch64.rpm postgresql10-plpython-10.20-8.44.1.aarch64.rpm postgresql10-pltcl-10.20-8.44.1.aarch64.rpm postgresql10-server-10.20-8.44.1.aarch64.rpm postgresql10-test-10.20-8.44.1.aarch64.rpm openSUSE-SLE-15.4-2022-726 important SUSE Updates openSUSE-SLE 15.4 This update for mariadb fixes the following issues: - Update to 10.4.24 (bsc#1196016): * 10.4.24: CVE-2021-46665 CVE-2021-46664 CVE-2021-46661 CVE-2021-46668 CVE-2021-46663 * 10.4.23: CVE-2022-24052 CVE-2022-24051 CVE-2022-24050 CVE-2022-24048 CVE-2021-46659, bsc#1195339 - The following issues have already been fixed in this package but weren't previously mentioned in the changes file: CVE-2021-46658, bsc#1195334 CVE-2021-46657, bsc#1195325 mariadb-10.4.24-3.25.1.src.rpm mariadb-galera-10.4.24-3.25.1.x86_64.rpm mariadb-galera-10.4.24-3.25.1.s390x.rpm mariadb-galera-10.4.24-3.25.1.ppc64le.rpm mariadb-galera-10.4.24-3.25.1.aarch64.rpm openSUSE-SLE-15.4-2022-725 important SUSE Updates openSUSE-SLE 15.4 This update for mariadb fixes the following issues: - Update to 10.2.43 (bsc#1196016): 10.2.43: CVE-2021-46665 CVE-2021-46664 CVE-2021-46661 CVE-2021-46668 CVE-2021-46663 10.2.42: CVE-2022-24052 CVE-2022-24051 CVE-2022-24050 CVE-2022-24048 CVE-2021-46659, bsc#1195339 - The following issues have already been fixed in this package but weren't previously mentioned in the changes file: CVE-2021-46658, bsc#1195334 CVE-2021-46657, bsc#1195325 libmysqld-devel-10.2.43-3.51.1.x86_64.rpm libmysqld19-10.2.43-3.51.1.x86_64.rpm mariadb-10.2.43-3.51.1.src.rpm libmysqld-devel-10.2.43-3.51.1.s390x.rpm libmysqld19-10.2.43-3.51.1.s390x.rpm libmysqld-devel-10.2.43-3.51.1.ppc64le.rpm libmysqld19-10.2.43-3.51.1.ppc64le.rpm libmysqld-devel-10.2.43-3.51.1.aarch64.rpm libmysqld19-10.2.43-3.51.1.aarch64.rpm openSUSE-SLE-15.4-2022-781 moderate SUSE Updates openSUSE-SLE 15.4 This optional update provides the following changes: - Provide binaries for non x86_64 architectures directly to SUSE Package Hub. - There are no visible changes for the final user. - Affected source packages: MozillaThunderbird, enigmail MozillaThunderbird-91.6.1-8.56.1.src.rpm MozillaThunderbird-91.6.1-8.56.1.x86_64.rpm MozillaThunderbird-translations-common-91.6.1-8.56.1.x86_64.rpm MozillaThunderbird-translations-other-91.6.1-8.56.1.x86_64.rpm enigmail-2.2.4-3.27.1.src.rpm enigmail-2.2.4-3.27.1.x86_64.rpm MozillaThunderbird-91.6.1-8.56.1.s390x.rpm MozillaThunderbird-translations-common-91.6.1-8.56.1.s390x.rpm MozillaThunderbird-translations-other-91.6.1-8.56.1.s390x.rpm enigmail-2.2.4-3.27.1.s390x.rpm MozillaThunderbird-91.6.1-8.56.1.ppc64le.rpm MozillaThunderbird-translations-common-91.6.1-8.56.1.ppc64le.rpm MozillaThunderbird-translations-other-91.6.1-8.56.1.ppc64le.rpm enigmail-2.2.4-3.27.1.ppc64le.rpm MozillaThunderbird-91.6.1-8.56.1.aarch64.rpm MozillaThunderbird-translations-common-91.6.1-8.56.1.aarch64.rpm MozillaThunderbird-translations-other-91.6.1-8.56.1.aarch64.rpm enigmail-2.2.4-3.27.1.aarch64.rpm openSUSE-SLE-15.4-2022-1297 low SUSE Updates openSUSE-SLE 15.4 This update for swtpm fixes the following issues: - Update to version 0.5.3 - CVE-2022-23645: Check header size indicator against expected size (bsc#1196240). swtpm-0.5.3-150300.3.3.1.src.rpm swtpm-0.5.3-150300.3.3.1.x86_64.rpm swtpm-devel-0.5.3-150300.3.3.1.x86_64.rpm swtpm-0.5.3-150300.3.3.1.s390x.rpm swtpm-devel-0.5.3-150300.3.3.1.s390x.rpm swtpm-0.5.3-150300.3.3.1.ppc64le.rpm swtpm-devel-0.5.3-150300.3.3.1.ppc64le.rpm swtpm-0.5.3-150300.3.3.1.aarch64.rpm swtpm-devel-0.5.3-150300.3.3.1.aarch64.rpm openSUSE-SLE-15.4-2022-885 moderate SUSE Updates openSUSE-SLE 15.4 This optional update provides the following changes: - Provide binaries for non x86_64 architectures directly to SUSE Package Hub. - There are no visible changes for the final user. - Affected source packages: freerdp, libgsm libgsm-1.0.14-3.2.1.src.rpm libgsm-devel-1.0.14-3.2.1.x86_64.rpm libgsm-devel-32bit-1.0.14-3.2.1.x86_64.rpm libgsm-utils-1.0.14-3.2.1.x86_64.rpm libgsm1-1.0.14-3.2.1.x86_64.rpm libgsm1-32bit-1.0.14-3.2.1.x86_64.rpm libgsm-devel-1.0.14-3.2.1.s390x.rpm libgsm-utils-1.0.14-3.2.1.s390x.rpm libgsm1-1.0.14-3.2.1.s390x.rpm libgsm-devel-1.0.14-3.2.1.ppc64le.rpm libgsm-utils-1.0.14-3.2.1.ppc64le.rpm libgsm1-1.0.14-3.2.1.ppc64le.rpm libgsm-devel-1.0.14-3.2.1.aarch64.rpm libgsm-utils-1.0.14-3.2.1.aarch64.rpm libgsm1-1.0.14-3.2.1.aarch64.rpm openSUSE-SLE-15.4-2022-1134 moderate SUSE Updates openSUSE-SLE 15.4 This optional update provides the following changes: - Provide binaries for non x86_64 architectures directly to SUSE Package Hub. - There are no visible changes for the final user. - Affected source packages: gfbgraph, librest, gnome-online-accounts, gcr librest-0.8.1-3.2.1.src.rpm librest-0_7-0-0.8.1-3.2.1.x86_64.rpm librest-0_7-0-32bit-0.8.1-3.2.1.x86_64.rpm librest-devel-0.8.1-3.2.1.x86_64.rpm typelib-1_0-Rest-0_7-0.8.1-3.2.1.x86_64.rpm librest-0_7-0-0.8.1-3.2.1.s390x.rpm librest-devel-0.8.1-3.2.1.s390x.rpm typelib-1_0-Rest-0_7-0.8.1-3.2.1.s390x.rpm librest-0_7-0-0.8.1-3.2.1.ppc64le.rpm librest-devel-0.8.1-3.2.1.ppc64le.rpm typelib-1_0-Rest-0_7-0.8.1-3.2.1.ppc64le.rpm librest-0_7-0-0.8.1-3.2.1.aarch64.rpm librest-devel-0.8.1-3.2.1.aarch64.rpm typelib-1_0-Rest-0_7-0.8.1-3.2.1.aarch64.rpm openSUSE-SLE-15.4-2022-792 moderate SUSE Updates openSUSE-SLE 15.4 This update for suse-build-key fixes the following issues: - The old SUSE PTF key was extended, but also move it to suse_ptf_key_old.asc (as it is a DSA1024 key). - Added a new SUSE PTF key with RSA2048 bit as suse_ptf_key.asc (bsc#1196494) - Extended the expiry of SUSE Linux Enterprise 11 key (bsc#1194845) - Added SUSE Container signing key in PEM format for use e.g. by cosign. - The SUSE security key was replaced with 2022 edition (E-Mail usage only). (bsc#1196495) suse-build-key-12.0-8.19.1.noarch.rpm suse-build-key-12.0-8.19.1.src.rpm openSUSE-SLE-15.4-2022-818 important SUSE Updates openSUSE-SLE 15.4 This update for tomcat fixes the following issues: Security issues fixed: - CVE-2022-23181: Make calculation of session storage location more robust (bsc#1195255) - Remove log4j (bsc#1196137) tomcat-9.0.36-19.1.noarch.rpm tomcat-9.0.36-19.1.src.rpm tomcat-admin-webapps-9.0.36-19.1.noarch.rpm tomcat-docs-webapp-9.0.36-19.1.noarch.rpm tomcat-el-3_0-api-9.0.36-19.1.noarch.rpm tomcat-embed-9.0.36-19.1.noarch.rpm tomcat-javadoc-9.0.36-19.1.noarch.rpm tomcat-jsp-2_3-api-9.0.36-19.1.noarch.rpm tomcat-jsvc-9.0.36-19.1.noarch.rpm tomcat-lib-9.0.36-19.1.noarch.rpm tomcat-servlet-4_0-api-9.0.36-19.1.noarch.rpm tomcat-webapps-9.0.36-19.1.noarch.rpm openSUSE-SLE-15.4-2022-736 important SUSE Updates openSUSE-SLE 15.4 This update for vim fixes the following issues: - CVE-2022-0318: Fixed heap-based buffer overflow (bsc#1195004). - CVE-2021-3796: Fixed use-after-free in nv_replace() in normal.c (bsc#1190570). - CVE-2021-3872: Fixed heap-based buffer overflow in win_redr_status() drawscreen.c (bsc#1191893). - CVE-2021-3927: Fixed heap-based buffer overflow (bsc#1192481). - CVE-2021-3928: Fixed stack-based buffer overflow (bsc#1192478). - CVE-2021-4019: Fixed heap-based buffer overflow (bsc#1193294). - CVE-2021-3984: Fixed illegal memory access when C-indenting could have led to heap buffer overflow (bsc#1193298). - CVE-2021-3778: Fixed heap-based buffer overflow in regexp_nfa.c (bsc#1190533). - CVE-2021-4193: Fixed out-of-bounds read (bsc#1194216). - CVE-2021-46059: Fixed pointer dereference vulnerability via the vim_regexec_multi function at regexp.c (bsc#1194556). - CVE-2022-0319: Fixded out-of-bounds read (bsc#1195066). - CVE-2022-0351: Fixed uncontrolled recursion in eval7() (bsc#1195126). - CVE-2022-0361: Fixed buffer overflow (bsc#1195126). - CVE-2022-0413: Fixed use-after-free in src/ex_cmds.c (bsc#1195356). gvim-8.0.1568-5.17.1.x86_64.rpm vim-8.0.1568-5.17.1.src.rpm vim-8.0.1568-5.17.1.x86_64.rpm vim-data-8.0.1568-5.17.1.noarch.rpm vim-data-common-8.0.1568-5.17.1.noarch.rpm vim-small-8.0.1568-5.17.1.x86_64.rpm gvim-8.0.1568-5.17.1.s390x.rpm vim-8.0.1568-5.17.1.s390x.rpm vim-small-8.0.1568-5.17.1.s390x.rpm gvim-8.0.1568-5.17.1.ppc64le.rpm vim-8.0.1568-5.17.1.ppc64le.rpm vim-small-8.0.1568-5.17.1.ppc64le.rpm gvim-8.0.1568-5.17.1.aarch64.rpm vim-8.0.1568-5.17.1.aarch64.rpm vim-small-8.0.1568-5.17.1.aarch64.rpm openSUSE-SLE-15.4-2022-1144 important SUSE Updates openSUSE-SLE 15.4 This feature update for yast2, yast2-country, yast2-installation, autoyast2, yast2-audit-laf, yast2-fcoe-client, yast2-schema fixes the following issues: autoyst2: - Properly handle the "dopackages" option in the openFile method of the AyastSetup module (bsc#1196566) - Avoid login while running AutoYaST init-scripts (bsc#1196594, bsc#1195059) - Add yast namespace to merge.xslt to fix CDATA handling (bsc#1195910) - Modified init-scripts service dependencies fixing a root login systemd timeout when installing with ssh (bsc#1195059) yast2: - Fixed refreshing old repositories during system upgrade (bsc#1196120, bsc#1190228) yast2-audit-laf: - Set the name of the auto client in the desktop file (bsc#1196590) yast2-country: - Fixed passing multiple arguments to "localectl set-locale" (bsc#1177863) yast2-fcoe-client: - Added AutoYaST schema (bsc#1194895) yast2-installation: - Do not stop xvnc.socket but run the YaST2-Second-Stage and YaST2-Firsboot services before it in order to prevent early vnc connections (bsc#1197265) - Run the YaST2-Second-Stage and YaST2-Firsboot services after purge-kernels to prevent a zypper lock error message (bsc#1196431) - Prevent getty auto-generation because it makes xvnc fail when it is started in YaST second stage (bsc#1196614) - Avoid terminal login prompt when running Second Stage service (bsc#1196594, bsc#1195059) - Modified Second Stage service dependencies fixing a root login systemd timeout when installing with ssh (bsc#1195059) - Do not create a Btrfs snapshot at the end of the installation or upgrade when the root filesystem is mounted as read-only (jsc#SLE-22582, jsc#SLE-22560) yast2-packager: - Ensure that the file handling repositories metadata is properly closed to avoid conflicts and installation errors (bsc#1196061) yast2-schema: -Added fcoe-client schema (bsc#1194895) yast2-schema-4.3.28-150300.3.12.1.src.rpm yast2-schema-4.3.28-150300.3.12.1.x86_64.rpm yast2-schema-4.3.28-150300.3.12.1.s390x.rpm yast2-schema-4.3.28-150300.3.12.1.ppc64le.rpm yast2-schema-4.3.28-150300.3.12.1.aarch64.rpm openSUSE-SLE-15.4-2022-658 moderate SUSE Updates openSUSE-SLE 15.4 This update for mysql-connector-java fixes the following issues: - CVE-2021-2471: Fixed unauthorized access to critical data or complete access to all MySQL Connectors (bsc#1195557). mysql-connector-java-5.1.47-3.6.1.noarch.rpm mysql-connector-java-5.1.47-3.6.1.src.rpm openSUSE-SLE-15.4-2022-911 moderate SUSE Updates openSUSE-SLE 15.4 This feature update for libbluray fixes the following issues: Update to version 1.3.0 (jsc#SLE-23838): - Remove unused dependencies from pkgconfig(libbluray) - Enable build against java-devel >= 10. - Add functions to list and read BD-ROM files. - Add initial support for .fmts files. - Add initial support for OpenJDK 11. - Add initial support for UHD disc BD-J menus. - Add support for AWT mouse events (BD-J). - Add support for compiling .jar file with Java 9+ compiler. - Add support for separate key pressed / typed / released user input events. - Enable playback without menus when index.bdmv is missing. - Fix JVM bootstrap issues with some Java 9 versions. - Fix build with Java 1.6. - Fix build with OpenJDK 12 / 13. - Fix creating organization and disc specific BD-J BUDA directories. - Fix memory leak - Fix loading classes with Windows Java 8. - Fix loading libmmbd in Windows 64-bit. - Fix long delay in "Evangelion, You are (not) alone" menu. - Fix mark triggering when multiple marks are passed during single read(). - Fix playback of discs without normal titles (only TopMenu / FirstPlay title). - Fix playback of some broken BD-J discs. - Fix polygon-based BD-J graphics primitives. - Fix reading resources indirectly from mounted .jar file. - Fix resetting user-selected streams when playing without menus. - Fix seek bar pop-up at chapter boundary with some discs. - Fix sign extended bytes when reading single bytes in BDJ. - Fix stack overflow when using Java9+ with debugger connection. - Improve BD-J compability. - Improve JVM and .jar file probing. - Improve Java 8+ compability. - Improve UHD metadata support. - Improve error resilience and stability. - Improve main title selection. - Improve missing/broken playlist handling. - Improve portability. - Move AWT classes to separate .jar file. - Rename list_titles to bd_list_titles and add it to installed programs. - Update libudfread submodule repository URL. - Use external libudfread when available. libbluray-1.3.0-150300.10.3.1.src.rpm libbluray-bdj-1.3.0-150300.10.3.1.noarch.rpm libbluray-devel-1.3.0-150300.10.3.1.x86_64.rpm libbluray-tools-1.3.0-150300.10.3.1.x86_64.rpm libbluray2-1.3.0-150300.10.3.1.x86_64.rpm libbluray2-32bit-1.3.0-150300.10.3.1.x86_64.rpm libbluray-devel-1.3.0-150300.10.3.1.s390x.rpm libbluray-tools-1.3.0-150300.10.3.1.s390x.rpm libbluray2-1.3.0-150300.10.3.1.s390x.rpm libbluray-devel-1.3.0-150300.10.3.1.ppc64le.rpm libbluray-tools-1.3.0-150300.10.3.1.ppc64le.rpm libbluray2-1.3.0-150300.10.3.1.ppc64le.rpm libbluray-devel-1.3.0-150300.10.3.1.aarch64.rpm libbluray-tools-1.3.0-150300.10.3.1.aarch64.rpm libbluray2-1.3.0-150300.10.3.1.aarch64.rpm openSUSE-SLE-15.4-2022-772 moderate SUSE Updates openSUSE-SLE 15.4 This update for icewm-theme-branding fixes the following issues: - Fix font configuration after google-droid-fonts update (bsc#1195328 bsc#1196336) icewm-theme-branding-1.2.5-150300.5.3.1.noarch.rpm icewm-theme-branding-1.2.5-150300.5.3.1.src.rpm openSUSE-SLE-15.4-2022-864 important SUSE Updates openSUSE-SLE 15.4 This update for SAPHanaSR fixes the following issues: - Add systemd support for the resource agent to interact with the new SAP unit files for sapstartsrv. As the new version of the SAP Startup Framework will use systemd unit files to control the sapstartsrv process instead of the previous used SysV init script, the handling of sapstartsrv inside the resource agents is adapted to support both ways. (bsc#1189530, bsc#1189531) - The resource start and stop timeout is now configurable by increasing the timeout for the action 'start' and/or 'stop'. 95% of this action timeouts will be used to calculate the new resource start and stop timeout for the 'WaitforStarted' and 'WaitforStopped' functions. If the new, calculated timeout value is less than '3600', it will be set to '3600', so that we do not decrease this timeout by accident. (bsc#1182545) - Change promotion scoring during maintenance procedure to prevent that both sides have an equal promotion scoring after refresh which might result in a critical promotion of the secondary. (bsc#1174557) - Update of man page SAPHanaSR.py.7 - correct the supported HANA version (bsc#1182201) - If the $hdbState command fails to retrieve the current state of the System Replication, the resource agent now uses the system_replication/actual_mode attribute (if available) from the global.ini file as a fallback. This should prevent some confusing and misleading log messages during a takeover and solves the problem of a not working takeover back (after a successful first takeover) (bsc#1181765) - Add dedicated logging of HANA_CALL problems. It is now possible to identify if the called `hana` command or the needed `su` command throws the error, and for further hints it logs the stderr output. Additionally it is possible to get regular log messages for the used commands, their return code and their stderr output by enabling the 'debug' mode of the resource agents (bsc#1182774) SAPHanaSR-0.155.0-4.17.1.noarch.rpm SAPHanaSR-0.155.0-4.17.1.src.rpm SAPHanaSR-doc-0.155.0-4.17.1.noarch.rpm openSUSE-SLE-15.4-2022-735 important SUSE Updates openSUSE-SLE 15.4 This update for zsh fixes the following issues: - CVE-2021-45444: Fixed a vulnerability where arbitrary shell commands could be executed related to prompt expansion (bsc#1196435). - CVE-2019-20044: Fixed a vulnerability where shell privileges would not be properly dropped when unsetting the PRIVILEGED option (bsc#1163882). zsh-5.6-7.5.1.src.rpm zsh-5.6-7.5.1.x86_64.rpm zsh-htmldoc-5.6-7.5.1.x86_64.rpm zsh-5.6-7.5.1.s390x.rpm zsh-htmldoc-5.6-7.5.1.s390x.rpm zsh-5.6-7.5.1.ppc64le.rpm zsh-htmldoc-5.6-7.5.1.ppc64le.rpm zsh-5.6-7.5.1.aarch64.rpm zsh-htmldoc-5.6-7.5.1.aarch64.rpm openSUSE-SLE-15.4-2022-1273 important SUSE Updates openSUSE-SLE 15.4 This update for SDL fixes the following issues: - CVE-2020-14409: Fixed an integer overflow (and resultant SDL_memcpy heap corruption) in SDL_BlitCopy in video/SDL_blit_copy.c. (bsc#1181202) - CVE-2020-14410: Fixed a heap-based buffer over-read in Blit_3or4_to_3or4__inversed_rgb in video/SDL_blit_N.c. (bsc#1181201) - CVE-2021-33657: Fixed a Heap overflow problem in video/SDL_pixels.c. (bsc#1198001) SDL-1.2.15-150000.3.19.1.src.rpm libSDL-1_2-0-1.2.15-150000.3.19.1.x86_64.rpm libSDL-1_2-0-32bit-1.2.15-150000.3.19.1.x86_64.rpm libSDL-devel-1.2.15-150000.3.19.1.x86_64.rpm libSDL-devel-32bit-1.2.15-150000.3.19.1.x86_64.rpm libSDL-1_2-0-1.2.15-150000.3.19.1.s390x.rpm libSDL-devel-1.2.15-150000.3.19.1.s390x.rpm libSDL-1_2-0-1.2.15-150000.3.19.1.ppc64le.rpm libSDL-devel-1.2.15-150000.3.19.1.ppc64le.rpm libSDL-1_2-0-1.2.15-150000.3.19.1.aarch64.rpm libSDL-devel-1.2.15-150000.3.19.1.aarch64.rpm openSUSE-SLE-15.4-2022-915 moderate SUSE Updates openSUSE-SLE 15.4 This update for lapack fixes the following issues: - CVE-2021-4048: Fixed an out of bounds read when user input was not validated properly (bsc#1193562). blas-devel-3.5.0-4.6.1.x86_64.rpm blas-devel-32bit-3.5.0-4.6.1.x86_64.rpm blas-devel-static-3.5.0-4.6.1.x86_64.rpm blas-man-3.5.0-4.6.1.noarch.rpm lapack-3.5.0-4.6.1.src.rpm lapack-devel-3.5.0-4.6.1.x86_64.rpm lapack-devel-32bit-3.5.0-4.6.1.x86_64.rpm lapack-devel-static-3.5.0-4.6.1.x86_64.rpm lapack-man-3.5.0-4.6.1.noarch.rpm lapack-man-3.5.0-4.6.1.src.rpm lapacke-devel-3.5.0-4.6.1.x86_64.rpm lapacke-devel-32bit-3.5.0-4.6.1.x86_64.rpm lapacke-devel-static-3.5.0-4.6.1.x86_64.rpm libblas3-3.5.0-4.6.1.x86_64.rpm libblas3-32bit-3.5.0-4.6.1.x86_64.rpm liblapack3-3.5.0-4.6.1.x86_64.rpm liblapack3-32bit-3.5.0-4.6.1.x86_64.rpm liblapacke3-3.5.0-4.6.1.x86_64.rpm liblapacke3-32bit-3.5.0-4.6.1.x86_64.rpm blas-devel-3.5.0-4.6.1.s390x.rpm blas-devel-static-3.5.0-4.6.1.s390x.rpm lapack-devel-3.5.0-4.6.1.s390x.rpm lapack-devel-static-3.5.0-4.6.1.s390x.rpm lapacke-devel-3.5.0-4.6.1.s390x.rpm lapacke-devel-static-3.5.0-4.6.1.s390x.rpm libblas3-3.5.0-4.6.1.s390x.rpm liblapack3-3.5.0-4.6.1.s390x.rpm liblapacke3-3.5.0-4.6.1.s390x.rpm blas-devel-3.5.0-4.6.1.ppc64le.rpm blas-devel-static-3.5.0-4.6.1.ppc64le.rpm lapack-devel-3.5.0-4.6.1.ppc64le.rpm lapack-devel-static-3.5.0-4.6.1.ppc64le.rpm lapacke-devel-3.5.0-4.6.1.ppc64le.rpm lapacke-devel-static-3.5.0-4.6.1.ppc64le.rpm libblas3-3.5.0-4.6.1.ppc64le.rpm liblapack3-3.5.0-4.6.1.ppc64le.rpm liblapacke3-3.5.0-4.6.1.ppc64le.rpm blas-devel-3.5.0-4.6.1.aarch64.rpm blas-devel-static-3.5.0-4.6.1.aarch64.rpm lapack-devel-3.5.0-4.6.1.aarch64.rpm lapack-devel-static-3.5.0-4.6.1.aarch64.rpm lapacke-devel-3.5.0-4.6.1.aarch64.rpm lapacke-devel-static-3.5.0-4.6.1.aarch64.rpm libblas3-3.5.0-4.6.1.aarch64.rpm liblapack3-3.5.0-4.6.1.aarch64.rpm liblapacke3-3.5.0-4.6.1.aarch64.rpm openSUSE-SLE-15.4-2022-682 important SUSE Updates openSUSE-SLE 15.4 This update for supportutils-plugin-suse-public-cloud fixes the following issues: - Update to version 1.0.6 (bsc#1195095, bsc#1195096) - Include cloud-init logs whenever they are present - Update the packages we track in AWS, Azure, and Google - Include the ecs logs for AWS ECS instances supportutils-plugin-suse-public-cloud-1.0.6-3.9.1.noarch.rpm supportutils-plugin-suse-public-cloud-1.0.6-3.9.1.src.rpm openSUSE-SLE-15.4-2022-802 important SUSE Updates openSUSE-SLE 15.4 This update for python-libxml2-python fixes the following issues: - CVE-2022-23308: Fixed a use-after-free of ID and IDREF attributes (bsc#1196490). python-libxml2-python-2.9.7-3.40.1.src.rpm python2-libxml2-python-2.9.7-3.40.1.x86_64.rpm python3-libxml2-python-2.9.7-3.40.1.x86_64.rpm python2-libxml2-python-2.9.7-3.40.1.s390x.rpm python3-libxml2-python-2.9.7-3.40.1.s390x.rpm python2-libxml2-python-2.9.7-3.40.1.ppc64le.rpm python3-libxml2-python-2.9.7-3.40.1.ppc64le.rpm python2-libxml2-python-2.9.7-3.40.1.aarch64.rpm python3-libxml2-python-2.9.7-3.40.1.aarch64.rpm openSUSE-SLE-15.4-2022-768 important SUSE Updates openSUSE-SLE 15.4 The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. Transient execution side-channel attacks attacking the Branch History Buffer (BHB), named "Branch Target Injection" and "Intra-Mode Branch History Injection" are now mitigated. The following security bugs were fixed: - CVE-2022-0001: Fixed Branch History Injection vulnerability (bsc#1191580). - CVE-2022-0002: Fixed Intra-Mode Branch Target Injection vulnerability (bsc#1191580). - CVE-2022-0847: Fixed a vulnerability were a local attackers could overwrite data in arbitrary (read-only) files (bsc#1196584). - CVE-2022-0617: Fixed a null pointer dereference in UDF file system functionality. A local user could crash the system by triggering udf_file_write_iter() via a malicious UDF image. (bsc#1196079) - CVE-2022-0644: Fixed a denial of service by a local user. A assertion failure could be triggered in kernel_read_file_from_fd() (bsc#1196155). - CVE-2021-44879: In gc_data_segment() in fs/f2fs/gc.c, special files were not considered, which lead to a move_data_page NULL pointer dereference (bsc#1195987). - CVE-2022-24959: Fixed a memory leak in yam_siocdevprivate() in drivers/net/hamradio/yam.c (bsc#1195897). - CVE-2022-0487: A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove() in drivers/memstick/host/rtsx_usb_ms.c (bsc#1194516). - CVE-2022-0492: Fixed a privilege escalation related to cgroups v1 release_agent feature, which allowed bypassing namespace isolation unexpectedly (bsc#1195543). - CVE-2022-24448: Fixed an issue in fs/nfs/dir.c. If an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should have occured, but the server instead returned uninitialized data in the file descriptor (bsc#1195612). The following non-security bugs were fixed: - crypto: af_alg - get_page upon reassignment to TX SGL (bsc#1195840). - lib/iov_iter: initialize "flags" in new pipe_buffer (bsc#1196584). kernel-debug-4.12.14-197.108.1.nosrc.rpm True kernel-debug-base-4.12.14-197.108.1.x86_64.rpm True kernel-default-4.12.14-197.108.1.nosrc.rpm True kernel-kvmsmall-4.12.14-197.108.1.nosrc.rpm True kernel-kvmsmall-base-4.12.14-197.108.1.x86_64.rpm True kernel-vanilla-4.12.14-197.108.1.nosrc.rpm True kernel-vanilla-4.12.14-197.108.1.x86_64.rpm True kernel-vanilla-base-4.12.14-197.108.1.x86_64.rpm True kernel-vanilla-devel-4.12.14-197.108.1.x86_64.rpm True kernel-vanilla-livepatch-devel-4.12.14-197.108.1.x86_64.rpm True kernel-default-man-4.12.14-197.108.1.s390x.rpm True kernel-vanilla-4.12.14-197.108.1.s390x.rpm True kernel-vanilla-base-4.12.14-197.108.1.s390x.rpm True kernel-vanilla-devel-4.12.14-197.108.1.s390x.rpm True kernel-vanilla-livepatch-devel-4.12.14-197.108.1.s390x.rpm True kernel-zfcpdump-4.12.14-197.108.1.nosrc.rpm True kernel-zfcpdump-man-4.12.14-197.108.1.s390x.rpm True kernel-debug-base-4.12.14-197.108.1.ppc64le.rpm True kernel-vanilla-4.12.14-197.108.1.ppc64le.rpm True kernel-vanilla-base-4.12.14-197.108.1.ppc64le.rpm True kernel-vanilla-devel-4.12.14-197.108.1.ppc64le.rpm True kernel-vanilla-livepatch-devel-4.12.14-197.108.1.ppc64le.rpm True kernel-vanilla-4.12.14-197.108.1.aarch64.rpm True kernel-vanilla-base-4.12.14-197.108.1.aarch64.rpm True kernel-vanilla-devel-4.12.14-197.108.1.aarch64.rpm True kernel-vanilla-livepatch-devel-4.12.14-197.108.1.aarch64.rpm True openSUSE-SLE-15.4-2022-720 moderate SUSE Updates openSUSE-SLE 15.4 This update for containerd fixes the following issues: - CVE-2022-23648: A specially-crafted image configuration could gain access to read-only copies of arbitrary files and directories on the host (bsc#1196441). containerd-1.4.12-63.1.src.rpm containerd-1.4.12-63.1.x86_64.rpm containerd-ctr-1.4.12-63.1.x86_64.rpm containerd-1.4.12-63.1.s390x.rpm containerd-ctr-1.4.12-63.1.s390x.rpm containerd-1.4.12-63.1.ppc64le.rpm containerd-ctr-1.4.12-63.1.ppc64le.rpm containerd-1.4.12-63.1.aarch64.rpm containerd-ctr-1.4.12-63.1.aarch64.rpm openSUSE-SLE-15.4-2022-1208 moderate SUSE Updates openSUSE-SLE 15.4 This update for vncmanager fixes the following issues: - Consider different pixel format depths on Tight Encoding. TightPixel was considering only pixels defined with 3 bytes. (bsc#1189247) - Fix tight decoder with 888 pixel encodings. (bsc#1169732, bsc#1171344) - Fix PixelFormat::ntoh() and PixelFormat::hton(). (bsc#1169732, bsc#1171344) - Fix tight compression decoder on big-endian systems. (bsc#1171344) vncmanager-1.0.2-150000.4.9.3.src.rpm vncmanager-1.0.2-150000.4.9.3.x86_64.rpm vncmanager-1.0.2-150000.4.9.3.s390x.rpm vncmanager-1.0.2-150000.4.9.3.ppc64le.rpm vncmanager-1.0.2-150000.4.9.3.aarch64.rpm openSUSE-SLE-15.4-2022-815 moderate SUSE Updates openSUSE-SLE 15.4 This update for flac fixes the following issues: - CVE-2021-0561: Fixed out of bound write in append_to_verify_fifo_interleaved_ (bsc#1196660). flac-1.3.2-3.9.1.src.rpm flac-1.3.2-3.9.1.x86_64.rpm flac-devel-1.3.2-3.9.1.x86_64.rpm flac-devel-32bit-1.3.2-3.9.1.x86_64.rpm flac-doc-1.3.2-3.9.1.noarch.rpm libFLAC++6-1.3.2-3.9.1.x86_64.rpm libFLAC++6-32bit-1.3.2-3.9.1.x86_64.rpm libFLAC8-1.3.2-3.9.1.x86_64.rpm libFLAC8-32bit-1.3.2-3.9.1.x86_64.rpm flac-1.3.2-3.9.1.s390x.rpm flac-devel-1.3.2-3.9.1.s390x.rpm libFLAC++6-1.3.2-3.9.1.s390x.rpm libFLAC8-1.3.2-3.9.1.s390x.rpm flac-1.3.2-3.9.1.ppc64le.rpm flac-devel-1.3.2-3.9.1.ppc64le.rpm libFLAC++6-1.3.2-3.9.1.ppc64le.rpm libFLAC8-1.3.2-3.9.1.ppc64le.rpm flac-1.3.2-3.9.1.aarch64.rpm flac-devel-1.3.2-3.9.1.aarch64.rpm libFLAC++6-1.3.2-3.9.1.aarch64.rpm libFLAC8-1.3.2-3.9.1.aarch64.rpm openSUSE-SLE-15.4-2022-760 important SUSE Updates openSUSE-SLE 15.4 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. Transient execution side-channel attacks attacking the Branch History Buffer (BHB), named "Branch Target Injection" and "Intra-Mode Branch History Injection" are now mitigated. The following security bugs were fixed: - CVE-2022-0001: Fixed Branch History Injection vulnerability (bsc#1191580). - CVE-2022-0002: Fixed Intra-Mode Branch Target Injection vulnerability (bsc#1191580). - CVE-2022-0847: Fixed a vulnerability were a local attackers could overwrite data in arbitrary (read-only) files (bsc#1196584). - CVE-2022-25375: The RNDIS USB gadget lacks validation of the size of the RNDIS_MSG_SET command. Attackers can obtain sensitive information from kernel memory (bnc#1196235 ). - CVE-2022-0492: Fixed a privilege escalation related to cgroups v1 release_agent feature, which allowed bypassing namespace isolation unexpectedly (bsc#1195543). - CVE-2022-0516: Fixed missing check in ioctl related to KVM in s390 allows kernel memory read/write (bsc#1195516). The following non-security bugs were fixed: - ACPI/IORT: Check node revision for PMCG resources (git-fixes). - ALSA: hda/realtek: Add missing fixup-model entry for Gigabyte X570 ALC1220 quirks (git-fixes). - ALSA: hda/realtek: Add quirk for ASUS GU603 (git-fixes). - ALSA: hda/realtek: Fix silent output on Gigabyte X570 Aorus Xtreme after reboot from Windows (git-fixes). - ALSA: hda/realtek: Fix silent output on Gigabyte X570S Aorus Master (newer chipset) (git-fixes). - ALSA: hda: Fix missing codec probe on Shenker Dock 15 (git-fixes). - ALSA: hda: Fix regression on forced probe mask option (git-fixes). - ASoC: Revert "ASoC: mediatek: Check for error clk pointer" (git-fixes). - ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw() (git-fixes). - ASoC: ops: Fix stereo change notifications in snd_soc_put_volsw_range() (git-fixes). - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw() (git-fixes). - ASoC: ops: Reject out of bounds values in snd_soc_put_volsw_sx() (git-fixes). - ASoC: ops: Reject out of bounds values in snd_soc_put_xr_sx() (git-fixes). - Align s390 NVME target options with other architectures (bsc#1188404, jsc#SLE-22494). - Drop PCI xgene patch that caused a regression for mxl4 (bsc#1195352) - EDAC/xgene: Fix deferred probing (bsc#1178134). - HID:Add support for UGTABLET WP5540 (git-fixes). - IB/cma: Do not send IGMP leaves for sendonly Multicast groups (git-fixes). - IB/hfi1: Fix AIP early init panic (jsc#SLE-13208). - KVM: remember position in kvm->vcpus array (bsc#1190972 LTC#194674). - NFSD: Fix the behavior of READ near OFFSET_MAX (bsc#1195957). - PM: hibernate: Remove register_nosave_region_late() (git-fixes). - PM: s2idle: ACPI: Fix wakeup interrupts handling (git-fixes). - RDMA/cma: Use correct address when leaving multicast group (bsc#1181147). - RDMA/core: Always release restrack object (git-fixes) - RDMA/cxgb4: check for ipv6 address properly while destroying listener (git-fixes) - RDMA/siw: Release xarray entry (git-fixes) - RDMA/ucma: Protect mc during concurrent multicast leaves (bsc#1181147). - USB: serial: ch341: add support for GW Instek USB2.0-Serial devices (git-fixes). - USB: serial: cp210x: add CPI Bulk Coin Recycler id (git-fixes). - USB: serial: cp210x: add NCR Retail IO box id (git-fixes). - USB: serial: ftdi_sio: add support for Brainboxes US-159/235/320 (git-fixes). - USB: serial: mos7840: remove duplicated 0xac24 device ID (git-fixes). - USB: serial: option: add ZTE MF286D modem (git-fixes). - ata: libata-core: Disable TRIM on M88V29 (git-fixes). - ax25: improve the incomplete fix to avoid UAF and NPD bugs (git-fixes). - blk-mq: always allow reserved allocation in hctx_may_queue (bsc#1193787). - blk-mq: avoid to iterate over stale request (bsc#1193787). - blk-mq: clear stale request in tags->rq before freeing one request pool (bsc#1193787). - blk-mq: clearing flush request reference in tags->rqs (bsc#1193787). - blk-mq: do not grab rq's refcount in blk_mq_check_expired() (bsc#1193787 git-fixes). - blk-mq: fix is_flush_rq (bsc#1193787 git-fixes). - blk-mq: fix kernel panic during iterating over flush request (bsc#1193787 git-fixes). - blk-mq: grab rq->refcount before calling ->fn in blk_mq_tagset_busy_iter (bsc#1193787). - blk-mq: mark flush request as IDLE in flush_end_io() (bsc#1193787). - blk-tag: Hide spin_lock (bsc#1193787). - block: avoid double io accounting for flush request (bsc#1193787). - block: do not send a rezise udev event for hidden block device (bsc#1193096). - block: mark flush request as IDLE when it is really finished (bsc#1193787). - bonding: pair enable_port with slave_arr_updates (git-fixes). - bpf: Adjust BTF log size limit (git-fixes). - bpf: Disallow BPF_LOG_KERNEL log level for bpf(BPF_BTF_LOAD) (git-fixes). - btrfs: check for missing device in btrfs_trim_fs (bsc#1195701). - btrfs: check worker before need_preemptive_reclaim (bsc#1196195). - btrfs: do not do preemptive flushing if the majority is global rsv (bsc#1196195). - btrfs: do not include the global rsv size in the preemptive used amount (bsc#1196195). - btrfs: handle preemptive delalloc flushing slightly differently (bsc#1196195). - btrfs: make sure SB_I_VERSION does not get unset by remount (bsc#1192210). - btrfs: only clamp the first time we have to start flushing (bsc#1196195). - btrfs: only ignore delalloc if delalloc is much smaller than ordered (bsc#1196195). - btrfs: reduce the preemptive flushing threshold to 90% (bsc#1196195). - btrfs: take into account global rsv in need_preemptive_reclaim (bsc#1196195). - btrfs: use the global rsv size in the preemptive thresh calculation (bsc#1196195). - ceph: properly put ceph_string reference after async create attempt (bsc#1195798). - ceph: set pool_ns in new inode layout for async creates (bsc#1195799). - drm/amdgpu: fix logic inversion in check (git-fixes). - drm/i915/gvt: Make DRM_I915_GVT depend on X86 (git-fixes). - drm/i915/gvt: clean up kernel-doc in gtt.c (git-fixes). - drm/i915/opregion: check port number bounds for SWSCI display power state (git-fixes). - drm/i915: Correctly populate use_sagv_wm for all pipes (git-fixes). - drm/i915: Fix bw atomic check when switching between SAGV vs. no SAGV (git-fixes). - drm/panel: simple: Assign data from panel_dpi_probe() correctly (git-fixes). - drm/radeon: Fix backlight control on iMac 12,1 (git-fixes). - drm/rockchip: dw_hdmi: Do not leave clock enabled in error case (git-fixes). - drm/rockchip: vop: Correct RK3399 VOP register fields (git-fixes). - drm/vc4: hdmi: Allow DBLCLK modes even if horz timing is odd (git-fixes). - drm: panel-orientation-quirks: Add quirk for the 1Netbook OneXPlayer (git-fixes). - ext4: check for inconsistent extents between index and leaf block (bsc#1194163 bsc#1196339). - ext4: check for out-of-order index extents in ext4_valid_extent_entries() (bsc#1194163 bsc#1196339). - ext4: prevent partial update of the extent blocks (bsc#1194163 bsc#1196339). - gve: Add RX context (bsc#1191655). - gve: Add a jumbo-frame device option (bsc#1191655). - gve: Add consumed counts to ethtool stats (bsc#1191655). - gve: Add optional metadata descriptor type GVE_TXD_MTD (bsc#1191655). - gve: Correct order of processing device options (bsc#1191655). - gve: Fix GFP flags when allocing pages (git-fixes). - gve: Fix off by one in gve_tx_timeout() (bsc#1191655). - gve: Implement packet continuation for RX (bsc#1191655). - gve: Implement suspend/resume/shutdown (bsc#1191655). - gve: Move the irq db indexes out of the ntfy block struct (bsc#1191655). - gve: Recording rx queue before sending to napi (bsc#1191655). - gve: Recover from queue stall due to missed IRQ (bsc#1191655). - gve: Update gve_free_queue_page_list signature (bsc#1191655). - gve: Use kvcalloc() instead of kvzalloc() (bsc#1191655). - gve: fix for null pointer dereference (bsc#1191655). - gve: fix the wrong AdminQ buffer queue index check (bsc#1176940). - gve: fix unmatched u64_stats_update_end() (bsc#1191655). - gve: remove memory barrier around seqno (bsc#1191655). - i2c: brcmstb: fix support for DSL and CM variants (git-fixes). - i40e: Fix for failed to init adminq while VF reset (git-fixes). - i40e: Fix issue when maximum queues is exceeded (git-fixes). - i40e: Fix queues reservation for XDP (git-fixes). - i40e: Increase delay to 1 s after global EMP reset (git-fixes). - i40e: fix unsigned stat widths (git-fixes). - ibmvnic: Allow queueing resets during probe (bsc#1196516 ltc#196391). - ibmvnic: clear fop when retrying probe (bsc#1196516 ltc#196391). - ibmvnic: complete init_done on transport events (bsc#1196516 ltc#196391). - ibmvnic: define flush_reset_queue helper (bsc#1196516 ltc#196391). - ibmvnic: do not release napi in __ibmvnic_open() (bsc#1195668 ltc#195811). - ibmvnic: free reset-work-item when flushing (bsc#1196516 ltc#196391). - ibmvnic: init init_done_rc earlier (bsc#1196516 ltc#196391). - ibmvnic: initialize rc before completing wait (bsc#1196516 ltc#196391). - ibmvnic: register netdev after init of adapter (bsc#1196516 ltc#196391). - ibmvnic: schedule failover only if vioctl fails (bsc#1196400 ltc#195815). - ice: fix IPIP and SIT TSO offload (git-fixes). - ice: fix an error code in ice_cfg_phy_fec() (jsc#SLE-12878). - ima: Allow template selection with ima_template[_fmt]= after ima_hash= (git-fixes). - ima: Do not print policy rule with inactive LSM labels (git-fixes). - ima: Remove ima_policy file before directory (git-fixes). - integrity: Make function integrity_add_key() static (git-fixes). - integrity: check the return value of audit_log_start() (git-fixes). - integrity: double check iint_cache was initialized (git-fixes). - iommu/amd: Fix loop timeout issue in iommu_ga_log_enable() (git-fixes). - iommu/amd: Remove useless irq affinity notifier (git-fixes). - iommu/amd: Restore GA log/tail pointer on host resume (git-fixes). - iommu/amd: X2apic mode: mask/unmask interrupts on suspend/resume (git-fixes). - iommu/amd: X2apic mode: re-enable after resume (git-fixes). - iommu/amd: X2apic mode: setup the INTX registers on mask/unmask (git-fixes). - iommu/io-pgtable-arm-v7s: Add error handle for page table allocation failure (git-fixes). - iommu/io-pgtable-arm: Fix table descriptor paddr formatting (git-fixes). - iommu/iova: Fix race between FQ timeout and teardown (git-fixes). - iommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping() (git-fixes). - iwlwifi: fix use-after-free (git-fixes). - iwlwifi: pcie: fix locking when "HW not ready" (git-fixes). - iwlwifi: pcie: gen2: fix locking when "HW not ready" (git-fixes). - ixgbevf: Require large buffers for build_skb on 82599VF (git-fixes). - kABI fixup after adding vcpu_idx to struct kvm_cpu (bsc#1190972 LTC#194674). - kABI: Fix kABI for AMD IOMMU driver (git-fixes). - kabi: Hide changes to s390/AP structures (jsc#SLE-20807). - lib/iov_iter: initialize "flags" in new pipe_buffer (bsc#1196584). - libsubcmd: Fix use-after-free for realloc(..., 0) (git-fixes). - md/raid5: fix oops during stripe resizing (bsc#1181588). - misc: fastrpc: avoid double fput() on failed usercopy (git-fixes). - mmc: sdhci-of-esdhc: Check for error num after setting mask (git-fixes). - mtd: rawnand: brcmnand: Fixed incorrect sub-page ECC status (git-fixes). - mtd: rawnand: gpmi: do not leak PM reference in error path (git-fixes). - mtd: rawnand: qcom: Fix clock sequencing in qcom_nandc_probe() (git-fixes). - net/ibmvnic: Cleanup workaround doing an EOI after partition migration (bsc#1089644 ltc#166495 ltc#165544 git-fixes). - net/mlx5e: Fix handling of wrong devices during bond netevent (jsc#SLE-15172). - net: macb: Align the dma and coherent dma masks (git-fixes). - net: mdio: aspeed: Add missing MODULE_DEVICE_TABLE (bsc#1176447). - net: phy: marvell: Fix MDI-x polarity setting in 88e1118-compatible PHYs (git-fixes). - net: phy: marvell: Fix RGMII Tx/Rx delays setting in 88e1121-compatible PHYs (git-fixes). - net: phy: marvell: configure RGMII delays for 88E1118 (git-fixes). - net: usb: qmi_wwan: Add support for Dell DW5829e (git-fixes). - nfp: flower: fix ida_idx not being released (bsc#1154353). - nfsd: allow delegation state ids to be revoked and then freed (bsc#1192483). - nfsd: allow lock state ids to be revoked and then freed (bsc#1192483). - nfsd: allow open state ids to be revoked and then freed (bsc#1192483). - nfsd: do not admin-revoke NSv4.0 state ids (bsc#1192483). - nfsd: prepare for supporting admin-revocation of state (bsc#1192483). - nvme-fabrics: fix state check in nvmf_ctlr_matches_baseopts() (bsc#1195012). - nvme: also mark passthrough-only namespaces ready in nvme_update_ns_info (git-fixes). - nvme: do not return an error from nvme_configure_metadata (git-fixes). - nvme: let namespace probing continue for unsupported features (git-fixes). - powerpc/64: Move paca allocation later in boot (bsc#1190812). - powerpc/64s: Fix debugfs_simple_attr.cocci warnings (bsc#1157038 bsc#1157923 ltc#182612 git-fixes). - powerpc/pseries/ddw: Revert "Extend upper limit for huge DMA window for persistent memory" (bsc#1195995 ltc#196394). - powerpc/pseries: read the lpar name from the firmware (bsc#1187716 ltc#193451). - powerpc: Set crashkernel offset to mid of RMA region (bsc#1190812). - powerpc: add link stack flush mitigation status in debugfs (bsc#1157038 bsc#1157923 ltc#182612 git-fixes). - s390/AP: support new dynamic AP bus size limit (jsc#SLE-20807). - s390/bpf: Fix 64-bit subtraction of the -0x80000000 constant (git-fixes). - s390/bpf: Fix optimizing out zero-extensions (git-fixes). - s390/cio: make ccw_device_dma_* more robust (bsc#1193243 LTC#195549). - s390/cio: verify the driver availability for path_event call (bsc#1195928 LTC#196418). - s390/cpumf: Support for CPU Measurement Facility CSVN 7 (bsc#1195081 LTC#196088). - s390/cpumf: Support for CPU Measurement Sampling Facility LS bit (bsc#1195081 LTC#196088). - s390/pci: add s390_iommu_aperture kernel parameter (bsc#1193233 LTC#195540). - s390/pci: move pseudo-MMIO to prevent MIO overlap (bsc#1194967 LTC#196028). - s390/protvirt: fix error return code in uv_info_init() (jsc#SLE-22135). - s390/sclp: fix Secure-IPL facility detection (bsc#1191741 LTC#194816). - s390/uv: add prot virt guest/host indication files (jsc#SLE-22135). - s390/uv: fix prot virt host indication compilation (jsc#SLE-22135). - scsi: core: Add a new error code DID_TRANSPORT_MARGINAL in scsi.h (bsc#1195506). - scsi: core: Add limitless cmd retry support (bsc#1195506). - scsi: core: No retries on abort success (bsc#1195506). - scsi: kABI fix for 'eh_should_retry_cmd' (bsc#1195506). - scsi: lpfc: Add support for eh_should_retry_cmd() (bsc#1195506). - scsi: lpfc: Fix pt2pt NVMe PRLI reject LOGO loop (bsc#1189126). - scsi: qla2xxx: Add devids and conditionals for 28xx (bsc#1195823). - scsi: qla2xxx: Add marginal path handling support (bsc#1195506). - scsi: qla2xxx: Add ql2xnvme_queues module param to configure number of NVMe queues (bsc#1195823). - scsi: qla2xxx: Add qla2x00_async_done() for async routines (bsc#1195823). - scsi: qla2xxx: Add retry for exec firmware (bsc#1195823). - scsi: qla2xxx: Check for firmware dump already collected (bsc#1195823). - scsi: qla2xxx: Fix T10 PI tag escape and IP guard options for 28XX adapters (bsc#1195823). - scsi: qla2xxx: Fix device reconnect in loop topology (bsc#1195823). - scsi: qla2xxx: Fix premature hw access after PCI error (bsc#1195823). - scsi: qla2xxx: Fix scheduling while atomic (bsc#1195823). - scsi: qla2xxx: Fix stuck session in gpdb (bsc#1195823). - scsi: qla2xxx: Fix unmap of already freed sgl (bsc#1195823). - scsi: qla2xxx: Fix warning for missing error code (bsc#1195823). - scsi: qla2xxx: Fix warning message due to adisc being flushed (bsc#1195823). - scsi: qla2xxx: Fix wrong FDMI data for 64G adapter (bsc#1195823). - scsi: qla2xxx: Implement ref count for SRB (bsc#1195823). - scsi: qla2xxx: Refactor asynchronous command initialization (bsc#1195823). - scsi: qla2xxx: Remove a declaration (bsc#1195823). - scsi: qla2xxx: Remove unused qla_sess_op_cmd_list from scsi_qla_host_t (bsc#1195823). - scsi: qla2xxx: Return -ENOMEM if kzalloc() fails (bsc#1195823). - scsi: qla2xxx: Suppress a kernel complaint in qla_create_qpair() (bsc#1195823). - scsi: qla2xxx: Update version to 10.02.07.200-k (bsc#1195823). - scsi: qla2xxx: Update version to 10.02.07.300-k (bsc#1195823). - scsi: qla2xxx: edif: Fix clang warning (bsc#1195823). - scsi: qla2xxx: edif: Fix inconsistent check of db_flags (bsc#1195823). - scsi: qla2xxx: edif: Reduce connection thrash (bsc#1195823). - scsi: qla2xxx: edif: Replace list_for_each_safe with list_for_each_entry_safe (bsc#1195823). - scsi: qla2xxx: edif: Tweak trace message (bsc#1195823). - scsi: scsi_transport_fc: Add a new rport state FC_PORTSTATE_MARGINAL (bsc#1195506). - scsi: scsi_transport_fc: Add store capability to rport port_state in sysfs (bsc#1195506). - scsi: target: iscsi: Fix cmd abort fabric stop race (bsc#1195286). - scsi: zfcp: Fix failed recovery on gone remote port with non-NPIV FCP devices (bsc#1195378 LTC#196244). - scsi_transport_fc: kabi fix blank out FC_PORTSTATE_MARGINAL (bsc#1195506). - staging/fbtft: Fix backlight (git-fixes). - staging: fbtft: Fix error path in fbtft_driver_module_init() (git-fixes). - tracing: Do not inc err_log entry count if entry allocation fails (git-fixes). - tracing: Dump stacktrace trigger to the corresponding instance (git-fixes). - tracing: Fix smatch warning for null glob in event_hist_trigger_parse() (git-fixes). - tracing: Have traceon and traceoff trigger honor the instance (git-fixes). - tracing: Propagate is_signed to expression (git-fixes). - usb: dwc2: Fix NULL qh in dwc2_queue_transaction (git-fixes). - usb: dwc2: gadget: do not try to disable ep0 in dwc2_hsotg_suspend (git-fixes). - usb: dwc3: do not set gadget->is_otg flag (git-fixes). - usb: dwc3: gadget: Prevent core from processing stale TRBs (git-fixes). - usb: f_fs: Fix use-after-free for epfile (git-fixes). - usb: gadget: f_uac2: Define specific wTerminalType (git-fixes). - usb: gadget: rndis: check size of RNDIS_MSG_SET command (git-fixes). - usb: gadget: s3c: remove unused 'udc' variable (git-fixes). - usb: gadget: udc: renesas_usb3: Fix host to USB_ROLE_NONE transition (git-fixes). - usb: host: ehci-tegra: Fix error handling in tegra_ehci_probe() (git-fixes). - usb: ulpi: Call of_node_put correctly (git-fixes). - usb: ulpi: Move of_node_put to ulpi_dev_release (git-fixes). cluster-md-kmp-preempt-5.3.18-150300.59.54.1.x86_64.rpm True dlm-kmp-preempt-5.3.18-150300.59.54.1.x86_64.rpm True gfs2-kmp-preempt-5.3.18-150300.59.54.1.x86_64.rpm True kernel-preempt-5.3.18-150300.59.54.1.nosrc.rpm True kernel-preempt-5.3.18-150300.59.54.1.x86_64.rpm True kernel-preempt-devel-5.3.18-150300.59.54.1.x86_64.rpm True kernel-preempt-extra-5.3.18-150300.59.54.1.x86_64.rpm True kernel-preempt-livepatch-devel-5.3.18-150300.59.54.1.x86_64.rpm True kernel-preempt-optional-5.3.18-150300.59.54.1.x86_64.rpm True kselftests-kmp-preempt-5.3.18-150300.59.54.1.x86_64.rpm True ocfs2-kmp-preempt-5.3.18-150300.59.54.1.x86_64.rpm True reiserfs-kmp-preempt-5.3.18-150300.59.54.1.x86_64.rpm True cluster-md-kmp-preempt-5.3.18-150300.59.54.1.aarch64.rpm True dlm-kmp-preempt-5.3.18-150300.59.54.1.aarch64.rpm True dtb-aarch64-5.3.18-150300.59.54.1.src.rpm True dtb-al-5.3.18-150300.59.54.1.aarch64.rpm True dtb-zte-5.3.18-150300.59.54.1.aarch64.rpm True gfs2-kmp-preempt-5.3.18-150300.59.54.1.aarch64.rpm True kernel-preempt-5.3.18-150300.59.54.1.aarch64.rpm True kernel-preempt-devel-5.3.18-150300.59.54.1.aarch64.rpm True kernel-preempt-extra-5.3.18-150300.59.54.1.aarch64.rpm True kernel-preempt-livepatch-devel-5.3.18-150300.59.54.1.aarch64.rpm True kernel-preempt-optional-5.3.18-150300.59.54.1.aarch64.rpm True kselftests-kmp-preempt-5.3.18-150300.59.54.1.aarch64.rpm True ocfs2-kmp-preempt-5.3.18-150300.59.54.1.aarch64.rpm True reiserfs-kmp-preempt-5.3.18-150300.59.54.1.aarch64.rpm True openSUSE-SLE-15.4-2022-1047 moderate SUSE Updates openSUSE-SLE 15.4 This update for pam fixes the following issues: - Define _pam_vendordir as the variable is needed by systemd and others. (bsc#1196093) - Between allocating the variable "ai" and free'ing them, there are two "return NO" were we don't free this variable. This patch inserts freaddrinfo() calls before the "return NO;"s. (bsc#1197024) pam-1.3.0-150000.6.55.3.src.rpm pam-1.3.0-150000.6.55.3.x86_64.rpm pam-32bit-1.3.0-150000.6.55.3.x86_64.rpm pam-devel-1.3.0-150000.6.55.3.x86_64.rpm pam-devel-32bit-1.3.0-150000.6.55.3.x86_64.rpm pam-doc-1.3.0-150000.6.55.3.noarch.rpm pam-extra-1.3.0-150000.6.55.3.x86_64.rpm pam-extra-32bit-1.3.0-150000.6.55.3.x86_64.rpm pam-1.3.0-150000.6.55.3.s390x.rpm pam-devel-1.3.0-150000.6.55.3.s390x.rpm pam-extra-1.3.0-150000.6.55.3.s390x.rpm pam-1.3.0-150000.6.55.3.ppc64le.rpm pam-devel-1.3.0-150000.6.55.3.ppc64le.rpm pam-extra-1.3.0-150000.6.55.3.ppc64le.rpm pam-1.3.0-150000.6.55.3.aarch64.rpm pam-devel-1.3.0-150000.6.55.3.aarch64.rpm pam-extra-1.3.0-150000.6.55.3.aarch64.rpm openSUSE-SLE-15.4-2022-886 moderate SUSE Updates openSUSE-SLE 15.4 This update for libreoffice fixes the following issues: Update to version 7.2.5.1 (jsc#SLE-18214): - CVE-2021-25636: Fixed an incorrect vadidation of digitally signed documents (bsc#1196456). libreoffice-7.2.5.1-150300.14.22.18.3.src.rpm libreoffice-7.2.5.1-150300.14.22.18.3.x86_64.rpm libreoffice-base-7.2.5.1-150300.14.22.18.3.x86_64.rpm libreoffice-base-drivers-postgresql-7.2.5.1-150300.14.22.18.3.x86_64.rpm libreoffice-branding-upstream-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-calc-7.2.5.1-150300.14.22.18.3.x86_64.rpm libreoffice-calc-extensions-7.2.5.1-150300.14.22.18.3.x86_64.rpm libreoffice-draw-7.2.5.1-150300.14.22.18.3.x86_64.rpm libreoffice-filters-optional-7.2.5.1-150300.14.22.18.3.x86_64.rpm libreoffice-gdb-pretty-printers-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-glade-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-gnome-7.2.5.1-150300.14.22.18.3.x86_64.rpm libreoffice-gtk3-7.2.5.1-150300.14.22.18.3.x86_64.rpm libreoffice-icon-themes-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-impress-7.2.5.1-150300.14.22.18.3.x86_64.rpm libreoffice-l10n-af-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-am-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-ar-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-as-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-ast-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-be-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-bg-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-bn-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-bn_IN-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-bo-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-br-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-brx-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-bs-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-ca-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-ca_valencia-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-ckb-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-cs-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-cy-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-da-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-de-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-dgo-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-dsb-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-dz-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-el-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-en-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-en_GB-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-en_ZA-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-eo-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-es-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-et-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-eu-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-fa-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-fi-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-fr-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-fur-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-fy-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-ga-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-gd-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-gl-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-gu-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-gug-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-he-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-hi-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-hr-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-hsb-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-hu-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-id-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-is-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-it-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-ja-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-ka-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-kab-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-kk-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-km-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-kmr_Latn-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-kn-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-ko-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-kok-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-ks-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-lb-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-lo-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-lt-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-lv-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-mai-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-mk-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-ml-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-mn-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-mni-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-mr-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-my-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-nb-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-ne-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-nl-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-nn-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-nr-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-nso-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-oc-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-om-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-or-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-pa-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-pl-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-pt_BR-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-pt_PT-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-ro-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-ru-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-rw-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-sa_IN-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-sat-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-sd-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-si-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-sid-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-sk-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-sl-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-sq-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-sr-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-ss-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-st-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-sv-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-sw_TZ-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-szl-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-ta-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-te-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-tg-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-th-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-tn-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-tr-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-ts-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-tt-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-ug-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-uk-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-uz-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-ve-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-vec-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-vi-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-xh-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-zh_CN-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-zh_TW-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-l10n-zu-7.2.5.1-150300.14.22.18.3.noarch.rpm libreoffice-librelogo-7.2.5.1-150300.14.22.18.3.x86_64.rpm libreoffice-mailmerge-7.2.5.1-150300.14.22.18.3.x86_64.rpm libreoffice-math-7.2.5.1-150300.14.22.18.3.x86_64.rpm libreoffice-officebean-7.2.5.1-150300.14.22.18.3.x86_64.rpm libreoffice-pyuno-7.2.5.1-150300.14.22.18.3.x86_64.rpm libreoffice-qt5-7.2.5.1-150300.14.22.18.3.x86_64.rpm libreoffice-sdk-7.2.5.1-150300.14.22.18.3.x86_64.rpm libreoffice-sdk-doc-7.2.5.1-150300.14.22.18.3.x86_64.rpm libreoffice-writer-7.2.5.1-150300.14.22.18.3.x86_64.rpm libreoffice-writer-extensions-7.2.5.1-150300.14.22.18.3.x86_64.rpm libreofficekit-7.2.5.1-150300.14.22.18.3.x86_64.rpm libreofficekit-devel-7.2.5.1-150300.14.22.18.3.x86_64.rpm libreoffice-7.2.5.1-150300.14.22.18.3.ppc64le.rpm libreoffice-base-7.2.5.1-150300.14.22.18.3.ppc64le.rpm libreoffice-base-drivers-postgresql-7.2.5.1-150300.14.22.18.3.ppc64le.rpm libreoffice-calc-7.2.5.1-150300.14.22.18.3.ppc64le.rpm libreoffice-calc-extensions-7.2.5.1-150300.14.22.18.3.ppc64le.rpm libreoffice-draw-7.2.5.1-150300.14.22.18.3.ppc64le.rpm libreoffice-filters-optional-7.2.5.1-150300.14.22.18.3.ppc64le.rpm libreoffice-gnome-7.2.5.1-150300.14.22.18.3.ppc64le.rpm libreoffice-gtk3-7.2.5.1-150300.14.22.18.3.ppc64le.rpm libreoffice-impress-7.2.5.1-150300.14.22.18.3.ppc64le.rpm libreoffice-librelogo-7.2.5.1-150300.14.22.18.3.ppc64le.rpm libreoffice-mailmerge-7.2.5.1-150300.14.22.18.3.ppc64le.rpm libreoffice-math-7.2.5.1-150300.14.22.18.3.ppc64le.rpm libreoffice-officebean-7.2.5.1-150300.14.22.18.3.ppc64le.rpm libreoffice-pyuno-7.2.5.1-150300.14.22.18.3.ppc64le.rpm libreoffice-qt5-7.2.5.1-150300.14.22.18.3.ppc64le.rpm libreoffice-sdk-7.2.5.1-150300.14.22.18.3.ppc64le.rpm libreoffice-sdk-doc-7.2.5.1-150300.14.22.18.3.ppc64le.rpm libreoffice-writer-7.2.5.1-150300.14.22.18.3.ppc64le.rpm libreoffice-writer-extensions-7.2.5.1-150300.14.22.18.3.ppc64le.rpm libreofficekit-7.2.5.1-150300.14.22.18.3.ppc64le.rpm libreofficekit-devel-7.2.5.1-150300.14.22.18.3.ppc64le.rpm libreoffice-7.2.5.1-150300.14.22.18.3.aarch64.rpm libreoffice-base-7.2.5.1-150300.14.22.18.3.aarch64.rpm libreoffice-base-drivers-postgresql-7.2.5.1-150300.14.22.18.3.aarch64.rpm libreoffice-calc-7.2.5.1-150300.14.22.18.3.aarch64.rpm libreoffice-calc-extensions-7.2.5.1-150300.14.22.18.3.aarch64.rpm libreoffice-draw-7.2.5.1-150300.14.22.18.3.aarch64.rpm libreoffice-filters-optional-7.2.5.1-150300.14.22.18.3.aarch64.rpm libreoffice-gnome-7.2.5.1-150300.14.22.18.3.aarch64.rpm libreoffice-gtk3-7.2.5.1-150300.14.22.18.3.aarch64.rpm libreoffice-impress-7.2.5.1-150300.14.22.18.3.aarch64.rpm libreoffice-librelogo-7.2.5.1-150300.14.22.18.3.aarch64.rpm libreoffice-mailmerge-7.2.5.1-150300.14.22.18.3.aarch64.rpm libreoffice-math-7.2.5.1-150300.14.22.18.3.aarch64.rpm libreoffice-officebean-7.2.5.1-150300.14.22.18.3.aarch64.rpm libreoffice-pyuno-7.2.5.1-150300.14.22.18.3.aarch64.rpm libreoffice-qt5-7.2.5.1-150300.14.22.18.3.aarch64.rpm libreoffice-sdk-7.2.5.1-150300.14.22.18.3.aarch64.rpm libreoffice-sdk-doc-7.2.5.1-150300.14.22.18.3.aarch64.rpm libreoffice-writer-7.2.5.1-150300.14.22.18.3.aarch64.rpm libreoffice-writer-extensions-7.2.5.1-150300.14.22.18.3.aarch64.rpm libreofficekit-7.2.5.1-150300.14.22.18.3.aarch64.rpm libreofficekit-devel-7.2.5.1-150300.14.22.18.3.aarch64.rpm openSUSE-SLE-15.4-2022-769 important SUSE Updates openSUSE-SLE 15.4 This update for libcaca fixes the following issues: - CVE-2021-30498, CVE-2021-30499: If an image has a size of 0x0, when exporting, no data is written and space is allocated for the header only, not taking into account that sprintf appends a NUL byte (bsc#1184751, bsc#1184752). caca-utils-0.99.beta19.git20171003-11.3.1.x86_64.rpm libcaca-0.99.beta19.git20171003-11.3.1.src.rpm libcaca-devel-0.99.beta19.git20171003-11.3.1.x86_64.rpm libcaca-ruby-0.99.beta19.git20171003-11.3.1.x86_64.rpm libcaca0-0.99.beta19.git20171003-11.3.1.x86_64.rpm libcaca0-32bit-0.99.beta19.git20171003-11.3.1.x86_64.rpm libcaca0-plugins-0.99.beta19.git20171003-11.3.1.x86_64.rpm libcaca0-plugins-32bit-0.99.beta19.git20171003-11.3.1.x86_64.rpm python3-caca-0.99.beta19.git20171003-11.3.1.noarch.rpm caca-utils-0.99.beta19.git20171003-11.3.1.s390x.rpm libcaca-devel-0.99.beta19.git20171003-11.3.1.s390x.rpm libcaca-ruby-0.99.beta19.git20171003-11.3.1.s390x.rpm libcaca0-0.99.beta19.git20171003-11.3.1.s390x.rpm libcaca0-plugins-0.99.beta19.git20171003-11.3.1.s390x.rpm caca-utils-0.99.beta19.git20171003-11.3.1.ppc64le.rpm libcaca-devel-0.99.beta19.git20171003-11.3.1.ppc64le.rpm libcaca-ruby-0.99.beta19.git20171003-11.3.1.ppc64le.rpm libcaca0-0.99.beta19.git20171003-11.3.1.ppc64le.rpm libcaca0-plugins-0.99.beta19.git20171003-11.3.1.ppc64le.rpm caca-utils-0.99.beta19.git20171003-11.3.1.aarch64.rpm libcaca-devel-0.99.beta19.git20171003-11.3.1.aarch64.rpm libcaca-ruby-0.99.beta19.git20171003-11.3.1.aarch64.rpm libcaca0-0.99.beta19.git20171003-11.3.1.aarch64.rpm libcaca0-plugins-0.99.beta19.git20171003-11.3.1.aarch64.rpm openSUSE-SLE-15.4-2022-861 important SUSE Updates openSUSE-SLE 15.4 This update for openssl-1_1 fixes the following issues: openssl-1_1: - CVE-2022-0778: Infinite loop in BN_mod_sqrt() reachable when parsing certificates (bsc#1196877). - Fix PAC pointer authentication in ARM (bsc#1195856) - Pull libopenssl-1_1 when updating openssl-1_1 with the same version (bsc#1195792) - FIPS: Fix function and reason error codes (bsc#1182959) - Enable zlib compression support (bsc#1195149) glibc: - Resolve installation issue of `glibc-devel` in SUSE Linux Enterprise Micro 5.1 linux-glibc-devel: - Resolve installation issue of `linux-kernel-headers` in SUSE Linux Enterprise Micro 5.1 libxcrypt: - Resolve installation issue of `libxcrypt-devel` in SUSE Linux Enterprise Micro 5.1 zlib: - Resolve installation issue of `zlib-devel` in SUSE Linux Enterprise Micro 5.1 glibc-2.31-150300.20.7.src.rpm glibc-2.31-150300.20.7.x86_64.rpm glibc-32bit-2.31-150300.20.7.x86_64.rpm glibc-devel-2.31-150300.20.7.x86_64.rpm glibc-devel-32bit-2.31-150300.20.7.x86_64.rpm glibc-devel-static-2.31-150300.20.7.x86_64.rpm glibc-devel-static-32bit-2.31-150300.20.7.x86_64.rpm glibc-extra-2.31-150300.20.7.x86_64.rpm glibc-html-2.31-150300.20.7.noarch.rpm glibc-i18ndata-2.31-150300.20.7.noarch.rpm glibc-info-2.31-150300.20.7.noarch.rpm glibc-lang-2.31-150300.20.7.noarch.rpm glibc-locale-2.31-150300.20.7.x86_64.rpm glibc-locale-base-2.31-150300.20.7.x86_64.rpm glibc-locale-base-32bit-2.31-150300.20.7.x86_64.rpm glibc-profile-2.31-150300.20.7.x86_64.rpm glibc-profile-32bit-2.31-150300.20.7.x86_64.rpm glibc-utils-2.31-150300.20.1.x86_64.rpm glibc-utils-32bit-2.31-150300.20.1.x86_64.rpm glibc-utils-src-2.31-150300.20.1.src.rpm libcrypt1-32bit-4.4.15-150300.4.2.41.x86_64.rpm libcrypt1-4.4.15-150300.4.2.41.x86_64.rpm libminizip1-1.2.11-3.26.10.x86_64.rpm libminizip1-32bit-1.2.11-3.26.10.x86_64.rpm libxcrypt-4.4.15-150300.4.2.41.src.rpm libxcrypt-devel-32bit-4.4.15-150300.4.2.41.x86_64.rpm libxcrypt-devel-4.4.15-150300.4.2.41.x86_64.rpm libxcrypt-devel-static-4.4.15-150300.4.2.41.x86_64.rpm libz1-1.2.11-3.26.10.x86_64.rpm libz1-32bit-1.2.11-3.26.10.x86_64.rpm minizip-devel-1.2.11-3.26.10.x86_64.rpm nscd-2.31-150300.20.7.x86_64.rpm zlib-1.2.11-3.26.10.src.rpm zlib-devel-1.2.11-3.26.10.x86_64.rpm zlib-devel-32bit-1.2.11-3.26.10.x86_64.rpm zlib-devel-static-1.2.11-3.26.10.x86_64.rpm zlib-devel-static-32bit-1.2.11-3.26.10.x86_64.rpm glibc-2.31-150300.20.7.s390x.rpm glibc-devel-2.31-150300.20.7.s390x.rpm glibc-devel-static-2.31-150300.20.7.s390x.rpm glibc-extra-2.31-150300.20.7.s390x.rpm glibc-locale-2.31-150300.20.7.s390x.rpm glibc-locale-base-2.31-150300.20.7.s390x.rpm glibc-profile-2.31-150300.20.7.s390x.rpm glibc-utils-2.31-150300.20.1.s390x.rpm libcrypt1-4.4.15-150300.4.2.41.s390x.rpm libminizip1-1.2.11-3.26.10.s390x.rpm libxcrypt-devel-4.4.15-150300.4.2.41.s390x.rpm libxcrypt-devel-static-4.4.15-150300.4.2.41.s390x.rpm libz1-1.2.11-3.26.10.s390x.rpm minizip-devel-1.2.11-3.26.10.s390x.rpm nscd-2.31-150300.20.7.s390x.rpm zlib-devel-1.2.11-3.26.10.s390x.rpm zlib-devel-static-1.2.11-3.26.10.s390x.rpm glibc-2.31-150300.20.7.ppc64le.rpm glibc-devel-2.31-150300.20.7.ppc64le.rpm glibc-devel-static-2.31-150300.20.7.ppc64le.rpm glibc-extra-2.31-150300.20.7.ppc64le.rpm glibc-locale-2.31-150300.20.7.ppc64le.rpm glibc-locale-base-2.31-150300.20.7.ppc64le.rpm glibc-profile-2.31-150300.20.7.ppc64le.rpm glibc-utils-2.31-150300.20.1.ppc64le.rpm libcrypt1-4.4.15-150300.4.2.41.ppc64le.rpm libminizip1-1.2.11-3.26.10.ppc64le.rpm libxcrypt-devel-4.4.15-150300.4.2.41.ppc64le.rpm libxcrypt-devel-static-4.4.15-150300.4.2.41.ppc64le.rpm libz1-1.2.11-3.26.10.ppc64le.rpm minizip-devel-1.2.11-3.26.10.ppc64le.rpm nscd-2.31-150300.20.7.ppc64le.rpm zlib-devel-1.2.11-3.26.10.ppc64le.rpm zlib-devel-static-1.2.11-3.26.10.ppc64le.rpm glibc-2.31-150300.20.7.aarch64.rpm glibc-devel-2.31-150300.20.7.aarch64.rpm glibc-devel-static-2.31-150300.20.7.aarch64.rpm glibc-extra-2.31-150300.20.7.aarch64.rpm glibc-locale-2.31-150300.20.7.aarch64.rpm glibc-locale-base-2.31-150300.20.7.aarch64.rpm glibc-profile-2.31-150300.20.7.aarch64.rpm glibc-utils-2.31-150300.20.1.aarch64.rpm libcrypt1-4.4.15-150300.4.2.41.aarch64.rpm libminizip1-1.2.11-3.26.10.aarch64.rpm libxcrypt-devel-4.4.15-150300.4.2.41.aarch64.rpm libxcrypt-devel-static-4.4.15-150300.4.2.41.aarch64.rpm libz1-1.2.11-3.26.10.aarch64.rpm minizip-devel-1.2.11-3.26.10.aarch64.rpm nscd-2.31-150300.20.7.aarch64.rpm zlib-devel-1.2.11-3.26.10.aarch64.rpm zlib-devel-static-1.2.11-3.26.10.aarch64.rpm openSUSE-SLE-15.4-2022-952 moderate SUSE Updates openSUSE-SLE 15.4 This update for rpmlint fixes the following issues: - Add tukitd dbus whitelist (bsc#1196149) - Add kpmcore whitelisting (bsc#1178848). - Add whitelisting for NetworkManager nm-priv helper for SLE-15-SP4 (bsc#1194799). rpmlint-1.10-7.45.1.noarch.rpm rpmlint-1.10-7.45.1.src.rpm openSUSE-SLE-15.4-2022-796 moderate SUSE Updates openSUSE-SLE 15.4 This update for golang-github-prometheus-prometheus fixes the following issues: - Fix Firewalld configuration file location (bsc#1196300) - Require Go 1.16+ - Do not build on s390 architecture. golang-github-prometheus-prometheus-2.32.1-4.6.1.src.rpm golang-github-prometheus-prometheus-2.32.1-4.6.1.x86_64.rpm golang-github-prometheus-prometheus-2.32.1-4.6.1.s390x.rpm golang-github-prometheus-prometheus-2.32.1-4.6.1.ppc64le.rpm golang-github-prometheus-prometheus-2.32.1-4.6.1.aarch64.rpm openSUSE-SLE-15.4-2022-843 moderate SUSE Updates openSUSE-SLE 15.4 This update for rust, rust1.58, rust1.59 fixes the following issues: This update provides both rust1.58 and rust1.59. Changes in rust1.58: - Add recommends for GCC for installs to be able to link. - Add suggests for lld/clang which are faster than gcc for linking to allow users choice on what they use. - CVE-2022-21658: Resolve race condition in std::fs::remove_dir_all (bsc#1194767) Version 1.58.0 (2022-01-13) ========================== Language -------- - [Format strings can now capture arguments simply by writing `{ident}` in the string.][90473] This works in all macros accepting format strings. Support for this in `panic!` (`panic!("{ident}")`) requires the 2021 edition; panic invocations in previous editions that appear to be trying to use this will result in a warning lint about not having the intended effect. - [`*const T` pointers can now be dereferenced in const contexts.][89551] - [The rules for when a generic struct implements `Unsize` have been relaxed.][90417] Compiler -------- - [Add LLVM CFI support to the Rust compiler][89652] - [Stabilize -Z strip as -C strip][90058]. Note that while release builds already don't add debug symbols for the code you compile, the compiled standard library that ships with Rust includes debug symbols, so you may want to use the `strip` option to remove these symbols to produce smaller release binaries. Note that this release only includes support in rustc, not directly in cargo. - [Add support for LLVM coverage mapping format versions 5 and 6][91207] - [Emit LLVM optimization remarks when enabled with `-Cremark`][90833] - [Update the minimum external LLVM to 12][90175] - [Add `x86_64-unknown-none` at Tier 3*][89062] - [Build musl dist artifacts with debuginfo enabled][90733]. When building release binaries using musl, you may want to use the newly stabilized strip option to remove these debug symbols, reducing the size of your binaries. - [Don't abort compilation after giving a lint error][87337] - [Error messages point at the source of trait bound obligations in more places][89580] \* Refer to Rust's [platform support page][platform-support-doc] for more information on Rust's tiered platform support. Libraries --------- - [All remaining functions in the standard library have `#[must_use]` annotations where appropriate][89692], producing a warning when ignoring their return value. This helps catch mistakes such as expecting a function to mutate a value in place rather than return a new value. - [Paths are automatically canonicalized on Windows for operations that support it][89174] - [Re-enable debug checks for `copy` and `copy_nonoverlapping`][90041] - [Implement `RefUnwindSafe` for `Rc<T>`][87467] - [Make RSplit<T, P>: Clone not require T: Clone][90117] - [Implement `Termination` for `Result<Infallible, E>`][88601]. This allows writing `fn main() -> Result<Infallible, ErrorType>`, for a program whose successful exits never involve returning from `main` (for instance, a program that calls `exit`, or that uses `exec` to run another program). Stabilized APIs --------------- - [`Metadata::is_symlink`] - [`Path::is_symlink`] - [`{integer}::saturating_div`] - [`Option::unwrap_unchecked`] - [`Result::unwrap_unchecked`] - [`Result::unwrap_err_unchecked`] - [`NonZero{unsigned}::is_power_of_two`] - [`File::options`] These APIs are now usable in const contexts: - [`Duration::new`] - [`Duration::checked_add`] - [`Duration::saturating_add`] - [`Duration::checked_sub`] - [`Duration::saturating_sub`] - [`Duration::checked_mul`] - [`Duration::saturating_mul`] - [`Duration::checked_div`] - [`MaybeUninit::as_ptr`] - [`MaybeUninit::as_mut_ptr`] - [`MaybeUninit::assume_init`] - [`MaybeUninit::assume_init_ref`] Cargo ----- - [Add --message-format for install command][cargo/10107] - [Warn when alias shadows external subcommand][cargo/10082] Rustdoc ------- - [Show all Deref implementations recursively in rustdoc][90183] - [Use computed visibility in rustdoc][88447] Compatibility Notes ------------------- - [Try all stable method candidates first before trying unstable ones][90329]. This change ensures that adding new nightly-only methods to the Rust standard library will not break code invoking methods of the same name from traits outside the standard library. - Windows: [`std::process::Command` will no longer search the current directory for executables.][87704] - [All proc-macro backward-compatibility lints are now deny-by-default.][88041] - [proc_macro: Append .0 to unsuffixed float if it would otherwise become int token][90297] - [Refactor weak symbols in std::sys::unix][90846]. This optimizes accesses to glibc functions, by avoiding the use of dlopen. This does not increase the [minimum expected version of glibc](https://doc.rust-lang.org/nightly/rustc/platform-support.html). However, software distributions that use symbol versions to detect library dependencies, and which take weak symbols into account in that analysis, may detect rust binaries as requiring newer versions of glibc. - [rustdoc now rejects some unexpected semicolons in doctests][91026] Version 1.59.0 (2022-02-24) ========================== Language -------- - [Stabilize default arguments for const generics][90207] - [Stabilize destructuring assignment][90521] - [Relax private in public lint on generic bounds and where clauses of trait impls][90586] - [Stabilize asm! and global_asm! for x86, x86_64, ARM, Aarch64, and RISC-V][91728] Compiler -------- - [Stabilize new symbol mangling format, leaving it opt-in (-Csymbol-mangling-version=v0)][90128] - [Emit LLVM optimization remarks when enabled with `-Cremark`][90833] - [Fix sparc64 ABI for aggregates with floating point members][91003] - [Warn when a `#[test]`-like built-in attribute macro is present multiple times.][91172] - [Add support for riscv64gc-unknown-freebsd][91284] - [Stabilize `-Z emit-future-incompat` as `--json future-incompat`][91535] Libraries --------- - [Remove unnecessary bounds for some Hash{Map,Set} methods][91593] Stabilized APIs --------------- - [`std::thread::available_parallelism`][available_parallelism] - [`Result::copied`][result-copied] - [`Result::cloned`][result-cloned] - [`arch::asm!`][asm] - [`arch::global_asm!`][global_asm] - [`ops::ControlFlow::is_break`][is_break] - [`ops::ControlFlow::is_continue`][is_continue] - [`TryFrom<char> for u8`][try_from_char_u8] - [`char::TryFromCharError`][try_from_char_err] implementing `Clone`, `Debug`, `Display`, `PartialEq`, `Copy`, `Eq`, `Error` - [`iter::zip`][zip] - [`NonZeroU8::is_power_of_two`][is_power_of_two8] - [`NonZeroU16::is_power_of_two`][is_power_of_two16] - [`NonZeroU32::is_power_of_two`][is_power_of_two32] - [`NonZeroU64::is_power_of_two`][is_power_of_two64] - [`NonZeroU128::is_power_of_two`][is_power_of_two128] - [`DoubleEndedIterator for ToLowercase`][lowercase] - [`DoubleEndedIterator for ToUppercase`][uppercase] - [`TryFrom<&mut [T]> for [T; N]`][tryfrom_ref_arr] - [`UnwindSafe for Once`][unwindsafe_once] - [`RefUnwindSafe for Once`][refunwindsafe_once] - [armv8 neon intrinsics for aarch64][stdarch/1266] Const-stable: - [`mem::MaybeUninit::as_ptr`][muninit_ptr] - [`mem::MaybeUninit::assume_init`][muninit_init] - [`mem::MaybeUninit::assume_init_ref`][muninit_init_ref] - [`ffi::CStr::from_bytes_with_nul_unchecked`][cstr_from_bytes] Cargo ----- - [Stabilize the `strip` profile option][cargo/10088] - [Stabilize future-incompat-report][cargo/10165] - [Support abbreviating `--release` as `-r`][cargo/10133] - [Support `term.quiet` configuration][cargo/10152] - [Remove `--host` from cargo {publish,search,login}][cargo/10145] Compatibility Notes ------------------- - [Refactor weak symbols in std::sys::unix][90846] This may add new, versioned, symbols when building with a newer glibc, as the standard library uses weak linkage rather than dynamically attempting to load certain symbols at runtime. - [Deprecate crate_type and crate_name nested inside `#![cfg_attr]`][83744] This adds a future compatibility lint to supporting the use of cfg_attr wrapping either crate_type or crate_name specification within Rust files; it is recommended that users migrate to setting the equivalent command line flags. - [Remove effect of `#[no_link]` attribute on name resolution][92034] This may expose new names, leading to conflicts with preexisting names in a given namespace and a compilation failure. - [Cargo will document libraries before binaries.][cargo/10172] - [Respect doc=false in dependencies, not just the root crate][cargo/10201] - [Weaken guarantee around advancing underlying iterators in zip][83791] - [Make split_inclusive() on an empty slice yield an empty output][89825] - [Update std::env::temp_dir to use GetTempPath2 on Windows when available.][89999] Changes in rust wrapper package: - Update to version 1.59.0 - for details see the rust1.59 package - Update package description to help users choose what tooling to install. - Provide rust+cargo by cargo: all cargo<n> package provide this symbol too. Having the meta package provide it allows OBS to have a generic prefernece on the meta package for all packages 'just' requiring rust+cargo. - Update to version 1.58.0 cargo-1.59.0-150300.21.20.1.x86_64.rpm rust-1.59.0-150300.21.20.1.src.rpm rust-1.59.0-150300.21.20.1.x86_64.rpm cargo-1.59.0-150300.21.20.1.s390x.rpm rust-1.59.0-150300.21.20.1.s390x.rpm cargo-1.59.0-150300.21.20.1.ppc64le.rpm rust-1.59.0-150300.21.20.1.ppc64le.rpm cargo-1.59.0-150300.21.20.1.aarch64.rpm rust-1.59.0-150300.21.20.1.aarch64.rpm openSUSE-SLE-15.4-2022-950 moderate SUSE Updates openSUSE-SLE 15.4 This feature update for lifecycle-data-sle-module-development-tools fixes the following issues: - Added expiration data for GCC 10 yearly update for the Toolchain/Development modules (jsc#ECO-2373, jsc#SLE-16821, jsc#SLE-16822) lifecycle-data-sle-module-development-tools-1-3.13.1.noarch.rpm lifecycle-data-sle-module-development-tools-1-3.13.1.src.rpm openSUSE-SLE-15.4-2022-783 important SUSE Updates openSUSE-SLE 15.4 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.6.1 ESR (bsc#1196809): - CVE-2022-26485: Use-after-free in XSLT parameter processing - CVE-2022-26486: Use-after-free in WebGPU IPC Framework MozillaFirefox-91.6.1-152.19.1.src.rpm MozillaFirefox-91.6.1-152.19.1.x86_64.rpm MozillaFirefox-branding-upstream-91.6.1-152.19.1.x86_64.rpm MozillaFirefox-devel-91.6.1-152.19.1.x86_64.rpm MozillaFirefox-translations-common-91.6.1-152.19.1.x86_64.rpm MozillaFirefox-translations-other-91.6.1-152.19.1.x86_64.rpm MozillaFirefox-91.6.1-152.19.1.s390x.rpm MozillaFirefox-branding-upstream-91.6.1-152.19.1.s390x.rpm MozillaFirefox-devel-91.6.1-152.19.1.s390x.rpm MozillaFirefox-translations-common-91.6.1-152.19.1.s390x.rpm MozillaFirefox-translations-other-91.6.1-152.19.1.s390x.rpm MozillaFirefox-91.6.1-152.19.1.ppc64le.rpm MozillaFirefox-branding-upstream-91.6.1-152.19.1.ppc64le.rpm MozillaFirefox-devel-91.6.1-152.19.1.ppc64le.rpm MozillaFirefox-translations-common-91.6.1-152.19.1.ppc64le.rpm MozillaFirefox-translations-other-91.6.1-152.19.1.ppc64le.rpm MozillaFirefox-91.6.1-152.19.1.aarch64.rpm MozillaFirefox-branding-upstream-91.6.1-152.19.1.aarch64.rpm MozillaFirefox-devel-91.6.1-152.19.1.aarch64.rpm MozillaFirefox-translations-common-91.6.1-152.19.1.aarch64.rpm MozillaFirefox-translations-other-91.6.1-152.19.1.aarch64.rpm openSUSE-SLE-15.4-2022-1021 moderate SUSE Updates openSUSE-SLE 15.4 This update for systemd fixes the following issues: - allow setting external core size to infinity (bsc#1195899 jsc#SLE-23868 jsc#SLE-23870) systemd-234-24.108.1.src.rpm systemd-bash-completion-234-24.108.1.noarch.rpm openSUSE-SLE-15.4-2022-936 moderate SUSE Updates openSUSE-SLE 15.4 This update for filesystem and systemd-rpm-macros fixes the following issues: filesystem: - Add path /lib/modprobe.d (bsc#1196275, jsc#SLE-20639) systemd-rpm-macros: - Make %_modprobedir point to /lib/modprobe.d (bsc#1196275, bsc#1196406) filesystem-15.0-11.8.1.src.rpm filesystem-15.0-11.8.1.x86_64.rpm systemd-rpm-macros-11-7.27.1.noarch.rpm systemd-rpm-macros-11-7.27.1.src.rpm filesystem-15.0-11.8.1.s390x.rpm filesystem-15.0-11.8.1.ppc64le.rpm filesystem-15.0-11.8.1.aarch64.rpm openSUSE-SLE-15.4-2022-870 important SUSE Updates openSUSE-SLE 15.4 This update for java-1_8_0-openj9 fixes the following issues: Update to OpenJDK 8u322 build 04 with OpenJ9 0.30.0: - Fixing the following vulnerabilities: CVE-2022-21248 (bsc#1194926), CVE-2022-21277 (bsc#1194930), CVE-2022-21282 (bsc#1194933), CVE-2022-21291 (bsc#1194925), CVE-2022-21293 (bsc#1194935), CVE-2022-21294 (bsc#1194934), CVE-2022-21296 (bsc#1194932), CVE-2022-21299 (bsc#1194931), CVE-2022-21305 (bsc#1194939), CVE-2022-21340 (bsc#1194940), CVE-2022-21341 (bsc#1194941), CVE-2022-21360 (bsc#1194929), CVE-2022-21365 (bsc#1194928), CVE-2022-21366 (bsc#1194927). java-1_8_0-openj9-1.8.0.322-3.21.2.src.rpm java-1_8_0-openj9-1.8.0.322-3.21.2.x86_64.rpm java-1_8_0-openj9-accessibility-1.8.0.322-3.21.2.x86_64.rpm java-1_8_0-openj9-demo-1.8.0.322-3.21.2.x86_64.rpm java-1_8_0-openj9-devel-1.8.0.322-3.21.2.x86_64.rpm java-1_8_0-openj9-headless-1.8.0.322-3.21.2.x86_64.rpm java-1_8_0-openj9-javadoc-1.8.0.322-3.21.2.noarch.rpm java-1_8_0-openj9-src-1.8.0.322-3.21.2.x86_64.rpm java-1_8_0-openj9-1.8.0.322-3.21.2.s390x.rpm java-1_8_0-openj9-accessibility-1.8.0.322-3.21.2.s390x.rpm java-1_8_0-openj9-demo-1.8.0.322-3.21.2.s390x.rpm java-1_8_0-openj9-devel-1.8.0.322-3.21.2.s390x.rpm java-1_8_0-openj9-headless-1.8.0.322-3.21.2.s390x.rpm java-1_8_0-openj9-src-1.8.0.322-3.21.2.s390x.rpm java-1_8_0-openj9-1.8.0.322-3.21.2.ppc64le.rpm java-1_8_0-openj9-accessibility-1.8.0.322-3.21.2.ppc64le.rpm java-1_8_0-openj9-demo-1.8.0.322-3.21.2.ppc64le.rpm java-1_8_0-openj9-devel-1.8.0.322-3.21.2.ppc64le.rpm java-1_8_0-openj9-headless-1.8.0.322-3.21.2.ppc64le.rpm java-1_8_0-openj9-src-1.8.0.322-3.21.2.ppc64le.rpm java-1_8_0-openj9-1.8.0.322-3.21.2.aarch64.rpm java-1_8_0-openj9-accessibility-1.8.0.322-3.21.2.aarch64.rpm java-1_8_0-openj9-demo-1.8.0.322-3.21.2.aarch64.rpm java-1_8_0-openj9-devel-1.8.0.322-3.21.2.aarch64.rpm java-1_8_0-openj9-headless-1.8.0.322-3.21.2.aarch64.rpm java-1_8_0-openj9-src-1.8.0.322-3.21.2.aarch64.rpm openSUSE-SLE-15.4-2022-873 important SUSE Updates openSUSE-SLE 15.4 This update for java-1_8_0-openjdk fixes the following issues: Update to version jdk8u322 (icedtea-3.22.0) Including the following security fixes: - CVE-2022-21248, bsc#1194926: Enhance cross VM serialization - CVE-2022-21283, bsc#1194937: Better String matching - CVE-2022-21293, bsc#1194935: Improve String constructions - CVE-2022-21294, bsc#1194934: Enhance construction of Identity maps - CVE-2022-21282, bsc#1194933: Better resolution of URIs - CVE-2022-21296, bsc#1194932: Improve SAX Parser configuration management - CVE-2022-21299, bsc#1194931: Improved scanning of XML entities - CVE-2022-21305, bsc#1194939: Better array indexing - CVE-2022-21340, bsc#1194940: Verify Jar Verification - CVE-2022-21341, bsc#1194941: Improve serial forms for transport - CVE-2022-21349: Improve Solaris font rendering - CVE-2022-21360, bsc#1194929: Enhance BMP image support - CVE-2022-21365, bsc#1194928: Enhanced BMP processing java-1_8_0-openjdk-1.8.0.322-3.64.2.src.rpm java-1_8_0-openjdk-1.8.0.322-3.64.2.x86_64.rpm java-1_8_0-openjdk-accessibility-1.8.0.322-3.64.2.x86_64.rpm java-1_8_0-openjdk-demo-1.8.0.322-3.64.2.x86_64.rpm java-1_8_0-openjdk-devel-1.8.0.322-3.64.2.x86_64.rpm java-1_8_0-openjdk-headless-1.8.0.322-3.64.2.x86_64.rpm java-1_8_0-openjdk-javadoc-1.8.0.322-3.64.2.noarch.rpm java-1_8_0-openjdk-src-1.8.0.322-3.64.2.x86_64.rpm java-1_8_0-openjdk-1.8.0.322-3.64.2.s390x.rpm java-1_8_0-openjdk-accessibility-1.8.0.322-3.64.2.s390x.rpm java-1_8_0-openjdk-demo-1.8.0.322-3.64.2.s390x.rpm java-1_8_0-openjdk-devel-1.8.0.322-3.64.2.s390x.rpm java-1_8_0-openjdk-headless-1.8.0.322-3.64.2.s390x.rpm java-1_8_0-openjdk-src-1.8.0.322-3.64.2.s390x.rpm java-1_8_0-openjdk-1.8.0.322-3.64.2.ppc64le.rpm java-1_8_0-openjdk-accessibility-1.8.0.322-3.64.2.ppc64le.rpm java-1_8_0-openjdk-demo-1.8.0.322-3.64.2.ppc64le.rpm java-1_8_0-openjdk-devel-1.8.0.322-3.64.2.ppc64le.rpm java-1_8_0-openjdk-headless-1.8.0.322-3.64.2.ppc64le.rpm java-1_8_0-openjdk-src-1.8.0.322-3.64.2.ppc64le.rpm java-1_8_0-openjdk-1.8.0.322-3.64.2.aarch64.rpm java-1_8_0-openjdk-accessibility-1.8.0.322-3.64.2.aarch64.rpm java-1_8_0-openjdk-demo-1.8.0.322-3.64.2.aarch64.rpm java-1_8_0-openjdk-devel-1.8.0.322-3.64.2.aarch64.rpm java-1_8_0-openjdk-headless-1.8.0.322-3.64.2.aarch64.rpm java-1_8_0-openjdk-src-1.8.0.322-3.64.2.aarch64.rpm openSUSE-SLE-15.4-2022-947 moderate SUSE Updates openSUSE-SLE 15.4 This update for dapl fixes the following issues: - Allow to override build date in order to allow for reproducible builds. (bsc#1047218) dapl-2.1.10-3.6.1.src.rpm dapl-2.1.10-3.6.1.x86_64.rpm dapl-debug-2.1.10-3.6.1.src.rpm dapl-debug-2.1.10-3.6.1.x86_64.rpm dapl-debug-devel-2.1.10-3.6.1.x86_64.rpm dapl-debug-libs-2.1.10-3.6.1.x86_64.rpm dapl-debug-utils-2.1.10-3.6.1.x86_64.rpm dapl-devel-2.1.10-3.6.1.x86_64.rpm dapl-devel-32bit-2.1.10-3.6.1.x86_64.rpm dapl-utils-2.1.10-3.6.1.x86_64.rpm libdat2-2-2.1.10-3.6.1.x86_64.rpm libdat2-2-32bit-2.1.10-3.6.1.x86_64.rpm dapl-2.1.10-3.6.1.s390x.rpm dapl-debug-2.1.10-3.6.1.s390x.rpm dapl-debug-devel-2.1.10-3.6.1.s390x.rpm dapl-debug-libs-2.1.10-3.6.1.s390x.rpm dapl-debug-utils-2.1.10-3.6.1.s390x.rpm dapl-devel-2.1.10-3.6.1.s390x.rpm dapl-utils-2.1.10-3.6.1.s390x.rpm libdat2-2-2.1.10-3.6.1.s390x.rpm dapl-2.1.10-3.6.1.ppc64le.rpm dapl-debug-2.1.10-3.6.1.ppc64le.rpm dapl-debug-devel-2.1.10-3.6.1.ppc64le.rpm dapl-debug-libs-2.1.10-3.6.1.ppc64le.rpm dapl-debug-utils-2.1.10-3.6.1.ppc64le.rpm dapl-devel-2.1.10-3.6.1.ppc64le.rpm dapl-utils-2.1.10-3.6.1.ppc64le.rpm libdat2-2-2.1.10-3.6.1.ppc64le.rpm dapl-2.1.10-3.6.1.aarch64.rpm dapl-debug-2.1.10-3.6.1.aarch64.rpm dapl-debug-devel-2.1.10-3.6.1.aarch64.rpm dapl-debug-libs-2.1.10-3.6.1.aarch64.rpm dapl-debug-utils-2.1.10-3.6.1.aarch64.rpm dapl-devel-2.1.10-3.6.1.aarch64.rpm dapl-utils-2.1.10-3.6.1.aarch64.rpm libdat2-2-2.1.10-3.6.1.aarch64.rpm openSUSE-SLE-15.4-2022-847 important SUSE Updates openSUSE-SLE 15.4 This update for php7 fixes the following issues: - CVE-2021-21708: Fixed a memory corruption issue when processing integers from an untrusted source (bsc#1196252). php7-7.4.6-3.35.1.src.rpm php7-firebird-7.4.6-3.35.1.x86_64.rpm php7-firebird-7.4.6-3.35.1.s390x.rpm php7-firebird-7.4.6-3.35.1.ppc64le.rpm php7-firebird-7.4.6-3.35.1.aarch64.rpm openSUSE-SLE-15.4-2022-942 moderate SUSE Updates openSUSE-SLE 15.4 This update for python3 fixes the following issues: - CVE-2021-3572: Fixed an improper handling of unicode characters in pip (bsc#1186819). libpython3_6m1_0-3.6.15-150300.10.21.1.x86_64.rpm libpython3_6m1_0-32bit-3.6.15-150300.10.21.1.x86_64.rpm python3-3.6.15-150300.10.21.1.src.rpm python3-3.6.15-150300.10.21.1.x86_64.rpm python3-base-3.6.15-150300.10.21.1.x86_64.rpm python3-core-3.6.15-150300.10.21.1.src.rpm python3-curses-3.6.15-150300.10.21.1.x86_64.rpm python3-dbm-3.6.15-150300.10.21.1.x86_64.rpm python3-devel-3.6.15-150300.10.21.1.x86_64.rpm python3-doc-3.6.15-150300.10.21.1.x86_64.rpm python3-doc-devhelp-3.6.15-150300.10.21.1.x86_64.rpm python3-documentation-3.6.15-150300.10.21.1.src.rpm python3-idle-3.6.15-150300.10.21.1.x86_64.rpm python3-testsuite-3.6.15-150300.10.21.1.x86_64.rpm python3-tk-3.6.15-150300.10.21.1.x86_64.rpm python3-tools-3.6.15-150300.10.21.1.x86_64.rpm libpython3_6m1_0-3.6.15-150300.10.21.1.s390x.rpm python3-3.6.15-150300.10.21.1.s390x.rpm python3-base-3.6.15-150300.10.21.1.s390x.rpm python3-curses-3.6.15-150300.10.21.1.s390x.rpm python3-dbm-3.6.15-150300.10.21.1.s390x.rpm python3-devel-3.6.15-150300.10.21.1.s390x.rpm python3-doc-3.6.15-150300.10.21.1.s390x.rpm python3-doc-devhelp-3.6.15-150300.10.21.1.s390x.rpm python3-idle-3.6.15-150300.10.21.1.s390x.rpm python3-testsuite-3.6.15-150300.10.21.1.s390x.rpm python3-tk-3.6.15-150300.10.21.1.s390x.rpm python3-tools-3.6.15-150300.10.21.1.s390x.rpm libpython3_6m1_0-3.6.15-150300.10.21.1.ppc64le.rpm python3-3.6.15-150300.10.21.1.ppc64le.rpm python3-base-3.6.15-150300.10.21.1.ppc64le.rpm python3-curses-3.6.15-150300.10.21.1.ppc64le.rpm python3-dbm-3.6.15-150300.10.21.1.ppc64le.rpm python3-devel-3.6.15-150300.10.21.1.ppc64le.rpm python3-doc-3.6.15-150300.10.21.1.ppc64le.rpm python3-doc-devhelp-3.6.15-150300.10.21.1.ppc64le.rpm python3-idle-3.6.15-150300.10.21.1.ppc64le.rpm python3-testsuite-3.6.15-150300.10.21.1.ppc64le.rpm python3-tk-3.6.15-150300.10.21.1.ppc64le.rpm python3-tools-3.6.15-150300.10.21.1.ppc64le.rpm libpython3_6m1_0-3.6.15-150300.10.21.1.aarch64.rpm python3-3.6.15-150300.10.21.1.aarch64.rpm python3-base-3.6.15-150300.10.21.1.aarch64.rpm python3-curses-3.6.15-150300.10.21.1.aarch64.rpm python3-dbm-3.6.15-150300.10.21.1.aarch64.rpm python3-devel-3.6.15-150300.10.21.1.aarch64.rpm python3-doc-3.6.15-150300.10.21.1.aarch64.rpm python3-doc-devhelp-3.6.15-150300.10.21.1.aarch64.rpm python3-idle-3.6.15-150300.10.21.1.aarch64.rpm python3-testsuite-3.6.15-150300.10.21.1.aarch64.rpm python3-tk-3.6.15-150300.10.21.1.aarch64.rpm python3-tools-3.6.15-150300.10.21.1.aarch64.rpm openSUSE-SLE-15.4-2022-1074 moderate SUSE Updates openSUSE-SLE 15.4 This update for cloud-init contains the following fixes: - Enable broader systemctl location. (bsc#1193531) - Remove unneeded BuildRequires on python3-nose. cloud-init-21.2-8.54.2.src.rpm cloud-init-21.2-8.54.2.x86_64.rpm cloud-init-config-suse-21.2-8.54.2.x86_64.rpm cloud-init-doc-21.2-8.54.2.x86_64.rpm cloud-init-21.2-8.54.2.s390x.rpm cloud-init-config-suse-21.2-8.54.2.s390x.rpm cloud-init-doc-21.2-8.54.2.s390x.rpm cloud-init-21.2-8.54.2.ppc64le.rpm cloud-init-config-suse-21.2-8.54.2.ppc64le.rpm cloud-init-doc-21.2-8.54.2.ppc64le.rpm cloud-init-21.2-8.54.2.aarch64.rpm cloud-init-config-suse-21.2-8.54.2.aarch64.rpm cloud-init-doc-21.2-8.54.2.aarch64.rpm openSUSE-SLE-15.4-2022-804 important SUSE Updates openSUSE-SLE 15.4 This update for MozillaThunderbird fixes the following issues: Mozilla Thunderbird 91.6.2 (bsc#1196809): - CVE-2022-26485: Use-after-free in XSLT parameter processing - CVE-2022-26486: Use-after-free in WebGPU IPC Framework MozillaThunderbird-91.6.2-8.59.1.src.rpm MozillaThunderbird-91.6.2-8.59.1.x86_64.rpm MozillaThunderbird-translations-common-91.6.2-8.59.1.x86_64.rpm MozillaThunderbird-translations-other-91.6.2-8.59.1.x86_64.rpm MozillaThunderbird-91.6.2-8.59.1.s390x.rpm MozillaThunderbird-translations-common-91.6.2-8.59.1.s390x.rpm MozillaThunderbird-translations-other-91.6.2-8.59.1.s390x.rpm MozillaThunderbird-91.6.2-8.59.1.ppc64le.rpm MozillaThunderbird-translations-common-91.6.2-8.59.1.ppc64le.rpm MozillaThunderbird-translations-other-91.6.2-8.59.1.ppc64le.rpm MozillaThunderbird-91.6.2-8.59.1.aarch64.rpm MozillaThunderbird-translations-common-91.6.2-8.59.1.aarch64.rpm MozillaThunderbird-translations-other-91.6.2-8.59.1.aarch64.rpm openSUSE-SLE-15.4-2022-821 important SUSE Updates openSUSE-SLE 15.4 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.7.0 ESR (bsc#1196900): - CVE-2022-26383: Browser window spoof using fullscreen mode - CVE-2022-26384: iframe allow-scripts sandbox bypass - CVE-2022-26387: Time-of-check time-of-use bug when verifying add-on signatures - CVE-2022-26381: Use-after-free in text reflows - CVE-2022-26386: Temporary files downloaded to /tmp and accessible by other local users MozillaFirefox-91.7.0-152.22.1.src.rpm MozillaFirefox-91.7.0-152.22.1.x86_64.rpm MozillaFirefox-branding-upstream-91.7.0-152.22.1.x86_64.rpm MozillaFirefox-devel-91.7.0-152.22.1.x86_64.rpm MozillaFirefox-translations-common-91.7.0-152.22.1.x86_64.rpm MozillaFirefox-translations-other-91.7.0-152.22.1.x86_64.rpm MozillaFirefox-91.7.0-152.22.1.s390x.rpm MozillaFirefox-branding-upstream-91.7.0-152.22.1.s390x.rpm MozillaFirefox-devel-91.7.0-152.22.1.s390x.rpm MozillaFirefox-translations-common-91.7.0-152.22.1.s390x.rpm MozillaFirefox-translations-other-91.7.0-152.22.1.s390x.rpm MozillaFirefox-91.7.0-152.22.1.ppc64le.rpm MozillaFirefox-branding-upstream-91.7.0-152.22.1.ppc64le.rpm MozillaFirefox-devel-91.7.0-152.22.1.ppc64le.rpm MozillaFirefox-translations-common-91.7.0-152.22.1.ppc64le.rpm MozillaFirefox-translations-other-91.7.0-152.22.1.ppc64le.rpm MozillaFirefox-91.7.0-152.22.1.aarch64.rpm MozillaFirefox-branding-upstream-91.7.0-152.22.1.aarch64.rpm MozillaFirefox-devel-91.7.0-152.22.1.aarch64.rpm MozillaFirefox-translations-common-91.7.0-152.22.1.aarch64.rpm MozillaFirefox-translations-other-91.7.0-152.22.1.aarch64.rpm openSUSE-SLE-15.4-2022-943 moderate SUSE Updates openSUSE-SLE 15.4 This update for slirp4netns fixes the following issues: - CVE-2020-29130: Fixed an invalid memory access while processing ARP packets (bsc#1179467). slirp4netns-0.4.7-3.15.1.src.rpm slirp4netns-0.4.7-3.15.1.x86_64.rpm slirp4netns-0.4.7-3.15.1.s390x.rpm slirp4netns-0.4.7-3.15.1.ppc64le.rpm slirp4netns-0.4.7-3.15.1.aarch64.rpm openSUSE-SLE-15.4-2022-1179 moderate SUSE Updates openSUSE-SLE 15.4 This update for net-snmp fixes the following issues: - Decouple snmp-mibs from net-snmp version to allow major version upgrade (bsc#1196955). libsnmp30-32bit-5.7.3-10.12.1.x86_64.rpm libsnmp30-5.7.3-10.12.1.x86_64.rpm net-snmp-5.7.3-10.12.1.src.rpm net-snmp-5.7.3-10.12.1.x86_64.rpm net-snmp-devel-32bit-5.7.3-10.12.1.x86_64.rpm net-snmp-devel-5.7.3-10.12.1.x86_64.rpm perl-SNMP-5.7.3-10.12.1.x86_64.rpm python2-net-snmp-5.7.3-10.12.1.x86_64.rpm python3-net-snmp-5.7.3-10.12.1.x86_64.rpm snmp-mibs-5.7.3-10.12.1.x86_64.rpm libsnmp30-5.7.3-10.12.1.s390x.rpm net-snmp-5.7.3-10.12.1.s390x.rpm net-snmp-devel-5.7.3-10.12.1.s390x.rpm perl-SNMP-5.7.3-10.12.1.s390x.rpm python2-net-snmp-5.7.3-10.12.1.s390x.rpm python3-net-snmp-5.7.3-10.12.1.s390x.rpm snmp-mibs-5.7.3-10.12.1.s390x.rpm libsnmp30-5.7.3-10.12.1.ppc64le.rpm net-snmp-5.7.3-10.12.1.ppc64le.rpm net-snmp-devel-5.7.3-10.12.1.ppc64le.rpm perl-SNMP-5.7.3-10.12.1.ppc64le.rpm python2-net-snmp-5.7.3-10.12.1.ppc64le.rpm python3-net-snmp-5.7.3-10.12.1.ppc64le.rpm snmp-mibs-5.7.3-10.12.1.ppc64le.rpm libsnmp30-5.7.3-10.12.1.aarch64.rpm net-snmp-5.7.3-10.12.1.aarch64.rpm net-snmp-devel-5.7.3-10.12.1.aarch64.rpm perl-SNMP-5.7.3-10.12.1.aarch64.rpm python2-net-snmp-5.7.3-10.12.1.aarch64.rpm python3-net-snmp-5.7.3-10.12.1.aarch64.rpm snmp-mibs-5.7.3-10.12.1.aarch64.rpm openSUSE-SLE-15.4-2022-833 moderate SUSE Updates openSUSE-SLE 15.4 This update for open-iscsi fixes the following issue: - Update to latest upstream, including test cleanup, minor bug fixes (cosmetic), and fixing iscsi-init (bsc#1195656). iscsiuio-0.7.8.6-150300.32.15.1.aarch64.rpm libopeniscsiusr0_2_0-2.1.6-150300.32.15.1.aarch64.rpm open-iscsi-2.1.6-150300.32.15.1.aarch64.rpm open-iscsi-2.1.6-150300.32.15.1.src.rpm open-iscsi-devel-2.1.6-150300.32.15.1.aarch64.rpm openSUSE-SLE-15.4-2022-856 important SUSE Updates openSUSE-SLE 15.4 This update for openssl-1_0_0 fixes the following issues: - CVE-2022-0778: Infinite loop in BN_mod_sqrt() reachable when parsing certificates (bsc#1196877). libopenssl-1_0_0-devel-1.0.2p-3.49.1.x86_64.rpm libopenssl-1_0_0-devel-32bit-1.0.2p-3.49.1.x86_64.rpm libopenssl10-1.0.2p-3.49.1.x86_64.rpm libopenssl1_0_0-1.0.2p-3.49.1.x86_64.rpm libopenssl1_0_0-32bit-1.0.2p-3.49.1.x86_64.rpm libopenssl1_0_0-hmac-1.0.2p-3.49.1.x86_64.rpm libopenssl1_0_0-hmac-32bit-1.0.2p-3.49.1.x86_64.rpm libopenssl1_0_0-steam-1.0.2p-3.49.1.x86_64.rpm libopenssl1_0_0-steam-32bit-1.0.2p-3.49.1.x86_64.rpm openssl-1_0_0-1.0.2p-3.49.1.src.rpm openssl-1_0_0-1.0.2p-3.49.1.x86_64.rpm openssl-1_0_0-cavs-1.0.2p-3.49.1.x86_64.rpm openssl-1_0_0-doc-1.0.2p-3.49.1.noarch.rpm libopenssl-1_0_0-devel-1.0.2p-3.49.1.s390x.rpm libopenssl10-1.0.2p-3.49.1.s390x.rpm libopenssl1_0_0-1.0.2p-3.49.1.s390x.rpm libopenssl1_0_0-hmac-1.0.2p-3.49.1.s390x.rpm libopenssl1_0_0-steam-1.0.2p-3.49.1.s390x.rpm openssl-1_0_0-1.0.2p-3.49.1.s390x.rpm openssl-1_0_0-cavs-1.0.2p-3.49.1.s390x.rpm libopenssl-1_0_0-devel-1.0.2p-3.49.1.ppc64le.rpm libopenssl10-1.0.2p-3.49.1.ppc64le.rpm libopenssl1_0_0-1.0.2p-3.49.1.ppc64le.rpm libopenssl1_0_0-hmac-1.0.2p-3.49.1.ppc64le.rpm libopenssl1_0_0-steam-1.0.2p-3.49.1.ppc64le.rpm openssl-1_0_0-1.0.2p-3.49.1.ppc64le.rpm openssl-1_0_0-cavs-1.0.2p-3.49.1.ppc64le.rpm libopenssl-1_0_0-devel-1.0.2p-3.49.1.aarch64.rpm libopenssl10-1.0.2p-3.49.1.aarch64.rpm libopenssl1_0_0-1.0.2p-3.49.1.aarch64.rpm libopenssl1_0_0-hmac-1.0.2p-3.49.1.aarch64.rpm libopenssl1_0_0-steam-1.0.2p-3.49.1.aarch64.rpm openssl-1_0_0-1.0.2p-3.49.1.aarch64.rpm openssl-1_0_0-cavs-1.0.2p-3.49.1.aarch64.rpm openSUSE-SLE-15.4-2022-872 important SUSE Updates openSUSE-SLE 15.4 This update for stunnel fixes the following issues: Update to 5.62 including new features and bugfixes: * Security bugfixes - The "redirect" option was fixed to properly handle unauthenticated requests (bsc#1182529). - Fixed a double free with OpenSSL older than 1.1.0. - Added hardening to systemd service (bsc#1181400). * New features - Added new "protocol = capwin" and "protocol = capwinctrl" configuration file options. - Added support for the new SSL_set_options() values. - Added a bash completion script. - New 'sessionResume' service-level option to allow or disallow session resumption - Download fresh ca-certs.pem for each new release. - New 'protocolHeader' service-level option to insert custom 'connect' protocol negotiation headers. This feature can be used to impersonate other software (e.g. web browsers). - 'protocolHost' can also be used to control the client SMTP protocol negotiation HELO/EHLO value. - Initial FIPS 3.0 support. - Client-side "protocol = ldap" support * Bugfixes - Fixed a transfer() loop bug. - Fixed reloading configuration with "systemctl reload stunnel.service". - Fixed incorrect messages logged for OpenSSL errors. - Fixed 'redirect' with 'protocol'. This combination is not supported by 'smtp', 'pop3' and 'imap' protocols. - X.509v3 extensions required by modern versions of OpenSSL are added to generated self-signed test certificates. - Fixed a tiny memory leak in configuration file reload error handling. - Fixed engine initialization. - FIPS TLS feature is reported when a provider or container is available, and not when FIPS control API is available. - Fix configuration reload when compression is used - Fix test suite fixed not to require external connectivity stunnel-5.62-3.14.1.src.rpm stunnel-5.62-3.14.1.x86_64.rpm stunnel-doc-5.62-3.14.1.noarch.rpm stunnel-5.62-3.14.1.s390x.rpm stunnel-5.62-3.14.1.ppc64le.rpm stunnel-5.62-3.14.1.aarch64.rpm openSUSE-SLE-15.4-2022-862 important SUSE Updates openSUSE-SLE 15.4 This update for SAPHanaSR-ScaleOut fixes the following issues: - Add systemd support for the resource agent to interact with the new SAP unit files for sapstartsrv. As the new version of the SAP Startup Framework uses systemd unit files to control the sapstartsrv process instead of the previous used SysV init script, the handling of sapstartsrv inside the resource agents is adapted to support both ways. (bsc#1189532, bsc#1189533) - Add dedicated logging of HANA_CALL problems. It is now possible to identify if the called `hana` command or the needed `su` command throws the error, and for further hints it logs the stderr output. Additionally it is possible to get regular log messages for the used commands, their return code and their stderr output by enabling the 'debug' mode of the resource agents. (bsc#1182774) - Add switch 'cib_access' to the SAPHanaSrMultiTarget hook to give control over the hook runtime. Default is 'all-on' which means there are 3 cib calls performed inside the hook script. Changing the value of 'cib_access' inside the global.ini file to'site-on' to perform the absolute minimum cib calls (only one). (bsc#1189540) SAPHanaSR-ScaleOut-0.181.0-30.1.noarch.rpm SAPHanaSR-ScaleOut-0.181.0-30.1.src.rpm SAPHanaSR-ScaleOut-doc-0.181.0-30.1.noarch.rpm openSUSE-SLE-15.4-2022-863 important SUSE Updates openSUSE-SLE 15.4 This update for sapstartsrv-resource-agents fixes the following issues: - Add systemd support for the resource agent to interact with the new SAP unit files for sapstartsrv. As the new version of the SAP Startup Framework uses systemd unit files to control the sapstartsrv process instead of the previous used SysV init script, handling of sapstartsrv inside the resource agents is adapted to support both ways (bsc#1189529) - Prevent false posivite with pgrep in function '_get_status' (bsc#1193568) sapstartsrv-resource-agents-0.9.0+git.1645795466.55a8cca-1.12.1.noarch.rpm sapstartsrv-resource-agents-0.9.0+git.1645795466.55a8cca-1.12.1.src.rpm openSUSE-SLE-15.4-2022-1040 moderate SUSE Updates openSUSE-SLE 15.4 This update for protobuf fixes the following issues: - CVE-2021-22570: Fix incorrect parsing of nullchar in the proto symbol (bsc#1195258). libprotobuf-lite20-3.9.2-4.12.1.x86_64.rpm libprotobuf-lite20-32bit-3.9.2-4.12.1.x86_64.rpm libprotobuf20-3.9.2-4.12.1.x86_64.rpm libprotobuf20-32bit-3.9.2-4.12.1.x86_64.rpm libprotoc20-3.9.2-4.12.1.x86_64.rpm libprotoc20-32bit-3.9.2-4.12.1.x86_64.rpm protobuf-3.9.2-4.12.1.src.rpm protobuf-devel-3.9.2-4.12.1.x86_64.rpm protobuf-java-3.9.2-4.12.1.x86_64.rpm protobuf-source-3.9.2-4.12.1.noarch.rpm python2-protobuf-3.9.2-4.12.1.x86_64.rpm python3-protobuf-3.9.2-4.12.1.x86_64.rpm libprotobuf-lite20-3.9.2-4.12.1.s390x.rpm libprotobuf20-3.9.2-4.12.1.s390x.rpm libprotoc20-3.9.2-4.12.1.s390x.rpm protobuf-devel-3.9.2-4.12.1.s390x.rpm protobuf-java-3.9.2-4.12.1.s390x.rpm python2-protobuf-3.9.2-4.12.1.s390x.rpm python3-protobuf-3.9.2-4.12.1.s390x.rpm libprotobuf-lite20-3.9.2-4.12.1.ppc64le.rpm libprotobuf20-3.9.2-4.12.1.ppc64le.rpm libprotoc20-3.9.2-4.12.1.ppc64le.rpm protobuf-devel-3.9.2-4.12.1.ppc64le.rpm protobuf-java-3.9.2-4.12.1.ppc64le.rpm python2-protobuf-3.9.2-4.12.1.ppc64le.rpm python3-protobuf-3.9.2-4.12.1.ppc64le.rpm libprotobuf-lite20-3.9.2-4.12.1.aarch64.rpm libprotobuf20-3.9.2-4.12.1.aarch64.rpm libprotoc20-3.9.2-4.12.1.aarch64.rpm protobuf-devel-3.9.2-4.12.1.aarch64.rpm protobuf-java-3.9.2-4.12.1.aarch64.rpm python2-protobuf-3.9.2-4.12.1.aarch64.rpm python3-protobuf-3.9.2-4.12.1.aarch64.rpm openSUSE-SLE-15.4-2022-823 moderate SUSE Updates openSUSE-SLE 15.4 This update for protobuf fixes the following issues: - CVE-2021-22570: Fix incorrect parsing of nullchar in the proto symbol (bsc#1195258). libprotobuf-lite15-3.5.0-5.5.1.x86_64.rpm libprotobuf-lite15-32bit-3.5.0-5.5.1.x86_64.rpm libprotobuf15-3.5.0-5.5.1.x86_64.rpm libprotobuf15-32bit-3.5.0-5.5.1.x86_64.rpm libprotoc15-3.5.0-5.5.1.x86_64.rpm libprotoc15-32bit-3.5.0-5.5.1.x86_64.rpm protobuf-3.5.0-5.5.1.src.rpm libprotobuf-lite15-3.5.0-5.5.1.s390x.rpm libprotobuf15-3.5.0-5.5.1.s390x.rpm libprotoc15-3.5.0-5.5.1.s390x.rpm libprotobuf-lite15-3.5.0-5.5.1.ppc64le.rpm libprotobuf15-3.5.0-5.5.1.ppc64le.rpm libprotoc15-3.5.0-5.5.1.ppc64le.rpm libprotobuf-lite15-3.5.0-5.5.1.aarch64.rpm libprotobuf15-3.5.0-5.5.1.aarch64.rpm libprotoc15-3.5.0-5.5.1.aarch64.rpm openSUSE-SLE-15.4-2022-906 important SUSE Updates openSUSE-SLE 15.4 This update for MozillaThunderbird fixes the following issues: Updated to version 91.7 (bsc#1196900): - CVE-2022-26381: Fixed an invalid memory access due to text reflow when SVG objects were present. - CVE-2022-26383: Fixed an issue where, when resizing a popup after requesting fullscreen access, the popup would not display the fullscreen notification. - CVE-2022-26384: Fixed an iframe XSS sandbox bypass when allow-popups was used on the iframe. - CVE-2022-26386: Fixed an issue where downloadable temporary files were accessible to other local users. - CVE-2022-26387: Fixed a potential add-on signature verification bypass due to a race condition. MozillaThunderbird-91.7.0-150200.8.62.7.src.rpm MozillaThunderbird-91.7.0-150200.8.62.7.x86_64.rpm MozillaThunderbird-translations-common-91.7.0-150200.8.62.7.x86_64.rpm MozillaThunderbird-translations-other-91.7.0-150200.8.62.7.x86_64.rpm MozillaThunderbird-91.7.0-150200.8.62.7.s390x.rpm MozillaThunderbird-translations-common-91.7.0-150200.8.62.7.s390x.rpm MozillaThunderbird-translations-other-91.7.0-150200.8.62.7.s390x.rpm MozillaThunderbird-91.7.0-150200.8.62.7.ppc64le.rpm MozillaThunderbird-translations-common-91.7.0-150200.8.62.7.ppc64le.rpm MozillaThunderbird-translations-other-91.7.0-150200.8.62.7.ppc64le.rpm MozillaThunderbird-91.7.0-150200.8.62.7.aarch64.rpm MozillaThunderbird-translations-common-91.7.0-150200.8.62.7.aarch64.rpm MozillaThunderbird-translations-other-91.7.0-150200.8.62.7.aarch64.rpm openSUSE-SLE-15.4-2022-874 moderate SUSE Updates openSUSE-SLE 15.4 This update for openldap2 fixes the following issue: - Revert jsc#PM-3288 - CLDAP ( -DLDAP_CONNECTIONLESS ) due to regression (bsc#1197004) libldap-2_4-2-2.4.46-9.64.1.x86_64.rpm libldap-2_4-2-32bit-2.4.46-9.64.1.x86_64.rpm libldap-data-2.4.46-9.64.1.noarch.rpm openldap2-2.4.46-9.64.1.src.rpm openldap2-2.4.46-9.64.1.x86_64.rpm openldap2-back-meta-2.4.46-9.64.1.x86_64.rpm openldap2-back-perl-2.4.46-9.64.1.x86_64.rpm openldap2-back-sock-2.4.46-9.64.1.x86_64.rpm openldap2-back-sql-2.4.46-9.64.1.x86_64.rpm openldap2-client-2.4.46-9.64.1.x86_64.rpm openldap2-contrib-2.4.46-9.64.1.x86_64.rpm openldap2-devel-2.4.46-9.64.1.x86_64.rpm openldap2-devel-32bit-2.4.46-9.64.1.x86_64.rpm openldap2-devel-static-2.4.46-9.64.1.x86_64.rpm openldap2-doc-2.4.46-9.64.1.noarch.rpm openldap2-ppolicy-check-password-1.2-9.64.1.x86_64.rpm libldap-2_4-2-2.4.46-9.64.1.s390x.rpm openldap2-2.4.46-9.64.1.s390x.rpm openldap2-back-meta-2.4.46-9.64.1.s390x.rpm openldap2-back-perl-2.4.46-9.64.1.s390x.rpm openldap2-back-sock-2.4.46-9.64.1.s390x.rpm openldap2-back-sql-2.4.46-9.64.1.s390x.rpm openldap2-client-2.4.46-9.64.1.s390x.rpm openldap2-contrib-2.4.46-9.64.1.s390x.rpm openldap2-devel-2.4.46-9.64.1.s390x.rpm openldap2-devel-static-2.4.46-9.64.1.s390x.rpm openldap2-ppolicy-check-password-1.2-9.64.1.s390x.rpm libldap-2_4-2-2.4.46-9.64.1.ppc64le.rpm openldap2-2.4.46-9.64.1.ppc64le.rpm openldap2-back-meta-2.4.46-9.64.1.ppc64le.rpm openldap2-back-perl-2.4.46-9.64.1.ppc64le.rpm openldap2-back-sock-2.4.46-9.64.1.ppc64le.rpm openldap2-back-sql-2.4.46-9.64.1.ppc64le.rpm openldap2-client-2.4.46-9.64.1.ppc64le.rpm openldap2-contrib-2.4.46-9.64.1.ppc64le.rpm openldap2-devel-2.4.46-9.64.1.ppc64le.rpm openldap2-devel-static-2.4.46-9.64.1.ppc64le.rpm openldap2-ppolicy-check-password-1.2-9.64.1.ppc64le.rpm libldap-2_4-2-2.4.46-9.64.1.aarch64.rpm openldap2-2.4.46-9.64.1.aarch64.rpm openldap2-back-meta-2.4.46-9.64.1.aarch64.rpm openldap2-back-perl-2.4.46-9.64.1.aarch64.rpm openldap2-back-sock-2.4.46-9.64.1.aarch64.rpm openldap2-back-sql-2.4.46-9.64.1.aarch64.rpm openldap2-client-2.4.46-9.64.1.aarch64.rpm openldap2-contrib-2.4.46-9.64.1.aarch64.rpm openldap2-devel-2.4.46-9.64.1.aarch64.rpm openldap2-devel-static-2.4.46-9.64.1.aarch64.rpm openldap2-ppolicy-check-password-1.2-9.64.1.aarch64.rpm openSUSE-SLE-15.4-2022-901 important SUSE Updates openSUSE-SLE 15.4 This update for frr fixes the following issues: - CVE-2022-26125, CVE-2022-26126: Fixed buffer overflows in unpack_tlv_router_cap() (bsc#1196505, bsc#1196506). - CVE-2022-26127: Fixed heap buffer overflow in babel_packet_examin() (bsc#1196503). - CVE-2022-26128: Fixed buffer overflows in babel_packet_examin() (bsc#1196507). - CVE-2022-26129: Fixed buffer overflows in parse_hello_subtlv(), parse_ihu_subtlv() and parse_update_subtlv() (bsc#1196504). frr-7.4-150300.4.3.1.src.rpm frr-7.4-150300.4.3.1.x86_64.rpm frr-devel-7.4-150300.4.3.1.x86_64.rpm libfrr0-7.4-150300.4.3.1.x86_64.rpm libfrr_pb0-7.4-150300.4.3.1.x86_64.rpm libfrrcares0-7.4-150300.4.3.1.x86_64.rpm libfrrfpm_pb0-7.4-150300.4.3.1.x86_64.rpm libfrrgrpc_pb0-7.4-150300.4.3.1.x86_64.rpm libfrrospfapiclient0-7.4-150300.4.3.1.x86_64.rpm libfrrsnmp0-7.4-150300.4.3.1.x86_64.rpm libfrrzmq0-7.4-150300.4.3.1.x86_64.rpm libmlag_pb0-7.4-150300.4.3.1.x86_64.rpm frr-7.4-150300.4.3.1.s390x.rpm frr-devel-7.4-150300.4.3.1.s390x.rpm libfrr0-7.4-150300.4.3.1.s390x.rpm libfrr_pb0-7.4-150300.4.3.1.s390x.rpm libfrrcares0-7.4-150300.4.3.1.s390x.rpm libfrrfpm_pb0-7.4-150300.4.3.1.s390x.rpm libfrrgrpc_pb0-7.4-150300.4.3.1.s390x.rpm libfrrospfapiclient0-7.4-150300.4.3.1.s390x.rpm libfrrsnmp0-7.4-150300.4.3.1.s390x.rpm libfrrzmq0-7.4-150300.4.3.1.s390x.rpm libmlag_pb0-7.4-150300.4.3.1.s390x.rpm frr-7.4-150300.4.3.1.ppc64le.rpm frr-devel-7.4-150300.4.3.1.ppc64le.rpm libfrr0-7.4-150300.4.3.1.ppc64le.rpm libfrr_pb0-7.4-150300.4.3.1.ppc64le.rpm libfrrcares0-7.4-150300.4.3.1.ppc64le.rpm libfrrfpm_pb0-7.4-150300.4.3.1.ppc64le.rpm libfrrgrpc_pb0-7.4-150300.4.3.1.ppc64le.rpm libfrrospfapiclient0-7.4-150300.4.3.1.ppc64le.rpm libfrrsnmp0-7.4-150300.4.3.1.ppc64le.rpm libfrrzmq0-7.4-150300.4.3.1.ppc64le.rpm libmlag_pb0-7.4-150300.4.3.1.ppc64le.rpm frr-7.4-150300.4.3.1.aarch64.rpm frr-devel-7.4-150300.4.3.1.aarch64.rpm libfrr0-7.4-150300.4.3.1.aarch64.rpm libfrr_pb0-7.4-150300.4.3.1.aarch64.rpm libfrrcares0-7.4-150300.4.3.1.aarch64.rpm libfrrfpm_pb0-7.4-150300.4.3.1.aarch64.rpm libfrrgrpc_pb0-7.4-150300.4.3.1.aarch64.rpm libfrrospfapiclient0-7.4-150300.4.3.1.aarch64.rpm libfrrsnmp0-7.4-150300.4.3.1.aarch64.rpm libfrrzmq0-7.4-150300.4.3.1.aarch64.rpm libmlag_pb0-7.4-150300.4.3.1.aarch64.rpm openSUSE-SLE-15.4-2022-1033 moderate SUSE Updates openSUSE-SLE 15.4 This update for java-11-openjdk fixes the following issues: - Build failure on Solaris. - Unable to connect to https://google.com using java.net.HttpClient. java-11-openjdk-11.0.14.1-3.77.5.src.rpm java-11-openjdk-11.0.14.1-3.77.5.x86_64.rpm java-11-openjdk-accessibility-11.0.14.1-3.77.5.x86_64.rpm java-11-openjdk-demo-11.0.14.1-3.77.5.x86_64.rpm java-11-openjdk-devel-11.0.14.1-3.77.5.x86_64.rpm java-11-openjdk-headless-11.0.14.1-3.77.5.x86_64.rpm java-11-openjdk-javadoc-11.0.14.1-3.77.5.noarch.rpm java-11-openjdk-jmods-11.0.14.1-3.77.5.x86_64.rpm java-11-openjdk-src-11.0.14.1-3.77.5.x86_64.rpm java-11-openjdk-11.0.14.1-3.77.5.s390x.rpm java-11-openjdk-accessibility-11.0.14.1-3.77.5.s390x.rpm java-11-openjdk-demo-11.0.14.1-3.77.5.s390x.rpm java-11-openjdk-devel-11.0.14.1-3.77.5.s390x.rpm java-11-openjdk-headless-11.0.14.1-3.77.5.s390x.rpm java-11-openjdk-jmods-11.0.14.1-3.77.5.s390x.rpm java-11-openjdk-src-11.0.14.1-3.77.5.s390x.rpm java-11-openjdk-11.0.14.1-3.77.5.ppc64le.rpm java-11-openjdk-accessibility-11.0.14.1-3.77.5.ppc64le.rpm java-11-openjdk-demo-11.0.14.1-3.77.5.ppc64le.rpm java-11-openjdk-devel-11.0.14.1-3.77.5.ppc64le.rpm java-11-openjdk-headless-11.0.14.1-3.77.5.ppc64le.rpm java-11-openjdk-jmods-11.0.14.1-3.77.5.ppc64le.rpm java-11-openjdk-src-11.0.14.1-3.77.5.ppc64le.rpm java-11-openjdk-11.0.14.1-3.77.5.aarch64.rpm java-11-openjdk-accessibility-11.0.14.1-3.77.5.aarch64.rpm java-11-openjdk-demo-11.0.14.1-3.77.5.aarch64.rpm java-11-openjdk-devel-11.0.14.1-3.77.5.aarch64.rpm java-11-openjdk-headless-11.0.14.1-3.77.5.aarch64.rpm java-11-openjdk-jmods-11.0.14.1-3.77.5.aarch64.rpm java-11-openjdk-src-11.0.14.1-3.77.5.aarch64.rpm openSUSE-SLE-15.4-2022-953 moderate SUSE Updates openSUSE-SLE 15.4 This update for perl-DBD-SQLite fixes the following issues: - updated to 1.66 - Use external sqlite3 library rather than internal code. (bsc#1195771) perl-DBD-SQLite-1.66-150300.3.3.1.src.rpm perl-DBD-SQLite-1.66-150300.3.3.1.x86_64.rpm perl-DBD-SQLite-1.66-150300.3.3.1.s390x.rpm perl-DBD-SQLite-1.66-150300.3.3.1.ppc64le.rpm perl-DBD-SQLite-1.66-150300.3.3.1.aarch64.rpm openSUSE-SLE-15.4-2022-1119 moderate SUSE Updates openSUSE-SLE 15.4 This update for supportutils fixes the following issues: - Add command `blkid` - Add email.txt based on OPTION_EMAIL (bsc#1189028) - Add rpcinfo -p output #116 - Add s390x specific files and output - Add shared memory as a log directory for emergency use (bsc#1190943) - Fix cron package for RPM validation (bsc#1190315) - Fix for invalid argument during updates (bsc#1193204) - Fix iscsi initiator name (bsc#1195797) - Improve `lsblk` readability with `--ascsi` option - Include 'multipath -t' output in mpio.txt - Include /etc/sssd/conf.d configuration files - Include udev rules in /lib/udev/rules.d/ - Made /proc directory and network names spaces configurable (bsc#1193868) - Prepare future installation of binaries to /usr/sbin instead of /sbin. This does not affect SUSE Linux Enterprise 15 Serivce Pack 3 and 4 (bsc#1191096) - Move localmessage/warm logs out of messages.txt to new localwarn.txt - Optimize configuration files - Remove chronyc DNS lookups with -n switch (bsc#1193732) - Remove duplicate commands in network.txt - Remove duplicate firewalld status output - getappcore identifies compressed core files (bsc#1191794) supportutils-3.1.20-150300.7.35.10.1.noarch.rpm supportutils-3.1.20-150300.7.35.10.1.src.rpm openSUSE-SLE-15.4-2022-1116 moderate SUSE Updates openSUSE-SLE 15.4 This optional update provides the following changes: - Provide binaries for non x86_64 architectures directly to SUSE Package Hub. - There are no visible changes for the final user. - Affected source packages: libexttextcat libexttextcat-2_0-0-3.4.5-3.2.1.x86_64.rpm libexttextcat-3.4.5-3.2.1.src.rpm libexttextcat-3.4.5-3.2.1.x86_64.rpm libexttextcat-devel-3.4.5-3.2.1.x86_64.rpm libexttextcat-tools-3.4.5-3.2.1.x86_64.rpm libexttextcat-2_0-0-3.4.5-3.2.1.s390x.rpm libexttextcat-3.4.5-3.2.1.s390x.rpm libexttextcat-devel-3.4.5-3.2.1.s390x.rpm libexttextcat-tools-3.4.5-3.2.1.s390x.rpm libexttextcat-2_0-0-3.4.5-3.2.1.ppc64le.rpm libexttextcat-3.4.5-3.2.1.ppc64le.rpm libexttextcat-devel-3.4.5-3.2.1.ppc64le.rpm libexttextcat-tools-3.4.5-3.2.1.ppc64le.rpm libexttextcat-2_0-0-3.4.5-3.2.1.aarch64.rpm libexttextcat-3.4.5-3.2.1.aarch64.rpm libexttextcat-devel-3.4.5-3.2.1.aarch64.rpm libexttextcat-tools-3.4.5-3.2.1.aarch64.rpm openSUSE-SLE-15.4-2022-954 moderate SUSE Updates openSUSE-SLE 15.4 This update for wavpack fixes the following issues: - CVE-2021-44269: Fixed out of bounds read in processing .wav files (bsc#1197020). libwavpack1-32bit-5.4.0-4.12.1.x86_64.rpm libwavpack1-5.4.0-4.12.1.x86_64.rpm wavpack-5.4.0-4.12.1.src.rpm wavpack-5.4.0-4.12.1.x86_64.rpm wavpack-devel-5.4.0-4.12.1.x86_64.rpm libwavpack1-5.4.0-4.12.1.s390x.rpm wavpack-5.4.0-4.12.1.s390x.rpm wavpack-devel-5.4.0-4.12.1.s390x.rpm libwavpack1-5.4.0-4.12.1.ppc64le.rpm wavpack-5.4.0-4.12.1.ppc64le.rpm wavpack-devel-5.4.0-4.12.1.ppc64le.rpm libwavpack1-5.4.0-4.12.1.aarch64.rpm wavpack-5.4.0-4.12.1.aarch64.rpm wavpack-devel-5.4.0-4.12.1.aarch64.rpm openSUSE-SLE-15.4-2022-914 low SUSE Updates openSUSE-SLE 15.4 This update for qemu fixes the following issues: Increased the build version number to avoid downgrade issues. qemu-4.2.1-150200.66.3.src.rpm qemu-s390-4.2.1-150200.66.3.x86_64.rpm qemu-s390-4.2.1-150200.66.3.s390x.rpm qemu-s390-4.2.1-150200.66.3.ppc64le.rpm qemu-s390-4.2.1-150200.66.3.aarch64.rpm openSUSE-SLE-15.4-2022-1095 moderate SUSE Updates openSUSE-SLE 15.4 This update for sssd fixes the following issues: - Fix a crash caused by a read-after-free condition. (bsc#1196564) - Add 'ldap_ignore_unreadable_references' parameter to skip unreadable objects referenced by 'member' attribute. (bsc#1190775) sssd-1.16.1-150300.23.26.1.src.rpm sssd-common-32bit-1.16.1-150300.23.26.1.x86_64.rpm sssd-wbclient-1.16.1-150300.23.26.1.x86_64.rpm sssd-wbclient-devel-1.16.1-150300.23.26.1.x86_64.rpm sssd-wbclient-1.16.1-150300.23.26.1.s390x.rpm sssd-wbclient-devel-1.16.1-150300.23.26.1.s390x.rpm sssd-wbclient-1.16.1-150300.23.26.1.ppc64le.rpm sssd-wbclient-devel-1.16.1-150300.23.26.1.ppc64le.rpm sssd-wbclient-1.16.1-150300.23.26.1.aarch64.rpm sssd-wbclient-devel-1.16.1-150300.23.26.1.aarch64.rpm openSUSE-SLE-15.4-2022-1039 important SUSE Updates openSUSE-SLE 15.4 The SUSE Linux Enterprise 15 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-25636: Fixed an issue which allowed a local users to gain privileges because of a heap out-of-bounds write in nf_dup_netdev.c, related to nf_tables_offload (bsc#1196299). - CVE-2022-26490: Fixed a buffer overflow in the st21nfca driver. An attacker with adjacent NFC access could trigger crash the system or corrupt system memory (bsc#1196830). - CVE-2022-0487: A use-after-free vulnerability was found in rtsx_usb_ms_drv_remove() in drivers/memstick/host/rtsx_usb_ms.c (bsc#1194516). - CVE-2022-24448: Fixed an issue if an application sets the O_DIRECTORY flag, and tries to open a regular file, nfs_atomic_open() performs a regular lookup. If a regular file is found, ENOTDIR should have occured, but the server instead returned uninitialized data in the file descriptor (bsc#1195612). - CVE-2022-0617: Fixed a null pointer dereference in UDF file system functionality. A local user could crash the system by triggering udf_file_write_iter() via a malicious UDF image. (bsc#1196079) - CVE-2022-0644: Fixed a denial of service by a local user. A assertion failure could be triggered in kernel_read_file_from_fd(). (bsc#1196155) - CVE-2022-25258: The USB Gadget subsystem lacked certain validation of interface OS descriptor requests, which could have lead to memory corruption (bsc#1196096). - CVE-2022-24958: drivers/usb/gadget/legacy/inode.c mishandled dev->buf release (bsc#1195905). - CVE-2022-24959: Fixed a memory leak in yam_siocdevprivate() in drivers/net/hamradio/yam.c (bsc#1195897). - CVE-2021-44879: In gc_data_segment() in fs/f2fs/gc.c, special files were not considered, which lead to a move_data_page NULL pointer dereference (bsc#1195987). - CVE-2021-0920: Fixed a local privilege escalation due to a use-after-free vulnerability in unix_scm_to_skb of af_unix (bsc#1193731). - CVE-2021-39657: Fixed an information leak in the Universal Flash Storage subsystem (bsc#1193864). - CVE-2022-26966: Fixed an issue in drivers/net/usb/sr9700.c, which allowed attackers to obtain sensitive information from heap memory via crafted frame lengths from a device (bsc#1196836). - CVE-2021-39698: Fixed a possible memory corruption due to a use after free in aio_poll_complete_work. This could lead to local escalation of privilege with no additional execution privileges needed. (bsc#1196956) - CVE-2021-45402: The check_alu_op function in kernel/bpf/verifier.c did not properly update bounds while handling the mov32 instruction, which allowed local users to obtain potentially sensitive address information (bsc#1196130). - CVE-2022-23036,CVE-2022-23037,CVE-2022-23038,CVE-2022-23039,CVE-2022-23040,CVE-2022-23041,CVE-2022-23042: Fixed multiple issues which could have lead to read/write access to memory pages or denial of service. These issues are related to the Xen PV device frontend drivers. (bsc#1196488) The following non-security bugs were fixed: - ALSA: intel_hdmi: Fix reference to PCM buffer address (git-fixes). - ARM: 9182/1: mmu: fix returns from early_param() and __setup() functions (git-fixes). - ARM: Fix kgdb breakpoint for Thumb2 (git-fixes). - ASoC: cs4265: Fix the duplicated control name (git-fixes). - ASoC: ops: Shift tested values in snd_soc_put_volsw() by +min (git-fixes). - ASoC: rt5668: do not block workqueue if card is unbound (git-fixes). - ASoC: rt5682: do not block workqueue if card is unbound (git-fixes). - Bluetooth: btusb: Add missing Chicony device for Realtek RTL8723BE (bsc#1196779). - EDAC/altera: Fix deferred probing (bsc#1178134). - EDAC: Fix calculation of returned address and next offset in edac_align_ptr() (bsc#1178134). - HID: add mapping for KEY_ALL_APPLICATIONS (git-fixes). - HID: add mapping for KEY_DICTATE (git-fixes). - Hand over the maintainership to SLE15-SP3 maintainers - IB/hfi1: Correct guard on eager buffer deallocation (git-fixes). - IB/hfi1: Fix early init panic (git-fixes). - IB/hfi1: Fix leak of rcvhdrtail_dummy_kvaddr (git-fixes). - IB/hfi1: Insure use of smp_processor_id() is preempt disabled (git-fixes). - IB/rdmavt: Validate remote_addr during loopback atomic tests (git-fixes). - Input: clear BTN_RIGHT/MIDDLE on buttonpads (git-fixes). - Input: elan_i2c - fix regulator enable count imbalance after suspend/resume (git-fixes). - Input: elan_i2c - move regulator_[en|dis]able() out of elan_[en|dis]able_power() (git-fixes). - NFC: port100: fix use-after-free in port100_send_complete (git-fixes). - RDMA/bnxt_re: Scan the whole bitmap when checking if "disabling RCFW with pending cmd-bit" (git-fixes). - RDMA/cma: Do not change route.addr.src_addr outside state checks (bsc#1181147). - RDMA/cma: Let cma_resolve_ib_dev() continue search even after empty entry (git-fixes). - RDMA/cma: Remove open coding of overflow checking for private_data_len (git-fixes). - RDMA/core: Do not infoleak GRH fields (git-fixes). - RDMA/core: Let ib_find_gid() continue search even after empty entry (git-fixes). - RDMA/cxgb4: Set queue pair state when being queried (git-fixes). - RDMA/hns: Validate the pkey index (git-fixes). - RDMA/ib_srp: Fix a deadlock (git-fixes). - RDMA/mlx4: Do not continue event handler after memory allocation failure (git-fixes). - RDMA/rtrs-clt: Fix possible double free in error case (jsc#SLE-15176). - RDMA/rxe: Fix a typo in opcode name (git-fixes). - RDMA/siw: Fix broken RDMA Read Fence/Resume logic (git-fixes). - RDMA/uverbs: Check for null return of kmalloc_array (git-fixes). - RDMA/uverbs: Remove the unnecessary assignment (git-fixes). - Revert "USB: serial: ch341: add new Product ID for CH341A" (git-fixes). - SUNRPC: avoid race between mod_timer() and del_timer_sync() (bnc#1195403). - USB: gadget: validate endpoint index for xilinx udc (git-fixes). - USB: gadget: validate interface OS descriptor requests (git-fixes). - USB: hub: Clean up use of port initialization schemes and retries (git-fixes). - USB: serial: option: add Telit LE910R1 compositions (git-fixes). - USB: serial: option: add support for DW5829e (git-fixes). - USB: zaurus: support another broken Zaurus (git-fixes). - arm64: dts: rockchip: Switch RK3399-Gru DP to SPDIF output (git-fixes). - asix: fix uninit-value in asix_mdio_read() (git-fixes). - ata: pata_hpt37x: disable primary channel on HPT371 (git-fixes). - ax25: Fix NULL pointer dereference in ax25_kill_by_device (git-fixes). - batman-adv: Do not expect inter-netns unique iflink indices (git-fixes). - batman-adv: Request iflink once in batadv-on-batadv check (git-fixes). - batman-adv: Request iflink once in batadv_get_real_netdevice (git-fixes). - blk-mq: do not free tags if the tag_set is used by other device in queue initialztion (bsc#1193787). - bnxt_en: Fix active FEC reporting to ethtool (jsc#SLE-16649). - bnxt_en: Fix incorrect multicast rx mask setting when not requested (git-fixes). - bnxt_en: Fix occasional ethtool -t loopback test failures (git-fixes). - bnxt_en: Fix offline ethtool selftest with RDMA enabled (git-fixes). - bonding: force carrier update when releasing slave (git-fixes). - build initrd without systemd This reduces the size of the initrd by over 25%, which improves startup time of the virtual machine by 0.5-0.6s on very fast machines, more on slower ones. - can: gs_usb: change active_channels's type from atomic_t to u8 (git-fixes). - cgroup-v1: Correct privileges check in release_agent writes (bsc#1196723). - cgroup/cpuset: Fix "suspicious RCU usage" lockdep warning (bsc#1196868). - clk: jz4725b: fix mmc0 clock gating (git-fixes). - constraints: Also adjust disk requirement for x86 and s390. - constraints: Increase disk space for aarch64 - cpufreq: schedutil: Use kobject release() method to free (git-fixes) - cpuset: Fix the bug that subpart_cpus updated wrongly in update_cpumask() (bsc#1196866). - cputime, cpuacct: Include guest time in user time in (git-fixes) - dma-direct: Fix potential NULL pointer dereference (bsc#1196472 ltc#192278). - dma-mapping: Allow mixing bypass and mapped DMA operation (bsc#1196472 ltc#192278). - dmaengine: shdma: Fix runtime PM imbalance on error (git-fixes). - drm/amdgpu: disable MMHUB PG for Picasso (git-fixes). - drm/edid: Always set RGB444 (git-fixes). - drm/i915/dg1: Wait for pcode/uncore handshake at startup (bsc#1195211). - drm/i915/gen11+: Only load DRAM information from pcode (bsc#1195211). - drm/i915: Nuke not needed members of dram_info (bsc#1195211). - drm/i915: Remove memory frequency calculation (bsc#1195211). - drm/i915: Rename is_16gb_dimm to wm_lv_0_adjust_needed (bsc#1195211). - drm/sun4i: mixer: Fix P010 and P210 format numbers (git-fixes). - efivars: Respect "block" flag in efivar_entry_set_safe() (git-fixes). - exfat: fix i_blocks for files truncated over 4 GiB (git-fixes). - exfat: fix incorrect loading of i_blocks for large files (git-fixes). - firmware: arm_scmi: Remove space in MODULE_ALIAS name (git-fixes). - fix rpm build warning tumbleweed rpm is adding these warnings to the log: It's not recommended to have unversioned Obsoletes: Obsoletes: microcode_ctl - gianfar: ethtool: Fix refcount leak in gfar_get_ts_info (git-fixes). - gpio: rockchip: Reset int_bothedge when changing trigger (git-fixes). - gpio: tegra186: Fix chip_data type confusion (git-fixes). - gpio: ts4900: Do not set DAT and OE together (git-fixes). - gpiolib: acpi: Convert ACPI value of debounce to microseconds (git-fixes). - gtp: remove useless rcu_read_lock() (git-fixes). - hamradio: fix macro redefine warning (git-fixes). - i2c: bcm2835: Avoid clock stretching timeouts (git-fixes). - iavf: Fix missing check for running netdev (git-fixes). - ice: initialize local variable 'tlv' (jsc#SLE-12878). - igc: igc_read_phy_reg_gpy: drop premature return (git-fixes). - igc: igc_write_phy_reg_gpy: drop premature return (git-fixes). - iio: Fix error handling for PM (git-fixes). - iio: adc: ad7124: fix mask used for setting AIN_BUFP & AIN_BUFM bits (git-fixes). - iio: adc: men_z188_adc: Fix a resource leak in an error handling path (git-fixes). - ixgbe: xsk: change !netif_carrier_ok() handling in ixgbe_xmit_zc() (git-fixes). - kernel-binary.spec.in: Move 20-kernel-default-extra.conf to the correctr directory (bsc#1195051). - kernel-binary.spec: Also exclude the kernel signing key from devel package. There is a check in OBS that fails when it is included. Also the key is not reproducible. Fixes: bb988d4625a3 ("kernel-binary: Do not include sourcedir in certificate path.") - kernel-binary.spec: Do not use the default certificate path (bsc#1194943). Using the the default path is broken since Linux 5.17 - kernel-binary: Do not include sourcedir in certificate path. The certs macro runs before build directory is set up so it creates the aggregate of supplied certificates in the source directory. Using this file directly as the certificate in kernel config works but embeds the source directory path in the kernel config. To avoid this symlink the certificate to the build directory and use relative path to refer to it. Also fabricate a certificate in the same location in build directory when none is provided. - kernel-obs-build: include 9p (boo#1195353) To be able to share files between host and the qemu vm of the build script, the 9p and 9p_virtio kernel modules need to be included in the initrd of kernel-obs-build. - mac80211: fix forwarded mesh frames AC & queue selection (git-fixes). - mac80211_hwsim: initialize ieee80211_tx_info at hw_scan_work (git-fixes). - mac80211_hwsim: report NOACK frames in tx_status (git-fixes). - mask out added spinlock in rndis_params (git-fixes). - mmc: meson: Fix usage of meson_mmc_post_req() (git-fixes). - net/mlx5: Fix possible deadlock on rule deletion (git-fixes). - net/mlx5: Fix wrong limitation of metadata match on ecpf (git-fixes). - net/mlx5: Update the list of the PCI supported devices (git-fixes). - net/mlx5: Update the list of the PCI supported devices (git-fixes). - net/mlx5e: Fix modify header actions memory leak (git-fixes). - net/mlx5e: Fix page DMA map/unmap attributes (bsc#1196468). - net/mlx5e: Fix wrong return value on ioctl EEPROM query failure (git-fixes). - net/mlx5e: TC, Reject rules with drop and modify hdr action (git-fixes). - net/mlx5e: TC, Reject rules with forward and drop actions (git-fixes). - net/mlx5e: kTLS, Use CHECKSUM_UNNECESSARY for device-offloaded packets (jsc#SLE-15172). - net/sched: act_ct: Fix flow table lookup after ct clear or switching zones (jsc#SLE-15172). - net: dsa: mv88e6xxx: MV88E6097 does not support jumbo configuration (git-fixes). - net: ethernet: ti: cpsw: disable PTPv1 hw timestamping advertisement (git-fixes). - net: fix up skbs delta_truesize in UDP GRO frag_list (bsc#1176447). - net: hns3: Clear the CMDQ registers before unmapping BAR region (git-fixes). - net: phy: DP83822: clear MISR2 register to disable interrupts (git-fixes). - net: sfc: Replace in_interrupt() usage (git-fixes). - net: tipc: validate domain record count on input (bsc#1195254). - net: usb: cdc_mbim: avoid altsetting toggling for Telit FN990 (git-fixes). - netfilter: nf_tables: fix memory leak during stateful obj update (bsc#1176447). - netsec: ignore 'phy-mode' device property on ACPI systems (git-fixes). - nfp: flower: Fix a potential leak in nfp_tunnel_add_shared_mac() (git-fixes). - nl80211: Handle nla_memdup failures in handle_nan_filter (git-fixes). - ntb: intel: fix port config status offset for SPR (git-fixes). - nvme-multipath: use vmalloc for ANA log buffer (bsc#1193787). - nvme-rdma: fix possible use-after-free in transport error_recovery work (git-fixes). - nvme-tcp: fix possible use-after-free in transport error_recovery work (git-fixes). - nvme: fix a possible use-after-free in controller reset during load (git-fixes). - powerpc/dma: Fallback to dma_ops when persistent memory present (bsc#1196472 ltc#192278). Update config files. - powerpc/fadump: register for fadump as early as possible (bsc#1179439 ltc#190038). - powerpc/mm: Remove dcache flush from memory remove (bsc#1196433 ltc#196449). - powerpc/powernv/memtrace: Fix dcache flushing (bsc#1196433 ltc#196449). - powerpc/pseries/iommu: Fix window size for direct mapping with pmem (bsc#1196472 ltc#192278). - rpm/*.spec.in: Use https:// urls - rpm/arch-symbols,guards,*driver: Replace Novell with SUSE. - rpm/check-for-config-changes: Ignore PAHOLE_VERSION. - rpm/kernel-docs.spec.in: use %%license for license declarations Limited to SLE15+ to avoid compatibility nightmares. - rpm/kernel-source.spec.in: call fdupes per subpackage It is a waste of time to do a global fdupes when we have subpackages. - rpm: SC2006: Use $(...) notation instead of legacy backticked `...`. - sched/core: Mitigate race (git-fixes) - scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put() (git-fixes). - scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe (git-fixes). - scsi: lpfc: Terminate string in lpfc_debugfs_nvmeio_trc_write() (git-fixes). - scsi: nsp_cs: Check of ioremap return value (git-fixes). - scsi: qedf: Fix potential dereference of NULL pointer (git-fixes). - scsi: smartpqi: Add PCI IDs (bsc#1196627). - scsi: ufs: Fix race conditions related to driver data (git-fixes). - selftests: mlxsw: tc_police_scale: Make test more robust (bsc#1176774). - soc: fsl: Correct MAINTAINERS database (QUICC ENGINE LIBRARY) (git-fixes). - soc: fsl: Correct MAINTAINERS database (SOC) (git-fixes). - soc: fsl: qe: Check of ioremap return value (git-fixes). - spi: spi-zynq-qspi: Fix a NULL pointer dereference in zynq_qspi_exec_mem_op() (git-fixes). - sr9700: sanity check for packet length (bsc#1196836). - staging: gdm724x: fix use after free in gdm_lte_rx() (git-fixes). - tracing: Fix return value of __setup handlers (git-fixes). - tty: n_gsm: fix encoding of control signal octet bit DV (git-fixes). - tty: n_gsm: fix proper link termination after failed open (git-fixes). - usb: dwc2: Fix Stalling a Non-Isochronous OUT EP (git-fixes). - usb: dwc2: gadget: Fix GOUTNAK flow for Slave mode (git-fixes). - usb: dwc2: gadget: Fix kill_all_requests race (git-fixes). - usb: dwc2: use well defined macros for power_down (git-fixes). - usb: dwc3: gadget: Let the interrupt handler disable bottom halves (git-fixes). - usb: dwc3: meson-g12a: Disable the regulator in the error handling path of the probe (git-fixes). - usb: dwc3: pci: Fix Bay Trail phy GPIO mappings (git-fixes). - usb: gadget: rndis: add spinlock for rndis response list (git-fixes). - usb: host: xen-hcd: add missing unlock in error path (git-fixes). - usb: hub: Fix locking issues with address0_mutex (git-fixes). - usb: hub: Fix usb enumeration issue due to address0 race (git-fixes). - vrf: Fix fast path output packet handling with async Netfilter rules (git-fixes). - xen/usb: do not use gnttab_end_foreign_access() in xenhcd_gnttab_done() (bsc#1196488, XSA-396). - xhci: Prevent futile URB re-submissions due to incorrect return value (git-fixes). - xhci: re-initialize the HC during resume if HCE was set (git-fixes). cluster-md-kmp-preempt-5.3.18-150300.59.60.4.x86_64.rpm True dlm-kmp-preempt-5.3.18-150300.59.60.4.x86_64.rpm True gfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64.rpm True kernel-preempt-5.3.18-150300.59.60.4.nosrc.rpm True kernel-preempt-5.3.18-150300.59.60.4.x86_64.rpm True kernel-preempt-devel-5.3.18-150300.59.60.4.x86_64.rpm True kernel-preempt-extra-5.3.18-150300.59.60.4.x86_64.rpm True kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.x86_64.rpm True kernel-preempt-optional-5.3.18-150300.59.60.4.x86_64.rpm True kselftests-kmp-preempt-5.3.18-150300.59.60.4.x86_64.rpm True ocfs2-kmp-preempt-5.3.18-150300.59.60.4.x86_64.rpm True reiserfs-kmp-preempt-5.3.18-150300.59.60.4.x86_64.rpm True cluster-md-kmp-preempt-5.3.18-150300.59.60.4.aarch64.rpm True dlm-kmp-preempt-5.3.18-150300.59.60.4.aarch64.rpm True dtb-aarch64-5.3.18-150300.59.60.4.src.rpm True dtb-al-5.3.18-150300.59.60.4.aarch64.rpm True dtb-zte-5.3.18-150300.59.60.4.aarch64.rpm True gfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64.rpm True kernel-preempt-5.3.18-150300.59.60.4.aarch64.rpm True kernel-preempt-devel-5.3.18-150300.59.60.4.aarch64.rpm True kernel-preempt-extra-5.3.18-150300.59.60.4.aarch64.rpm True kernel-preempt-livepatch-devel-5.3.18-150300.59.60.4.aarch64.rpm True kernel-preempt-optional-5.3.18-150300.59.60.4.aarch64.rpm True kselftests-kmp-preempt-5.3.18-150300.59.60.4.aarch64.rpm True ocfs2-kmp-preempt-5.3.18-150300.59.60.4.aarch64.rpm True reiserfs-kmp-preempt-5.3.18-150300.59.60.4.aarch64.rpm True openSUSE-SLE-15.4-2022-1147 moderate SUSE Updates openSUSE-SLE 15.4 This update of containerd fixes the following issue: - container-ctr is shipped to the PackageHub repos. containerd-1.4.12-150000.65.1.src.rpm containerd-1.4.12-150000.65.1.x86_64.rpm containerd-ctr-1.4.12-150000.65.1.x86_64.rpm containerd-1.4.12-150000.65.1.s390x.rpm containerd-ctr-1.4.12-150000.65.1.s390x.rpm containerd-1.4.12-150000.65.1.ppc64le.rpm containerd-ctr-1.4.12-150000.65.1.ppc64le.rpm containerd-1.4.12-150000.65.1.aarch64.rpm containerd-ctr-1.4.12-150000.65.1.aarch64.rpm openSUSE-SLE-15.4-2022-945 important SUSE Updates openSUSE-SLE 15.4 This update for bind fixes the following issues: - CVE-2021-25220: Fixed a DNS cache poisoning vulnerability due to loose caching rules (bsc#1197135). bind-9.16.6-150300.22.16.1.src.rpm bind-chrootenv-9.16.6-150300.22.16.1.x86_64.rpm bind-devel-9.16.6-150300.22.16.1.x86_64.rpm libbind9-1600-9.16.6-150300.22.16.1.x86_64.rpm libdns1605-9.16.6-150300.22.16.1.x86_64.rpm libirs-devel-9.16.6-150300.22.16.1.x86_64.rpm libirs1601-9.16.6-150300.22.16.1.x86_64.rpm libisc1606-9.16.6-150300.22.16.1.x86_64.rpm libisccc1600-9.16.6-150300.22.16.1.x86_64.rpm libisccfg1600-9.16.6-150300.22.16.1.x86_64.rpm libns1604-9.16.6-150300.22.16.1.x86_64.rpm bind-chrootenv-9.16.6-150300.22.16.1.s390x.rpm bind-devel-9.16.6-150300.22.16.1.s390x.rpm libbind9-1600-9.16.6-150300.22.16.1.s390x.rpm libdns1605-9.16.6-150300.22.16.1.s390x.rpm libirs-devel-9.16.6-150300.22.16.1.s390x.rpm libirs1601-9.16.6-150300.22.16.1.s390x.rpm libisc1606-9.16.6-150300.22.16.1.s390x.rpm libisccc1600-9.16.6-150300.22.16.1.s390x.rpm libisccfg1600-9.16.6-150300.22.16.1.s390x.rpm libns1604-9.16.6-150300.22.16.1.s390x.rpm bind-chrootenv-9.16.6-150300.22.16.1.ppc64le.rpm bind-devel-9.16.6-150300.22.16.1.ppc64le.rpm libbind9-1600-9.16.6-150300.22.16.1.ppc64le.rpm libdns1605-9.16.6-150300.22.16.1.ppc64le.rpm libirs-devel-9.16.6-150300.22.16.1.ppc64le.rpm libirs1601-9.16.6-150300.22.16.1.ppc64le.rpm libisc1606-9.16.6-150300.22.16.1.ppc64le.rpm libisccc1600-9.16.6-150300.22.16.1.ppc64le.rpm libisccfg1600-9.16.6-150300.22.16.1.ppc64le.rpm libns1604-9.16.6-150300.22.16.1.ppc64le.rpm bind-chrootenv-9.16.6-150300.22.16.1.aarch64.rpm bind-devel-9.16.6-150300.22.16.1.aarch64.rpm libbind9-1600-9.16.6-150300.22.16.1.aarch64.rpm libdns1605-9.16.6-150300.22.16.1.aarch64.rpm libirs-devel-9.16.6-150300.22.16.1.aarch64.rpm libirs1601-9.16.6-150300.22.16.1.aarch64.rpm libisc1606-9.16.6-150300.22.16.1.aarch64.rpm libisccc1600-9.16.6-150300.22.16.1.aarch64.rpm libisccfg1600-9.16.6-150300.22.16.1.aarch64.rpm libns1604-9.16.6-150300.22.16.1.aarch64.rpm openSUSE-SLE-15.4-2022-946 important SUSE Updates openSUSE-SLE 15.4 This update for bind fixes the following issues: - CVE-2021-25220: Fixed a DNS cache poisoning vulnerability due to loose caching rules (bsc#1197135). bind-9.16.6-150000.12.60.1.src.rpm bind-devel-32bit-9.16.6-150000.12.60.1.x86_64.rpm libbind9-1600-32bit-9.16.6-150000.12.60.1.x86_64.rpm libdns1605-32bit-9.16.6-150000.12.60.1.x86_64.rpm libirs1601-32bit-9.16.6-150000.12.60.1.x86_64.rpm libisc1606-32bit-9.16.6-150000.12.60.1.x86_64.rpm libisccc1600-32bit-9.16.6-150000.12.60.1.x86_64.rpm libisccfg1600-32bit-9.16.6-150000.12.60.1.x86_64.rpm libns1604-32bit-9.16.6-150000.12.60.1.x86_64.rpm openSUSE-SLE-15.4-2022-1027 important SUSE Updates openSUSE-SLE 15.4 This update for java-1_8_0-ibm fixes the following issues: Update Java 8.0 to Service Refresh 7 Fix Pack 5 (bsc#1197126). Including fixes for the following vulnerabilities: CVE-2022-21366, CVE-2022-21365, CVE-2022-21360, CVE-2022-21349, CVE-2022-21341, CVE-2022-21340, CVE-2022-21305, CVE-2022-21277, CVE-2022-21299, CVE-2022-21296, CVE-2022-21282, CVE-2022-21294, CVE-2022-21293, CVE-2022-21291, CVE-2022-21283, CVE-2022-21248, CVE-2022-21271. Non-securtiy fix: - Fixed a broken symlink for javaws (bsc#1195146). java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.nosrc.rpm java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64.rpm java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64.rpm java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64.rpm java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64.rpm java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64.rpm java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64.rpm java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64.rpm java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64.rpm java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x.rpm java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x.rpm java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x.rpm java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x.rpm java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le.rpm java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le.rpm java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le.rpm java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le.rpm openSUSE-SLE-15.4-2022-1097 moderate SUSE Updates openSUSE-SLE 15.4 This update for xorg-x11-server fixes the following issues: - sync pci ids with Mesa 20.2.4 (bsc#1197046) - sync GL driver PCI IDs with Mesa. (bsc#1197045) - avoid consequently failing page flip. (bsc#1197269) xorg-x11-server-1.20.3-150200.22.5.52.1.src.rpm xorg-x11-server-wayland-1.20.3-150200.22.5.52.1.x86_64.rpm xorg-x11-server-wayland-1.20.3-150200.22.5.52.1.s390x.rpm xorg-x11-server-wayland-1.20.3-150200.22.5.52.1.ppc64le.rpm xorg-x11-server-wayland-1.20.3-150200.22.5.52.1.aarch64.rpm openSUSE-SLE-15.4-2022-1118 moderate SUSE Updates openSUSE-SLE 15.4 This update for timezone fixes the following issues: - timezone update 2022a (bsc#1177460): * Palestine will spring forward on 2022-03-27, not on 03-26 * `zdump -v` now outputs better failure indications * Bug fixes for code that reads corrupted TZif data timezone-2022a-150000.75.7.1.src.rpm timezone-2022a-150000.75.7.1.x86_64.rpm timezone-java-2022a-150000.75.7.1.noarch.rpm timezone-java-2022a-150000.75.7.1.src.rpm timezone-2022a-150000.75.7.1.s390x.rpm timezone-2022a-150000.75.7.1.ppc64le.rpm timezone-2022a-150000.75.7.1.aarch64.rpm openSUSE-SLE-15.4-2022-919 low SUSE Updates openSUSE-SLE 15.4 This is a relogin-suggested test update for SUSE:SLE-15-SP4:Update update-test-relogin-suggested-5.1-150200.35.1.x86_64.rpm True update-test-relogin-suggested-5.1-150200.35.1.s390x.rpm True update-test-relogin-suggested-5.1-150200.35.1.ppc64le.rpm True update-test-relogin-suggested-5.1-150200.35.1.aarch64.rpm True openSUSE-SLE-15.4-2022-920 low SUSE Updates openSUSE-SLE 15.4 This is a affects-package-manager test update for SUSE:SLE-15-SP4:Update update-test-affects-package-manager-5.1-150200.35.1.x86_64.rpm True update-test-affects-package-manager-5.1-150200.35.1.s390x.rpm True update-test-affects-package-manager-5.1-150200.35.1.ppc64le.rpm True update-test-affects-package-manager-5.1-150200.35.1.aarch64.rpm True openSUSE-SLE-15.4-2022-921 low SUSE Updates openSUSE-SLE 15.4 This is a retracted test update for SUSE:SLE-15-SP4:Update update-test-retracted-5.1-150200.35.1.x86_64.rpm update-test-retracted-5.1-150200.35.1.s390x.rpm update-test-retracted-5.1-150200.35.1.ppc64le.rpm update-test-retracted-5.1-150200.35.1.aarch64.rpm openSUSE-SLE-15.4-2022-922 low SUSE Updates openSUSE-SLE 15.4 This is a optional test update for SUSE:SLE-15-SP4:Update update-test-optional-5.1-150200.35.1.x86_64.rpm update-test-optional-5.1-150200.35.1.s390x.rpm update-test-optional-5.1-150200.35.1.ppc64le.rpm update-test-optional-5.1-150200.35.1.aarch64.rpm openSUSE-SLE-15.4-2022-923 important SUSE Updates openSUSE-SLE 15.4 This is a security test update for SUSE:SLE-15-SP4:Update update-test-security-5.1-150200.35.1.x86_64.rpm update-test-security-5.1-150200.35.1.s390x.rpm update-test-security-5.1-150200.35.1.ppc64le.rpm update-test-security-5.1-150200.35.1.aarch64.rpm openSUSE-SLE-15.4-2022-924 low SUSE Updates openSUSE-SLE 15.4 This is a trivial test update for SUSE:SLE-15-SP4:Update update-test-trivial-5.1-150200.35.1.src.rpm update-test-trivial-5.1-150200.35.1.x86_64.rpm update-test-trivial-5.1-150200.35.1.s390x.rpm update-test-trivial-5.1-150200.35.1.ppc64le.rpm update-test-trivial-5.1-150200.35.1.aarch64.rpm openSUSE-SLE-15.4-2022-925 low SUSE Updates openSUSE-SLE 15.4 This is a feature test update for SUSE:SLE-15-SP4:Update update-test-feature-5.1-150200.35.1.x86_64.rpm update-test-feature-5.1-150200.35.1.s390x.rpm update-test-feature-5.1-150200.35.1.ppc64le.rpm update-test-feature-5.1-150200.35.1.aarch64.rpm openSUSE-SLE-15.4-2022-926 low SUSE Updates openSUSE-SLE 15.4 This is a reboot-needed test update for SUSE:SLE-15-SP4:Update update-test-reboot-needed-5.1-150200.35.1.x86_64.rpm True update-test-reboot-needed-5.1-150200.35.1.s390x.rpm True update-test-reboot-needed-5.1-150200.35.1.ppc64le.rpm True update-test-reboot-needed-5.1-150200.35.1.aarch64.rpm True openSUSE-SLE-15.4-2022-927 low SUSE Updates openSUSE-SLE 15.4 This is a interactive test update for SUSE:SLE-15-SP4:Update Is this message visible? update-test-interactive-5.1-150200.35.1.x86_64.rpm update-test-interactive-5.1-150200.35.1.s390x.rpm update-test-interactive-5.1-150200.35.1.ppc64le.rpm update-test-interactive-5.1-150200.35.1.aarch64.rpm openSUSE-SLE-15.4-2022-1281 moderate SUSE Updates openSUSE-SLE 15.4 This update for libtirpc fixes the following issues: - Add option to enforce connection via protocol version 2 first (bsc#1196647) libtirpc-1.2.6-150300.3.3.1.src.rpm libtirpc-devel-1.2.6-150300.3.3.1.x86_64.rpm libtirpc-netconfig-1.2.6-150300.3.3.1.x86_64.rpm libtirpc3-1.2.6-150300.3.3.1.x86_64.rpm libtirpc3-32bit-1.2.6-150300.3.3.1.x86_64.rpm libtirpc-devel-1.2.6-150300.3.3.1.s390x.rpm libtirpc-netconfig-1.2.6-150300.3.3.1.s390x.rpm libtirpc3-1.2.6-150300.3.3.1.s390x.rpm libtirpc-devel-1.2.6-150300.3.3.1.ppc64le.rpm libtirpc-netconfig-1.2.6-150300.3.3.1.ppc64le.rpm libtirpc3-1.2.6-150300.3.3.1.ppc64le.rpm libtirpc-devel-1.2.6-150300.3.3.1.aarch64.rpm libtirpc-netconfig-1.2.6-150300.3.3.1.aarch64.rpm libtirpc3-1.2.6-150300.3.3.1.aarch64.rpm openSUSE-SLE-15.4-2022-1155 moderate SUSE Updates openSUSE-SLE 15.4 This update for fence-agents fixes the following issues: - Give users the options to timeout while waiting for pending resets and allows them to run a follow command if the reset fails (bsc#1196350) fence-agents-4.9.0+git.1624456340.8d746be9-150300.3.8.1.src.rpm fence-agents-4.9.0+git.1624456340.8d746be9-150300.3.8.1.x86_64.rpm fence-agents-amt_ws-4.9.0+git.1624456340.8d746be9-150300.3.8.1.x86_64.rpm fence-agents-devel-4.9.0+git.1624456340.8d746be9-150300.3.8.1.x86_64.rpm fence-agents-4.9.0+git.1624456340.8d746be9-150300.3.8.1.s390x.rpm fence-agents-amt_ws-4.9.0+git.1624456340.8d746be9-150300.3.8.1.s390x.rpm fence-agents-devel-4.9.0+git.1624456340.8d746be9-150300.3.8.1.s390x.rpm fence-agents-4.9.0+git.1624456340.8d746be9-150300.3.8.1.ppc64le.rpm fence-agents-amt_ws-4.9.0+git.1624456340.8d746be9-150300.3.8.1.ppc64le.rpm fence-agents-devel-4.9.0+git.1624456340.8d746be9-150300.3.8.1.ppc64le.rpm fence-agents-4.9.0+git.1624456340.8d746be9-150300.3.8.1.aarch64.rpm fence-agents-amt_ws-4.9.0+git.1624456340.8d746be9-150300.3.8.1.aarch64.rpm fence-agents-devel-4.9.0+git.1624456340.8d746be9-150300.3.8.1.aarch64.rpm openSUSE-SLE-15.4-2022-1150 moderate SUSE Updates openSUSE-SLE 15.4 This update for suse-build-key fixes the following issues: No longer install 1024bit keys by default. (bsc#1197293) - The SLE11 key has been moved to documentation directory, and is obsoleted / removed by the package. - The old PTF (pre March 2022) key moved to documentation directory. suse-build-key-12.0-150000.8.22.1.noarch.rpm suse-build-key-12.0-150000.8.22.1.src.rpm openSUSE-SLE-15.4-2022-1029 important SUSE Updates openSUSE-SLE 15.4 This update for openvpn fixes the following issues: - CVE-2022-0547: Fixed possible authentication bypass in external authentication plug-in (bsc#1197341). openvpn-2.4.3-150000.5.10.1.aarch64.rpm openvpn-2.4.3-150000.5.10.1.src.rpm openvpn-auth-pam-plugin-2.4.3-150000.5.10.1.aarch64.rpm openvpn-devel-2.4.3-150000.5.10.1.aarch64.rpm openvpn-down-root-plugin-2.4.3-150000.5.10.1.aarch64.rpm openSUSE-SLE-15.4-2022-1061 important SUSE Updates openSUSE-SLE 15.4 This update for zlib fixes the following issues: - CVE-2018-25032: Fixed memory corruption on deflate (bsc#1197459). libminizip1-1.2.11-150000.3.30.1.x86_64.rpm libminizip1-32bit-1.2.11-150000.3.30.1.x86_64.rpm libz1-1.2.11-150000.3.30.1.x86_64.rpm libz1-32bit-1.2.11-150000.3.30.1.x86_64.rpm minizip-devel-1.2.11-150000.3.30.1.x86_64.rpm zlib-1.2.11-150000.3.30.1.src.rpm zlib-devel-1.2.11-150000.3.30.1.x86_64.rpm zlib-devel-32bit-1.2.11-150000.3.30.1.x86_64.rpm zlib-devel-static-1.2.11-150000.3.30.1.x86_64.rpm zlib-devel-static-32bit-1.2.11-150000.3.30.1.x86_64.rpm libminizip1-1.2.11-150000.3.30.1.s390x.rpm libz1-1.2.11-150000.3.30.1.s390x.rpm minizip-devel-1.2.11-150000.3.30.1.s390x.rpm zlib-devel-1.2.11-150000.3.30.1.s390x.rpm zlib-devel-static-1.2.11-150000.3.30.1.s390x.rpm libminizip1-1.2.11-150000.3.30.1.ppc64le.rpm libz1-1.2.11-150000.3.30.1.ppc64le.rpm minizip-devel-1.2.11-150000.3.30.1.ppc64le.rpm zlib-devel-1.2.11-150000.3.30.1.ppc64le.rpm zlib-devel-static-1.2.11-150000.3.30.1.ppc64le.rpm libminizip1-1.2.11-150000.3.30.1.aarch64.rpm libz1-1.2.11-150000.3.30.1.aarch64.rpm minizip-devel-1.2.11-150000.3.30.1.aarch64.rpm zlib-devel-1.2.11-150000.3.30.1.aarch64.rpm zlib-devel-static-1.2.11-150000.3.30.1.aarch64.rpm openSUSE-SLE-15.4-2022-1092 critical SUSE Updates openSUSE-SLE 15.4 This update for cloud-regionsrv-client fixes the following issues: - Update to version 10.0.2 + Fix name of logfile in error message + Fix variable scoping to properly detect registration error + Cleanup any artifacts on registration failure + Fix latent bug with /etc/hosts population + Do not throw error when attemting to unregister a system that is not registered + Skip extension registration if the extension is recommended by the baseproduct as it gets automatically installed - Update to version 10.0.1 (bsc#1197113) + Provide status feedback on registration, success or failure + Log warning message if data provider is configured but no data can be retrieved - Update -addon-azure to 1.0.3 follow up fix for (bsc#1195414, bsc#1195564) + The repo enablement timer cannot depend on 'guestregister.service' cloud-regionsrv-client-10.0.2-150000.6.65.1.noarch.rpm cloud-regionsrv-client-10.0.2-150000.6.65.1.src.rpm cloud-regionsrv-client-addon-azure-1.0.3-150000.6.65.1.noarch.rpm cloud-regionsrv-client-generic-config-1.0.0-150000.6.65.1.noarch.rpm cloud-regionsrv-client-plugin-azure-2.0.0-150000.6.65.1.noarch.rpm cloud-regionsrv-client-plugin-ec2-1.0.2-150000.6.65.1.noarch.rpm cloud-regionsrv-client-plugin-gce-1.0.0-150000.6.65.1.noarch.rpm openSUSE-SLE-15.4-2022-1170 moderate SUSE Updates openSUSE-SLE 15.4 This update for systemd fixes the following issues: - Fix the default target when it's been incorrectly set to one of the runlevel targets (bsc#1196567) - When migrating from sysvinit to systemd (it probably won't happen anymore), let's use the default systemd target, which is the graphical.target one. - Don't open /var journals in volatile mode when runtime_journal==NULL - udev: 60-persistent-storage-tape.rules: handle duplicate device ID (bsc#1195529) - man: tweak description of auto/noauto (bsc#1191502) - shared/install: ignore failures for auxiliary files - install: make UnitFileChangeType enum anonymous - shared/install: reduce scope of iterator variables - systemd-coredump: allow setting external core size to infinity (bsc#1195899 jsc#SLE-23867) - Update s390 udev rules conversion script to include the case when the legacy rule was also 41-* (bsc#1195247) - Drop or soften some of the deprecation warnings (bsc#1193086) libudev-devel-246.16-150300.7.42.1.x86_64.rpm True libudev-devel-32bit-246.16-150300.7.42.1.x86_64.rpm True nss-mymachines-246.16-150300.7.42.1.x86_64.rpm True nss-mymachines-32bit-246.16-150300.7.42.1.x86_64.rpm True nss-resolve-246.16-150300.7.42.1.x86_64.rpm True systemd-246.16-150300.7.42.1.src.rpm True systemd-logger-246.16-150300.7.42.1.x86_64.rpm True libudev-devel-246.16-150300.7.42.1.s390x.rpm True nss-mymachines-246.16-150300.7.42.1.s390x.rpm True nss-resolve-246.16-150300.7.42.1.s390x.rpm True systemd-logger-246.16-150300.7.42.1.s390x.rpm True libudev-devel-246.16-150300.7.42.1.ppc64le.rpm True nss-mymachines-246.16-150300.7.42.1.ppc64le.rpm True nss-resolve-246.16-150300.7.42.1.ppc64le.rpm True systemd-logger-246.16-150300.7.42.1.ppc64le.rpm True libudev-devel-246.16-150300.7.42.1.aarch64.rpm True nss-mymachines-246.16-150300.7.42.1.aarch64.rpm True nss-resolve-246.16-150300.7.42.1.aarch64.rpm True systemd-logger-246.16-150300.7.42.1.aarch64.rpm True openSUSE-SLE-15.4-2022-1204 moderate SUSE Updates openSUSE-SLE 15.4 This update for hwdata fixes the following issues: - Updated pci, usb and vendor ids (bsc#1196332) hwdata-0.357-150000.3.42.1.noarch.rpm hwdata-0.357-150000.3.42.1.src.rpm openSUSE-SLE-15.4-2022-1145 moderate SUSE Updates openSUSE-SLE 15.4 This update for tcmu-runner fixes the following issues: - fix g_object_unref: assertion 'G_IS_OBJECT (object)' failed. (bsc#1196787) libtcmu2-1.5.2-150200.2.7.1.aarch64.rpm tcmu-runner-1.5.2-150200.2.7.1.aarch64.rpm tcmu-runner-1.5.2-150200.2.7.1.src.rpm tcmu-runner-handler-rbd-1.5.2-150200.2.7.1.aarch64.rpm openSUSE-SLE-15.4-2022-1146 moderate SUSE Updates openSUSE-SLE 15.4 This update for reload4j fixes the following issues: This update provides reload4j 1.2.19, a upstream supported drop-in replace of log4j 1.2.x, which is declared EOL upstream. Additional changes: - Some projects using log4j12 expect the org.apache.log4j.MDC class to have internal boolean variable java1. We add it there just to avoid runtime incompatibilities as a log4j12 drop-in replacement. - Add Provides and Obsoletes to the javadoc package in order to transition smoothly out of log4j12-javadoc and log4j12-manual reload4j-1.2.19-150200.5.3.1.noarch.rpm reload4j-1.2.19-150200.5.3.1.src.rpm reload4j-javadoc-1.2.19-150200.5.3.1.noarch.rpm openSUSE-SLE-15.4-2022-1148 important SUSE Updates openSUSE-SLE 15.4 This update for libexif fixes the following issues: - CVE-2020-0181: Fixed an integer overflow that could lead to denial of service (bsc#1172802). - CVE-2020-0198: Fixed and unsigned integer overflow that could lead to denial of service (bsc#1172768). - CVE-2020-0452: Fixed a buffer overflow check that could be optimized away by the compiler (bsc#1178479). libexif-0.6.22-150000.5.9.1.src.rpm libexif-devel-0.6.22-150000.5.9.1.x86_64.rpm libexif-devel-32bit-0.6.22-150000.5.9.1.x86_64.rpm libexif12-0.6.22-150000.5.9.1.x86_64.rpm libexif12-32bit-0.6.22-150000.5.9.1.x86_64.rpm libexif-devel-0.6.22-150000.5.9.1.s390x.rpm libexif12-0.6.22-150000.5.9.1.s390x.rpm libexif-devel-0.6.22-150000.5.9.1.ppc64le.rpm libexif12-0.6.22-150000.5.9.1.ppc64le.rpm libexif-devel-0.6.22-150000.5.9.1.aarch64.rpm libexif12-0.6.22-150000.5.9.1.aarch64.rpm openSUSE-SLE-15.4-2022-1126 moderate SUSE Updates openSUSE-SLE 15.4 This update for nfs-utils fixes the following issues: - Ensure `sloppy` is added correctly for newer kernels. (bsc#1197297) * This is required for kernels since 5.6 (like in SUSE Linux Enterprise 15 SP4), and it's safe for all kernels. - Fix the source build with new `glibc` like in SUSE Linux Enterprise 15 SP4. (bsc#1197788) nfs-client-2.1.1-150100.10.24.1.x86_64.rpm nfs-doc-2.1.1-150100.10.24.1.x86_64.rpm nfs-kernel-server-2.1.1-150100.10.24.1.x86_64.rpm nfs-utils-2.1.1-150100.10.24.1.src.rpm nfs-client-2.1.1-150100.10.24.1.s390x.rpm nfs-doc-2.1.1-150100.10.24.1.s390x.rpm nfs-kernel-server-2.1.1-150100.10.24.1.s390x.rpm nfs-client-2.1.1-150100.10.24.1.ppc64le.rpm nfs-doc-2.1.1-150100.10.24.1.ppc64le.rpm nfs-kernel-server-2.1.1-150100.10.24.1.ppc64le.rpm nfs-client-2.1.1-150100.10.24.1.aarch64.rpm nfs-doc-2.1.1-150100.10.24.1.aarch64.rpm nfs-kernel-server-2.1.1-150100.10.24.1.aarch64.rpm openSUSE-SLE-15.4-2022-1124 low SUSE Updates openSUSE-SLE 15.4 This update for compat-libpthread-nonshared fixes the following issues: - Also build s390x version (bsc#1197272) compat-libpthread-nonshared-0-150300.3.6.1.src.rpm compat-libpthread-nonshared-0-150300.3.6.1.x86_64.rpm compat-libpthread-nonshared-32bit-0-150300.3.6.1.x86_64.rpm openSUSE-SLE-15.4-2022-1252 important SUSE Updates openSUSE-SLE 15.4 This update for openjpeg2 fixes the following issues: - CVE-2018-5727: Fixed integer overflow vulnerability in theopj_t1_encode_cblks function (bsc#1076314). - CVE-2018-5785: Fixed integer overflow caused by an out-of-bounds leftshift in the opj_j2k_setup_encoder function (bsc#1076967). - CVE-2018-6616: Fixed excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c (bsc#1079845). - CVE-2018-14423: Fixed division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl,and pi_next_rpcl in lib/openjp3d/pi.c (bsc#1102016). - CVE-2018-16375: Fixed missing checks for header_info.height and header_info.width in the function pnmtoimage in bin/jpwl/convert.c (bsc#1106882). - CVE-2018-16376: Fixed heap-based buffer overflow function t2_encode_packet in lib/openmj2/t2.c (bsc#1106881). - CVE-2018-20845: Fixed division-by-zero in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in openmj2/pi.ci (bsc#1140130). - CVE-2020-6851: Fixed heap-based buffer overflow in opj_t1_clbl_decode_processor (bsc#1160782). - CVE-2020-8112: Fixed heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c (bsc#1162090). - CVE-2020-15389: Fixed use-after-free if t a mix of valid and invalid files in a directory operated on by the decompressor (bsc#1173578). - CVE-2020-27823: Fixed heap buffer over-write in opj_tcd_dc_level_shift_encode() (bsc#1180457). - CVE-2021-29338: Fixed integer overflow that allows remote attackers to crash the application (bsc#1184774). - CVE-2022-1122: Fixed segmentation fault in opj2_decompress due to uninitialized pointer (bsc#1197738). libopenjp2-7-2.3.0-150000.3.5.1.x86_64.rpm libopenjp2-7-32bit-2.3.0-150000.3.5.1.x86_64.rpm openjpeg2-2.3.0-150000.3.5.1.src.rpm openjpeg2-2.3.0-150000.3.5.1.x86_64.rpm openjpeg2-devel-2.3.0-150000.3.5.1.x86_64.rpm libopenjp2-7-2.3.0-150000.3.5.1.s390x.rpm openjpeg2-2.3.0-150000.3.5.1.s390x.rpm openjpeg2-devel-2.3.0-150000.3.5.1.s390x.rpm libopenjp2-7-2.3.0-150000.3.5.1.ppc64le.rpm openjpeg2-2.3.0-150000.3.5.1.ppc64le.rpm openjpeg2-devel-2.3.0-150000.3.5.1.ppc64le.rpm libopenjp2-7-2.3.0-150000.3.5.1.aarch64.rpm openjpeg2-2.3.0-150000.3.5.1.aarch64.rpm openjpeg2-devel-2.3.0-150000.3.5.1.aarch64.rpm openSUSE-SLE-15.4-2022-1190 important SUSE Updates openSUSE-SLE 15.4 This update for cloud-init contains the following fixes: - Update to version 21.4 (bsc#1192343, jsc#PM-3181) + Also include VMWare functionality for (jsc#PM-3175) + Remove patches included upstream. + Forward port fixes. + Fix for VMware Test, system dependend, not properly mocked previously. + Azure: fallback nic needs to be reevaluated during reprovisioning (#1094) [Anh Vo] + azure: pps imds (#1093) [Anh Vo] + testing: Remove calls to 'install_new_cloud_init' (#1092) + Add LXD datasource (#1040) + Fix unhandled apt_configure case. (#1065) [Brett Holman] + Allow libexec for hotplug (#1088) + Add necessary mocks to test_ovf unit tests (#1087) + Remove (deprecated) apt-key (#1068) [Brett Holman] (LP: #1836336) + distros: Remove a completed "TODO" comment (#1086) + cc_ssh.py: Add configuration for controlling ssh-keygen output (#1083) [dermotbradley] + Add "install hotplug" module (SC-476) (#1069) (LP: #1946003) + hosts.alpine.tmpl: rearrange the order of short and long hostnames (#1084) [dermotbradley] + Add max version to docutils + cloudinit/dmi.py: Change warning to debug to prevent console display (#1082) [dermotbradley] + remove unnecessary EOF string in disable-sshd-keygen-if-cloud-init-active.conf (#1075) [Emanuele Giuseppe Esposito] + Add module 'write-files-deferred' executed in stage 'final' (#916) [Lucendio] + Bump pycloudlib to fix CI (#1080) + Remove pin in dependencies for jsonschema (#1078) + Add "Google" as possible system-product-name (#1077) [vteratipally] + Update Debian security suite for bullseye (#1076) [Johann Queuniet] + Leave the details of service management to the distro (#1074) [Andy Fiddaman] + Fix typos in setup.py (#1059) [Christian Clauss] + Update Azure _unpickle (SC-500) (#1067) (LP: #1946644) + cc_ssh.py: fix private key group owner and permissions (#1070) [Emanuele Giuseppe Esposito] + VMware: read network-config from ISO (#1066) [Thomas Weißschuh] + testing: mock sleep in gce unit tests (#1072) + CloudStack: fix data-server DNS resolution (#1004) [Olivier Lemasle] (LP: #1942232) + Fix unit test broken by pyyaml upgrade (#1071) + testing: add get_cloud function (SC-461) (#1038) + Inhibit sshd-keygen@.service if cloud-init is active (#1028) [Ryan Harper] + VMWARE: search the deployPkg plugin in multiarch dir (#1061) [xiaofengw-vmware] (LP: #1944946) + Fix set-name/interface DNS bug (#1058) [Andrew Kutz] (LP: #1946493) + Use specified tmp location for growpart (#1046) [jshen28] + .gitignore: ignore tags file for ctags users (#1057) [Brett Holman] + Allow comments in runcmd and report failed commands correctly (#1049) [Brett Holman] (LP: #1853146) + tox integration: pass the *_proxy, GOOGLE_*, GCP_* env vars (#1050) [Paride Legovini] + Allow disabling of network activation (SC-307) (#1048) (LP: #1938299) + renderer: convert relative imports to absolute (#1052) [Paride Legovini] + Support ETHx_IP6_GATEWAY, SET_HOSTNAME on OpenNebula (#1045) [Vlastimil Holer] + integration-requirements: bump the pycloudlib commit (#1047) [Paride Legovini] + Allow Vultr to set MTU and use as-is configs (#1037) [eb3095] + pin jsonschema in requirements.txt (#1043) + testing: remove cloud_tests (#1020) + Add andgein as contributor (#1042) [Andrew Gein] + Make wording for module frequency consistent (#1039) [Nicolas Bock] + Use ascii code for growpart (#1036) [jshen28] + Add jshen28 as contributor (#1035) [jshen28] + Skip test_cache_purged_on_version_change on Azure (#1033) + Remove invalid ssh_import_id from examples (#1031) + Cleanup Vultr support (#987) [eb3095] + docs: update cc_disk_setup for fs to raw disk (#1017) + HACKING.rst: change contact info to James Falcon (#1030) + tox: bump the pinned flake8 and pylint version (#1029) [Paride Legovini] (LP: #1944414) + Add retries to DataSourceGCE.py when connecting to GCE (#1005) [vteratipally] + Set Azure to apply networking config every BOOT (#1023) + Add connectivity_url to Oracle's EphemeralDHCPv4 (#988) (LP: #1939603) + docs: fix typo and include sudo for report bugs commands (#1022) [Renan Rodrigo] (LP: #1940236) + VMware: Fix typo introduced in #947 and add test (#1019) [PengpengSun] + Update IPv6 entries in /etc/hosts (#1021) [Richard Hansen] (LP: #1943798) + Integration test upgrades for the 21.3-1 SRU (#1001) + Add Jille to tools/.github-cla-signers (#1016) [Jille Timmermans] + Improve ug_util.py (#1013) [Shreenidhi Shedi] + Support openEuler OS (#1012) [zhuzaifangxuele] + ssh_utils.py: ignore when sshd_config options are not key/value pairs (#1007) [Emanuele Giuseppe Esposito] + Set Azure to only update metadata on BOOT_NEW_INSTANCE (#1006) + cc_update_etc_hosts: Use the distribution-defined path for the hosts file (#983) [Andy Fiddaman] + Add CloudLinux OS support (#1003) [Alexandr Kravchenko] + puppet config: add the start_agent option (#1002) [Andrew Bogott] + Fix `make style-check` errors (#1000) [Shreenidhi Shedi] + Make cloud-id copyright year (#991) [Andrii Podanenko] + Add support to accept-ra in networkd renderer (#999) [Shreenidhi Shedi] + Update ds-identify to pass shellcheck (#979) [Andrew Kutz] + Azure: Retry dhcp on timeouts when polling reprovisiondata (#998) [aswinrajamannar] + testing: Fix ssh keys integration test (#992) - From 21.3 + Azure: During primary nic detection, check interface status continuously before rebinding again (#990) [aswinrajamannar] + Fix home permissions modified by ssh module (SC-338) (#984) (LP: #1940233) + Add integration test for sensitive jinja substitution (#986) + Ignore hotplug socket when collecting logs (#985) (LP: #1940235) + testing: Add missing mocks to test_vmware.py (#982) + add Zadara Edge Cloud Platform to the supported clouds list (#963) [sarahwzadara] + testing: skip upgrade tests on LXD VMs (#980) + Only invoke hotplug socket when functionality is enabled (#952) + Revert unnecesary lcase in ds-identify (#978) [Andrew Kutz] + cc_resolv_conf: fix typos (#969) [Shreenidhi Shedi] + Replace broken httpretty tests with mock (SC-324) (#973) + Azure: Check if interface is up after sleep when trying to bring it up (#972) [aswinrajamannar] + Update dscheck_VMware's rpctool check (#970) [Shreenidhi Shedi] + Azure: Logging the detected interfaces (#968) [Moustafa Moustafa] + Change netifaces dependency to 0.10.4 (#965) [Andrew Kutz] + Azure: Limit polling network metadata on connection errors (#961) [aswinrajamannar] + Update inconsistent indentation (#962) [Andrew Kutz] + cc_puppet: support AIO installations and more (#960) [Gabriel Nagy] + Add Puppet contributors to CLA signers (#964) [Noah Fontes] + Datasource for VMware (#953) [Andrew Kutz] + photon: refactor hostname handling and add networkd activator (#958) [sshedi] + Stop copying ssh system keys and check folder permissions (#956) [Emanuele Giuseppe Esposito] + testing: port remaining cloud tests to integration testing framework (SC-191) (#955) + generate contents for ovf-env.xml when provisioning via IMDS (#959) [Anh Vo] + Add support for EuroLinux 7 && EuroLinux 8 (#957) [Aleksander Baranowski] + Implementing device_aliases as described in docs (#945) [Mal Graty] (LP: #1867532) + testing: fix test_ssh_import_id.py (#954) + Add ability to manage fallback network config on PhotonOS (#941) [sshedi] + Add VZLinux support (#951) [eb3095] + VMware: add network-config support in ovf-env.xml (#947) [PengpengSun] + Update pylint to v2.9.3 and fix the new issues it spots (#946) [Paride Legovini] + Azure: mount default provisioning iso before try device listing (#870) [Anh Vo] + Document known hotplug limitations (#950) + Initial hotplug support (#936) + Fix MIME policy failure on python version upgrade (#934) + run-container: fixup the centos repos baseurls when using http_proxy (#944) [Paride Legovini] + tools: add support for building rpms on rocky linux (#940) + ssh-util: allow cloudinit to merge all ssh keys into a custom user file, defined in AuthorizedKeysFile (#937) [Emanuele Giuseppe Esposito] (LP: #1911680) + VMware: new "allow_raw_data" switch (#939) [xiaofengw-vmware] + bump pycloudlib version (#935) + add renanrodrigo as a contributor (#938) [Renan Rodrigo] + testing: simplify test_upgrade.py (#932) + freebsd/net_v1 format: read MTU from root (#930) [Gonéri Le Bouder] + Add new network activators to bring up interfaces (#919) + Detect a Python version change and clear the cache (#857) [Robert Schweikert] + cloud_tests: fix the Impish release name (#931) [Paride Legovini] + Removed distro specific network code from Photon (#929) [sshedi] + Add support for VMware PhotonOS (#909) [sshedi] + cloud_tests: add impish release definition (#927) [Paride Legovini] + docs: fix stale links rename master branch to main (#926) + Fix DNS in NetworkState (SC-133) (#923) + tests: Add 'adhoc' mark for integration tests (#925) + Fix the spelling of "DigitalOcean" (#924) [Mark Mercado] + Small Doc Update for ReportEventStack and Test (#920) [Mike Russell] + Replace deprecated collections.Iterable with abc replacement (#922) (LP: #1932048) + testing: OCI availability domain is now required (SC-59) (#910) + add DragonFlyBSD support (#904) [Gonéri Le Bouder] + Use instance-data-sensitive.json in jinja templates (SC-117) (#917) (LP: #1931392) + doc: Update NoCloud docs stating required files (#918) (LP: #1931577) + build-on-netbsd: don't pin a specific py3 version (#913) [Gonéri Le Bouder] + Create the log file with 640 permissions (#858) [Robert Schweikert] + Allow braces to appear in dhclient output (#911) [eb3095] + Docs: Replace all freenode references with libera (#912) + openbsd/net: flush the route table on net restart (#908) [Gonéri Le Bouder] + Add Rocky Linux support to cloud-init (#906) [Louis Abel] + Add "esposem" as contributor (#907) [Emanuele Giuseppe Esposito] + Add integration test for #868 (#901) + Added support for importing keys via primary/security mirror clauses (#882) [Paul Goins] (LP: #1925395) + [examples] config-user-groups expire in the future (#902) [Geert Stappers] + BSD: static network, set the mtu (#894) [Gonéri Le Bouder] + Add integration test for lp-1920939 (#891) + Fix unit tests breaking from new httpretty version (#903) + Allow user control over update events (#834) + Update test characters in substitution unit test (#893) + cc_disk_setup.py: remove UDEVADM_CMD definition as not used (#886) [dermotbradley] + Add AlmaLinux OS support (#872) [Andrew Lukoshko] + Still need to consider the "network" configuration option cloud-init-21.4-150100.8.58.1.src.rpm cloud-init-21.4-150100.8.58.1.x86_64.rpm cloud-init-config-suse-21.4-150100.8.58.1.x86_64.rpm cloud-init-doc-21.4-150100.8.58.1.x86_64.rpm cloud-init-21.4-150100.8.58.1.s390x.rpm cloud-init-config-suse-21.4-150100.8.58.1.s390x.rpm cloud-init-doc-21.4-150100.8.58.1.s390x.rpm cloud-init-21.4-150100.8.58.1.ppc64le.rpm cloud-init-config-suse-21.4-150100.8.58.1.ppc64le.rpm cloud-init-doc-21.4-150100.8.58.1.ppc64le.rpm cloud-init-21.4-150100.8.58.1.aarch64.rpm cloud-init-config-suse-21.4-150100.8.58.1.aarch64.rpm cloud-init-doc-21.4-150100.8.58.1.aarch64.rpm openSUSE-SLE-15.4-2022-1149 important SUSE Updates openSUSE-SLE 15.4 This update for mozilla-nss fixes the following issues: Mozilla NSS 3.68.3 (bsc#1197903): - CVE-2022-1097: Fixed memory safety violations that could occur when PKCS#11 tokens are removed while in use. libfreebl3-3.68.3-150000.3.67.1.x86_64.rpm libfreebl3-32bit-3.68.3-150000.3.67.1.x86_64.rpm libfreebl3-hmac-3.68.3-150000.3.67.1.x86_64.rpm libfreebl3-hmac-32bit-3.68.3-150000.3.67.1.x86_64.rpm libsoftokn3-3.68.3-150000.3.67.1.x86_64.rpm libsoftokn3-32bit-3.68.3-150000.3.67.1.x86_64.rpm libsoftokn3-hmac-3.68.3-150000.3.67.1.x86_64.rpm libsoftokn3-hmac-32bit-3.68.3-150000.3.67.1.x86_64.rpm mozilla-nss-3.68.3-150000.3.67.1.src.rpm mozilla-nss-3.68.3-150000.3.67.1.x86_64.rpm mozilla-nss-32bit-3.68.3-150000.3.67.1.x86_64.rpm mozilla-nss-certs-3.68.3-150000.3.67.1.x86_64.rpm mozilla-nss-certs-32bit-3.68.3-150000.3.67.1.x86_64.rpm mozilla-nss-devel-3.68.3-150000.3.67.1.x86_64.rpm mozilla-nss-sysinit-3.68.3-150000.3.67.1.x86_64.rpm mozilla-nss-sysinit-32bit-3.68.3-150000.3.67.1.x86_64.rpm mozilla-nss-tools-3.68.3-150000.3.67.1.x86_64.rpm libfreebl3-3.68.3-150000.3.67.1.s390x.rpm libfreebl3-hmac-3.68.3-150000.3.67.1.s390x.rpm libsoftokn3-3.68.3-150000.3.67.1.s390x.rpm libsoftokn3-hmac-3.68.3-150000.3.67.1.s390x.rpm mozilla-nss-3.68.3-150000.3.67.1.s390x.rpm mozilla-nss-certs-3.68.3-150000.3.67.1.s390x.rpm mozilla-nss-devel-3.68.3-150000.3.67.1.s390x.rpm mozilla-nss-sysinit-3.68.3-150000.3.67.1.s390x.rpm mozilla-nss-tools-3.68.3-150000.3.67.1.s390x.rpm libfreebl3-3.68.3-150000.3.67.1.ppc64le.rpm libfreebl3-hmac-3.68.3-150000.3.67.1.ppc64le.rpm libsoftokn3-3.68.3-150000.3.67.1.ppc64le.rpm libsoftokn3-hmac-3.68.3-150000.3.67.1.ppc64le.rpm mozilla-nss-3.68.3-150000.3.67.1.ppc64le.rpm mozilla-nss-certs-3.68.3-150000.3.67.1.ppc64le.rpm mozilla-nss-devel-3.68.3-150000.3.67.1.ppc64le.rpm mozilla-nss-sysinit-3.68.3-150000.3.67.1.ppc64le.rpm mozilla-nss-tools-3.68.3-150000.3.67.1.ppc64le.rpm libfreebl3-3.68.3-150000.3.67.1.aarch64.rpm libfreebl3-hmac-3.68.3-150000.3.67.1.aarch64.rpm libsoftokn3-3.68.3-150000.3.67.1.aarch64.rpm libsoftokn3-hmac-3.68.3-150000.3.67.1.aarch64.rpm mozilla-nss-3.68.3-150000.3.67.1.aarch64.rpm mozilla-nss-certs-3.68.3-150000.3.67.1.aarch64.rpm mozilla-nss-devel-3.68.3-150000.3.67.1.aarch64.rpm mozilla-nss-sysinit-3.68.3-150000.3.67.1.aarch64.rpm mozilla-nss-tools-3.68.3-150000.3.67.1.aarch64.rpm openSUSE-SLE-15.4-2022-1127 important SUSE Updates openSUSE-SLE 15.4 This update for MozillaFirefox fixes the following issues: Firefox Extended Support Release 91.8.0 ESR (bsc#1197903): MFSA 2022-14 (bsc#1197903) * CVE-2022-1097: Fixed memory safety violations that could occur when PKCS#11 tokens are removed while in use * CVE-2022-28281: Fixed an out of bounds write due to unexpected WebAuthN Extensions * CVE-2022-1196: Fixed a use-after-free after VR Process destruction * CVE-2022-28282: Fixed a use-after-free in DocumentL10n::TranslateDocument * CVE-2022-28285: Fixed incorrect AliasSet used in JIT Codegen * CVE-2022-28286: Fixed that iframe contents could be rendered outside the border * CVE-2022-24713: Fixed a denial of service via complex regular expressions * CVE-2022-28289: Memory safety bugs fixed in Firefox 99 and Firefox ESR 91.8 The following non-security bugs were fixed: - Adjust rust dependency for SP3 and later. TW uses always the newest version of rust, but we don't, so we can't use the rust+cargo notation, which would need both < and >= requirements. (bsc#1197698) MozillaFirefox-91.8.0-150200.152.26.1.src.rpm MozillaFirefox-91.8.0-150200.152.26.1.x86_64.rpm MozillaFirefox-branding-upstream-91.8.0-150200.152.26.1.x86_64.rpm MozillaFirefox-devel-91.8.0-150200.152.26.1.x86_64.rpm MozillaFirefox-translations-common-91.8.0-150200.152.26.1.x86_64.rpm MozillaFirefox-translations-other-91.8.0-150200.152.26.1.x86_64.rpm MozillaFirefox-91.8.0-150200.152.26.1.s390x.rpm MozillaFirefox-branding-upstream-91.8.0-150200.152.26.1.s390x.rpm MozillaFirefox-devel-91.8.0-150200.152.26.1.s390x.rpm MozillaFirefox-translations-common-91.8.0-150200.152.26.1.s390x.rpm MozillaFirefox-translations-other-91.8.0-150200.152.26.1.s390x.rpm MozillaFirefox-91.8.0-150200.152.26.1.ppc64le.rpm MozillaFirefox-branding-upstream-91.8.0-150200.152.26.1.ppc64le.rpm MozillaFirefox-devel-91.8.0-150200.152.26.1.ppc64le.rpm MozillaFirefox-translations-common-91.8.0-150200.152.26.1.ppc64le.rpm MozillaFirefox-translations-other-91.8.0-150200.152.26.1.ppc64le.rpm MozillaFirefox-91.8.0-150200.152.26.1.aarch64.rpm MozillaFirefox-branding-upstream-91.8.0-150200.152.26.1.aarch64.rpm MozillaFirefox-devel-91.8.0-150200.152.26.1.aarch64.rpm MozillaFirefox-translations-common-91.8.0-150200.152.26.1.aarch64.rpm MozillaFirefox-translations-other-91.8.0-150200.152.26.1.aarch64.rpm openSUSE-SLE-15.4-2022-1167 important SUSE Updates openSUSE-SLE 15.4 This update for go1.17 fixes the following issues: Update to version 1.17.8 (bsc#1190649): - CVE-2022-24921: Fixed a potential denial of service via large regular expressions (bsc#1196732). Non-security fixes: - Fixed an issue with v2 modules (go#51332). - Fixed an issue when building source in riscv64 (go#51199). - Increased compatibility for the DNS protocol in the net module (go#51162). - Fixed an issue with histograms in the runtime/metrics module (go#50734). - Fixed an issue when parsing x509 certificates (go#51000). go1.17-1.17.8-150000.1.25.1.src.rpm go1.17-1.17.8-150000.1.25.1.x86_64.rpm go1.17-doc-1.17.8-150000.1.25.1.x86_64.rpm go1.17-race-1.17.8-150000.1.25.1.x86_64.rpm go1.17-1.17.8-150000.1.25.1.s390x.rpm go1.17-doc-1.17.8-150000.1.25.1.s390x.rpm go1.17-1.17.8-150000.1.25.1.ppc64le.rpm go1.17-doc-1.17.8-150000.1.25.1.ppc64le.rpm go1.17-1.17.8-150000.1.25.1.aarch64.rpm go1.17-doc-1.17.8-150000.1.25.1.aarch64.rpm go1.17-race-1.17.8-150000.1.25.1.aarch64.rpm openSUSE-SLE-15.4-2022-1164 important SUSE Updates openSUSE-SLE 15.4 This update for go1.16 fixes the following issues: Update to version 1.16.15 (bsc#1182345): - CVE-2022-24921: Fixed a potential denial of service via large regular expressions (bsc#1196732). Non-security fixes: - Fixed an issue with v2 modules (go#51331). - Fixed an issue when building source in riscv64 (go#51198). - Increased compatibility for the DNS protocol in the net module (go#51161). - Fixed an issue with histograms in the runtime/metrics module (go#50733). go1.16-1.16.15-150000.1.46.1.src.rpm go1.16-1.16.15-150000.1.46.1.x86_64.rpm go1.16-doc-1.16.15-150000.1.46.1.x86_64.rpm go1.16-race-1.16.15-150000.1.46.1.x86_64.rpm go1.16-1.16.15-150000.1.46.1.s390x.rpm go1.16-doc-1.16.15-150000.1.46.1.s390x.rpm go1.16-1.16.15-150000.1.46.1.ppc64le.rpm go1.16-doc-1.16.15-150000.1.46.1.ppc64le.rpm go1.16-1.16.15-150000.1.46.1.aarch64.rpm go1.16-doc-1.16.15-150000.1.46.1.aarch64.rpm go1.16-race-1.16.15-150000.1.46.1.aarch64.rpm openSUSE-SLE-15.4-2022-1256 important SUSE Updates openSUSE-SLE 15.4 The SUSE Linux Enterprise 15 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: - CVE-2022-28356: Fixed a refcount leak bug in net/llc/af_llc.c (bnc#1197391). - CVE-2022-1016: Fixed a vulnerability in the nf_tables component of the netfilter subsystem. This vulnerability gives an attacker a powerful primitive that can be used to both read from and write to relative stack data, which can lead to arbitrary code execution (bsc#1197227). - CVE-2022-28388: Fixed a double free in drivers/net/can/usb/usb_8dev.c vulnerability in the Linux kernel (bnc#1198032). - CVE-2022-28389: Fixed a double free in drivers/net/can/usb/mcba_usb.c vulnerability in the Linux kernel (bnc#1198033). - CVE-2022-28390: Fixed a double free in drivers/net/can/usb/ems_usb.c vulnerability in the Linux kernel (bnc#1198031). - CVE-2022-0812: Fixed an incorrect header size calculations in xprtrdma (bsc#1196639). - CVE-2022-1048: Fixed a race Condition in snd_pcm_hw_free leading to use-after-free due to the AB/BA lock with buffer_mutex and mmap_lock (bsc#1197331). - CVE-2022-0850: Fixed a kernel information leak vulnerability in iov_iter.c (bsc#1196761). - CVE-2022-26966: Fixed an issue in drivers/net/usb/sr9700.c, which allowed attackers to obtain sensitive information from the memory via crafted frame lengths from a USB device (bsc#1196836). - CVE-2021-45868: Fixed a wrong validation check in fs/quota/quota_tree.c which could lead to an use-after-free if there is a corrupted quota file (bnc#1197366). - CVE-2021-39713: Fixed a race condition in the network scheduling subsystem which could lead to a use-after-free (bsc#1196973). - CVE-2022-23036,CVE-2022-23037,CVE-2022-23038,CVE-2022-23039,CVE-2022-23040,CVE-2022-23041,CVE-2022-23042: Fixed multiple issues which could have lead to read/write access to memory pages or denial of service. These issues are related to the Xen PV device frontend drivers (bsc#1196488). - CVE-2022-26490: Fixed a buffer overflow in the st21nfca driver. An attacker with adjacent NFC access could trigger crash the system or corrupt system memory (bsc#1196830). The following non-security bugs were fixed: - ax88179_178a: Fixed memory issues that could be triggered by malicious USB devices (bsc#1196018). - genirq: Use rcu in kstat_irqs_usr() (bsc#1193738). - gve/net: Fixed multiple bugfixes (jsc#SLE-23652). - net/mlx5e: Fix page DMA map/unmap attributes (bsc#1196468). - net: tipc: validate domain record count on input (bsc#1195254). - powerpc: Fixed issues related to slow I/O on PowerPC (bsc#1196433). kernel-debug-4.12.14-150100.197.111.1.nosrc.rpm True kernel-debug-base-4.12.14-150100.197.111.1.x86_64.rpm True kernel-default-4.12.14-150100.197.111.1.nosrc.rpm True kernel-kvmsmall-4.12.14-150100.197.111.1.nosrc.rpm True kernel-kvmsmall-base-4.12.14-150100.197.111.1.x86_64.rpm True kernel-vanilla-4.12.14-150100.197.111.1.nosrc.rpm True kernel-vanilla-4.12.14-150100.197.111.1.x86_64.rpm True kernel-vanilla-base-4.12.14-150100.197.111.1.x86_64.rpm True kernel-vanilla-devel-4.12.14-150100.197.111.1.x86_64.rpm True kernel-vanilla-livepatch-devel-4.12.14-150100.197.111.1.x86_64.rpm True kernel-default-man-4.12.14-150100.197.111.1.s390x.rpm True kernel-vanilla-4.12.14-150100.197.111.1.s390x.rpm True kernel-vanilla-base-4.12.14-150100.197.111.1.s390x.rpm True kernel-vanilla-devel-4.12.14-150100.197.111.1.s390x.rpm True kernel-vanilla-livepatch-devel-4.12.14-150100.197.111.1.s390x.rpm True kernel-zfcpdump-4.12.14-150100.197.111.1.nosrc.rpm True kernel-zfcpdump-man-4.12.14-150100.197.111.1.s390x.rpm True kernel-debug-base-4.12.14-150100.197.111.1.ppc64le.rpm True kernel-vanilla-4.12.14-150100.197.111.1.ppc64le.rpm True kernel-vanilla-base-4.12.14-150100.197.111.1.ppc64le.rpm True kernel-vanilla-devel-4.12.14-150100.197.111.1.ppc64le.rpm True kernel-vanilla-livepatch-devel-4.12.14-150100.197.111.1.ppc64le.rpm True kernel-vanilla-4.12.14-150100.197.111.1.aarch64.rpm True kernel-vanilla-base-4.12.14-150100.197.111.1.aarch64.rpm True kernel-vanilla-devel-4.12.14-150100.197.111.1.aarch64.rpm True kernel-vanilla-livepatch-devel-4.12.14-150100.197.111.1.aarch64.rpm True openSUSE-SLE-15.4-2022-1253 moderate SUSE Updates openSUSE-SLE 15.4 This update for helm delivers helm 3.8.0 to the Containers module. helm-3.8.0-150000.1.3.1.src.rpm helm-3.8.0-150000.1.3.1.x86_64.rpm helm-bash-completion-3.8.0-150000.1.3.1.noarch.rpm helm-zsh-completion-3.8.0-150000.1.3.1.noarch.rpm helm-3.8.0-150000.1.3.1.s390x.rpm helm-3.8.0-150000.1.3.1.ppc64le.rpm helm-3.8.0-150000.1.3.1.aarch64.rpm openSUSE-SLE-15.4-2022-1183 important SUSE Updates openSUSE-SLE 15.4 The SUSE Linux Enterprise 15 SP3 kernel was updated. The following security bugs were fixed: - CVE-2022-0854: Fixed a memory leak flaw was found in the Linux kernels DMA subsystem. This flaw allowed a local user to read random memory from the kernel space. (bnc#1196823) - CVE-2022-1016: Fixed a vulnerability in the nf_tables component of the netfilter subsystem. This vulnerability gives an attacker a powerful primitive that can be used to both read from and write to relative stack data, which can lead to arbitrary code execution. (bsc#1197227) - CVE-2022-28390: Fixed a double free in drivers/net/can/usb/ems_usb.c vulnerability in the Linux kernel. (bnc#1198031) - CVE-2022-28388: Fixed a double free in drivers/net/can/usb/usb_8dev.c vulnerability in the Linux kernel. (bnc#1198032) - CVE-2022-28389: Fixed a double free in drivers/net/can/usb/mcba_usb.c vulnerability in the Linux kernel. (bnc#1198033) - CVE-2022-1055: Fixed a use-after-free in tc_new_tfilter that could allow a local attacker to gain privilege escalation. (bnc#1197702) - CVE-2022-1048: Fixed a race Condition in snd_pcm_hw_free leading to use-after-free due to the AB/BA lock with buffer_mutex and mmap_lock. (bsc#1197331) - CVE-2021-45868: Fixed a wrong validation check in fs/quota/quota_tree.c which could lead to an use-after-free if there is a corrupted quota file. (bnc#1197366) - CVE-2022-27666: Fixed a buffer overflow vulnerability in IPsec ESP transformation code. This flaw allowed a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation. (bnc#1197462) - CVE-2022-0850: Fixed a kernel information leak vulnerability in iov_iter.c. (bsc#1196761) - CVE-2022-1199: Fixed null-ptr-deref and use-after-free vulnerabilities that allow an attacker to crash the linux kernel by simulating Amateur Radio. (bsc#1198028) - CVE-2022-1205: Fixed null pointer dereference and use-after-free vulnerabilities that allow an attacker to crash the linux kernel by simulating Amateur Radio. (bsc#1198027) - CVE-2022-1198: Fixed an use-after-free vulnerability that allow an attacker to crash the linux kernel by simulating Amateur Radio (bsc#1198030). - CVE-2022-1195: Fixed an use-after-free vulnerability which could allow a local attacker with a user privilege to execute a denial of service. (bsc#1198029) - CVE-2022-1011: Fixed an use-after-free vulnerability which could allow a local attacker to retireve (partial) /etc/shadow hashes or any other data from filesystem when he can mount a FUSE filesystems. (bnc#1197343) The following non-security bugs were fixed: - ACPI / x86: Work around broken XSDT on Advantech DAC-BJ01 board (git-fixes). - ACPI: APEI: fix return value of __setup handlers (git-fixes). - ACPI: battery: Add device HID and quirk for Microsoft Surface Go 3 (git-fixes). - ACPI: CPPC: Avoid out of bounds access when parsing _CPC data (git-fixes). - ACPI: docs: enumeration: Discourage to use custom _DSM methods (git-fixes). - ACPI: docs: enumeration: Remove redundant .owner assignment (git-fixes). - ACPI: docs: enumeration: Update UART serial bus resource documentation (git-fixes). - ACPI: properties: Consistently return -ENOENT if there are no more references (git-fixes). - ACPI: video: Force backlight native for Clevo NL5xRU and NL5xNU (git-fixes). - ALSA: cmipci: Restore aux vol on suspend/resume (git-fixes). - ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction (git-fixes). - ALSA: hda/realtek - Fix headset mic problem for a HP machine with alc671 (git-fixes). - ALSA: hda/realtek: Add quirk for ASUS GA402 (git-fixes). - ALSA: oss: Fix PCM OSS buffer allocation overflow (git-fixes). - ALSA: pci: fix reading of swapped values from pcmreg in AC97 codec (git-fixes). - ALSA: pcm: Add stream lock during PCM reset ioctl operations (git-fixes). - ALSA: spi: Add check for clk_enable() (git-fixes). - ALSA: usb-audio: Add mute TLV for playback volumes on RODE NT-USB (git-fixes). - ASoC: atmel_ssc_dai: Handle errors for clk_enable (git-fixes). - ASoC: atmel: Add missing of_node_put() in at91sam9g20ek_audio_probe (git-fixes). - ASoC: codecs: wcd934x: Add missing of_node_put() in wcd934x_codec_parse_data (git-fixes). - ASoC: codecs: wcd934x: fix return value of wcd934x_rx_hph_mode_put (git-fixes). - ASoC: dmaengine: do not use a NULL prepare_slave_config() callback (git-fixes). - ASoC: dwc-i2s: Handle errors for clk_enable (git-fixes). - ASoC: fsi: Add check for clk_enable (git-fixes). - ASoC: fsl_spdif: Disable TX clock when stop (git-fixes). - ASoC: imx-es8328: Fix error return code in imx_es8328_probe() (git-fixes). - ASoC: msm8916-wcd-analog: Fix error handling in pm8916_wcd_analog_spmi_probe (git-fixes). - ASoC: msm8916-wcd-digital: Fix missing clk_disable_unprepare() in msm8916_wcd_digital_probe (git-fixes). - ASoC: mxs-saif: Handle errors for clk_enable (git-fixes). - ASoC: mxs: Fix error handling in mxs_sgtl5000_probe (git-fixes). - ASoC: rt5663: check the return value of devm_kzalloc() in rt5663_parse_dp() (git-fixes). - ASoC: SOF: Add missing of_node_put() in imx8m_probe (git-fixes). - ASoC: SOF: topology: remove redundant code (git-fixes). - ASoC: sti: Fix deadlock via snd_pcm_stop_xrun() call (git-fixes). - ASoC: ti: davinci-i2s: Add check for clk_enable() (git-fixes). - ASoC: topology: Allow TLV control to be either read or write (git-fixes). - ASoC: topology: Optimize soc_tplg_dapm_graph_elems_load behavior (git-fixes). - ASoC: wm8350: Handle error for wm8350_register_irq (git-fixes). - ASoC: xilinx: xlnx_formatter_pcm: Handle sysclk setting (git-fixes). - ax88179_178a: Merge memcpy + le32_to_cpus to get_unaligned_le32 (bsc#1196018). - block: update io_ticks when io hang (bsc#1197817). - block/wbt: fix negative inflight counter when remove scsi device (bsc#1197819). - bpf: Fix comment for helper bpf_current_task_under_cgroup() (git-fixes). - bpf: Remove config check to enable bpf support for branch records (git-fixes bsc#1177028). - btrfs: avoid unnecessary lock and leaf splits when updating inode in the log (bsc#1194649). - btrfs: avoid unnecessary log mutex contention when syncing log (bsc#1194649). - btrfs: avoid unnecessary logging of xattrs during fast fsyncs (bsc#1194649). - btrfs: check error value from btrfs_update_inode in tree log (bsc#1194649). - btrfs: check if a log root exists before locking the log_mutex on unlink (bsc#1194649). - btrfs: check if a log tree exists at inode_logged() (bsc#1194649). - btrfs: do not commit delayed inode when logging a file in full sync mode (bsc#1194649). - btrfs: do not log new dentries when logging that a new name exists (bsc#1194649). - btrfs: eliminate some false positives when checking if inode was logged (bsc#1194649). - btrfs: fix race leading to unnecessary transaction commit when logging inode (bsc#1194649). - btrfs: fix race that causes unnecessary logging of ancestor inodes (bsc#1194649). - btrfs: fix race that makes inode logging fallback to transaction commit (bsc#1194649). - btrfs: fix race that results in logging old extents during a fast fsync (bsc#1194649). - btrfs: fixup error handling in fixup_inode_link_counts (bsc#1194649). - btrfs: remove no longer needed full sync flag check at inode_logged() (bsc#1194649). - btrfs: Remove unnecessary check from join_running_log_trans (bsc#1194649). - btrfs: remove unnecessary directory inode item update when deleting dir entry (bsc#1194649). - btrfs: remove unnecessary list head initialization when syncing log (bsc#1194649). - btrfs: skip unnecessary searches for xattrs when logging an inode (bsc#1194649). - can: ems_usb: ems_usb_start_xmit(): fix double dev_kfree_skb() in error path (git-fixes). - can: mcba_usb: mcba_usb_start_xmit(): fix double dev_kfree_skb in error path (git-fixes). - can: mcba_usb: properly check endpoint type (git-fixes). - can: rcar_canfd: rcar_canfd_channel_probe(): register the CAN device when fully ready (git-fixes). - cifs: use the correct max-length for dentry_path_raw() (bsc1196196). - clk: actions: Terminate clk_div_table with sentinel element (git-fixes). - clk: bcm2835: Remove unused variable (git-fixes). - clk: clps711x: Terminate clk_div_table with sentinel element (git-fixes). - clk: imx7d: Remove audio_mclk_root_clk (git-fixes). - clk: Initialize orphan req_rate (git-fixes). - clk: loongson1: Terminate clk_div_table with sentinel element (git-fixes). - clk: nxp: Remove unused variable (git-fixes). - clk: qcom: clk-rcg2: Update logic to calculate D value for RCG (git-fixes). - clk: qcom: clk-rcg2: Update the frac table for pixel clock (git-fixes). - clk: qcom: gcc-msm8994: Fix gpll4 width (git-fixes). - clk: qcom: ipq8074: Use floor ops for SDCC1 clock (git-fixes). - clk: tegra: tegra124-emc: Fix missing put_device() call in emc_ensure_emc_driver (git-fixes). - clk: uniphier: Fix fixed-rate initialization (git-fixes). - clocksource: acpi_pm: fix return value of __setup handler (git-fixes). - clocksource/drivers/timer-of: Check return value of of_iomap in timer_of_base_init() (git-fixes). - cpufreq: schedutil: Destroy mutex before kobject_put() frees (git-fixes) - crypto: authenc - Fix sleep in atomic context in decrypt_tail (git-fixes). - crypto: cavium/nitrox - do not cast parameter in bit operations (git-fixes). - crypto: ccp - ccp_dmaengine_unregister release dma channels (git-fixes). - crypto: ccree - do not attempt 0 len DMA mappings (git-fixes). - crypto: mxs-dcp - Fix scatterlist processing (git-fixes). - crypto: qat - do not cast parameter in bit operations (git-fixes). - crypto: rsa-pkcs1pad - correctly get hash from source scatterlist (git-fixes). - crypto: rsa-pkcs1pad - fix buffer overread in pkcs1pad_verify_complete() (git-fixes). - crypto: rsa-pkcs1pad - restore signature length check (git-fixes). - crypto: vmx - add missing dependencies (git-fixes). - dma/pool: create dma atomic pool only if dma zone has managed pages (bsc#1197501). - driver core: dd: fix return value of __setup handler (git-fixes). - drm: add a locked version of drm_is_current_master (bsc#1197914). - drm: bridge: adv7511: Fix ADV7535 HPD enablement (git-fixes). - drm: drm_file struct kABI compatibility workaround (bsc#1197914). - drm: protect drm_master pointers in drm_lease.c (bsc#1197914). - drm: serialize drm_file.master with a new spinlock (bsc#1197914). - drm: use the lookup lock in drm_is_current_master (bsc#1197914). - drm/amd/display: Add affected crtcs to atomic state for dsc mst unplug (git-fixes). - drm/amd/pm: return -ENOTSUPP if there is no get_dpm_ultimate_freq function (git-fixes). - drm/bridge: dw-hdmi: use safe format when first in bridge chain (git-fixes). - drm/bridge: nwl-dsi: Fix PM disable depth imbalance in nwl_dsi_probe (git-fixes). - drm/doc: overview before functions for drm_writeback.c (git-fixes). - drm/i915: Fix dbuf slice config lookup (git-fixes). - drm/i915/gem: add missing boundary check in vm_access (git-fixes). - drm/imx: parallel-display: Remove bus flags check in imx_pd_bridge_atomic_check() (git-fixes). - drm/meson: Fix error handling when afbcd.ops->init fails (git-fixes). - drm/meson: osd_afbcd: Add an exit callback to struct meson_afbcd_ops (git-fixes). - drm/msm/dpu: add DSPP blocks teardown (git-fixes). - drm/nouveau/acr: Fix undefined behavior in nvkm_acr_hsfw_load_bl() (git-fixes). - drm/panel: simple: Fix Innolux G070Y2-L01 BPP settings (git-fixes). - drm/vc4: crtc: Fix runtime_pm reference counting (git-fixes). - drm/vc4: crtc: Make sure the HDMI controller is powered when disabling (git-fixes). - drm/vrr: Set VRR capable prop only if it is attached to connector (git-fixes). - ecryptfs: fix kernel panic with null dev_name (bsc#1197812). - ecryptfs: Fix typo in message (bsc#1197811). - ext2: correct max file size computing (bsc#1197820). - firmware: google: Properly state IOMEM dependency (git-fixes). - firmware: qcom: scm: Remove reassignment to desc following initializer (git-fixes). - fscrypt: do not ignore minor_hash when hash is 0 (bsc#1197815). - HID: multitouch: fix Dell Precision 7550 and 7750 button type (bsc#1197243). - hwmon: (pmbus) Add mutex to regulator ops (git-fixes). - hwmon: (pmbus) Add Vin unit off handling (git-fixes). - hwmon: (sch56xx-common) Replace WDOG_ACTIVE with WDOG_HW_RUNNING (git-fixes). - hwrng: atmel - disable trng on failure path (git-fixes). - i915_vma: Rename vma_lookup to i915_vma_lookup (git-fixes). - ibmvnic: fix race between xmit and reset (bsc#1197302 ltc#197259). - iio: accel: mma8452: use the correct logic to get mma8452_data (git-fixes). - iio: adc: Add check for devm_request_threaded_irq (git-fixes). - iio: afe: rescale: use s64 for temporary scale calculations (git-fixes). - iio: inkern: apply consumer scale on IIO_VAL_INT cases (git-fixes). - iio: inkern: apply consumer scale when no channel scale is available (git-fixes). - iio: inkern: make a best effort on offset calculation (git-fixes). - Input: aiptek - properly check endpoint type (git-fixes). - iwlwifi: do not advertise TWT support (git-fixes). - KVM: SVM: Do not flush cache if hardware enforces cache coherency across encryption domains (bsc#1178134). - llc: fix netdevice reference leaks in llc_ui_bind() (git-fixes). - mac80211: fix potential double free on mesh join (git-fixes). - mac80211: refuse aggregations sessions before authorized (git-fixes). - media: aspeed: Correct value for h-total-pixels (git-fixes). - media: bttv: fix WARNING regression on tunerless devices (git-fixes). - media: coda: Fix missing put_device() call in coda_get_vdoa_data (git-fixes). - media: davinci: vpif: fix unbalanced runtime PM get (git-fixes). - media: em28xx: initialize refcount before kref_get (git-fixes). - media: hantro: Fix overfill bottom register field name (git-fixes). - media: Revert "media: em28xx: add missing em28xx_close_extension" (git-fixes). - media: stk1160: If start stream fails, return buffers with VB2_BUF_STATE_QUEUED (git-fixes). - media: usb: go7007: s2250-board: fix leak in probe() (git-fixes). - media: video/hdmi: handle short reads of hdmi info frame (git-fixes). - membarrier: Execute SYNC_CORE on the calling thread (git-fixes) - membarrier: Explicitly sync remote cores when SYNC_CORE is (git-fixes) - memory: emif: Add check for setup_interrupts (git-fixes). - memory: emif: check the pointer temp in get_device_details() (git-fixes). - misc: alcor_pci: Fix an error handling path (git-fixes). - misc: sgi-gru: Do not cast parameter in bit operations (git-fixes). - mm_zone: add function to check if managed dma zone exists (bsc#1197501). - mm: add vma_lookup(), update find_vma_intersection() comments (git-fixes). - mm/page_alloc.c: do not warn allocation failure on zone DMA if no managed pages (bsc#1197501). - mmc: davinci_mmc: Handle error for clk_enable (git-fixes). - net: dsa: mv88e6xxx: override existent unicast portvec in port_fdb_add (git-fixes). - net: enetc: initialize the RFS and RSS memories (git-fixes). - net: hns3: add a check for tqp_index in hclge_get_ring_chain_from_mbx() (git-fixes). - net: phy: broadcom: Fix brcm_fet_config_init() (git-fixes). - net: phy: marvell: Fix invalid comparison in the resume and suspend functions (git-fixes). - net: stmmac: set TxQ mode back to DCB after disabling CBS (git-fixes). - net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup (bsc#1196018). - net: watchdog: hold device global xmit lock during tx disable (git-fixes). - net/smc: Fix loop in smc_listen (git-fixes). - net/smc: fix using of uninitialized completions (git-fixes). - net/smc: fix wrong list_del in smc_lgr_cleanup_early (git-fixes). - net/smc: Make sure the link_id is unique (git-fixes). - net/smc: Reset conn->lgr when link group registration fails (git-fixes). - netfilter: conntrack: do not refresh sctp entries in closed state (bsc#1197389). - netxen_nic: fix MSI/MSI-x interrupts (git-fixes). - NFS: Avoid duplicate uncached readdir calls on eof (git-fixes). - NFS: Do not report writeback errors in nfs_getattr() (git-fixes). - NFS: Do not skip directory entries when doing uncached readdir (git-fixes). - NFS: Ensure the server had an up to date ctime before hardlinking (git-fixes). - NFS: Fix initialisation of nfs_client cl_flags field (git-fixes). - NFS: LOOKUP_DIRECTORY is also ok with symlinks (git-fixes). - NFS: Return valid errors from nfs2/3_decode_dirent() (git-fixes). - NFS: Use of mapping_set_error() results in spurious errors (git-fixes). - NFS: nfsd4_setclientid_confirm mistakenly expires confirmed client (git-fixes). - NFS: do not retry BIND_CONN_TO_SESSION on session error (git-fixes). - NFS: Fix another issue with a list iterator pointing to the head (git-fixes). - nl80211: Update bss channel on channel switch for P2P_CLIENT (git-fixes). - pinctrl: mediatek: Fix missing of_node_put() in mtk_pctrl_init (git-fixes). - pinctrl: mediatek: paris: Fix "argument" argument type for mtk_pinconf_get() (git-fixes). - pinctrl: mediatek: paris: Fix pingroup pin config state readback (git-fixes). - pinctrl: nomadik: Add missing of_node_put() in nmk_pinctrl_probe (git-fixes). - pinctrl: nuvoton: npcm7xx: Rename DS() macro to DSTR() (git-fixes). - pinctrl: nuvoton: npcm7xx: Use %zu printk format for ARRAY_SIZE() (git-fixes). - pinctrl: pinconf-generic: Print arguments for bias-pull-* (git-fixes). - pinctrl: samsung: drop pin banks references on error paths (git-fixes). - pinctrl/rockchip: Add missing of_node_put() in rockchip_pinctrl_probe (git-fixes). - PM: hibernate: fix __setup handler error handling (git-fixes). - PM: suspend: fix return value of __setup handler (git-fixes). - powerpc/lib/sstep: Fix 'sthcx' instruction (bsc#1156395). - powerpc/mm: Fix verification of MMU_FTR_TYPE_44x (bsc#1156395). - powerpc/mm/numa: skip NUMA_NO_NODE onlining in parse_numa_properties() (bsc#1179639 ltc#189002 git-fixes). - powerpc/perf: Do not use perf_hw_context for trace IMC PMU (bsc#1156395). - powerpc/pseries: Fix use after free in remove_phb_dynamic() (bsc#1065729). - powerpc/sysdev: fix incorrect use to determine if list is empty (bsc#1065729). - powerpc/tm: Fix more userspace r13 corruption (bsc#1065729). - powerpc/xive: fix return value of __setup handler (bsc#1065729). - printk: Add panic_in_progress helper (bsc#1197894). - printk: disable optimistic spin during panic (bsc#1197894). - pwm: lpc18xx-sct: Initialize driver data and hardware before pwmchip_add() (git-fixes). - regulator: qcom_smd: fix for_each_child.cocci warnings (git-fixes). - remoteproc: qcom_wcnss: Add missing of_node_put() in wcnss_alloc_memory_region (git-fixes). - remoteproc: qcom: Fix missing of_node_put in adsp_alloc_memory_region (git-fixes). - s390/bpf: Perform r1 range checking before accessing jit->seen_reg (git-fixes). - s390/gmap: do not unconditionally call pte_unmap_unlock() in __gmap_zap() (git-fixes). - s390/gmap: validate VMA in __gmap_zap() (git-fixes). - s390/hypfs: include z/VM guests with access control group set (bsc#1195640 LTC#196352). - s390/kexec_file: fix error handling when applying relocations (git-fixes). - s390/kexec: fix memory leak of ipl report buffer (git-fixes). - s390/kexec: fix return code handling (git-fixes). - s390/mm: fix VMA and page table handling code in storage key handling functions (git-fixes). - s390/mm: validate VMA in PGSTE manipulation functions (git-fixes). - s390/module: fix loading modules with a lot of relocations (git-fixes). - s390/pci_mmio: fully validate the VMA before calling follow_pte() (git-fixes). - scsi: lpfc: Copyright updates for 14.2.0.0 patches (bsc#1197675). - scsi: lpfc: Drop lpfc_no_handler() (bsc#1197675). - scsi: lpfc: Fix broken SLI4 abort path (bsc#1197675). - scsi: lpfc: Fix locking for lpfc_sli_iocbq_lookup() (bsc#1197675). - scsi: lpfc: Fix queue failures when recovering from PCI parity error (bsc#1197675 bsc#1196478). - scsi: lpfc: Fix typos in comments (bsc#1197675). - scsi: lpfc: Fix unload hang after back to back PCI EEH faults (bsc#1197675 bsc#1196478). - scsi: lpfc: Improve PCI EEH Error and Recovery Handling (bsc#1197675 bsc#1196478). - scsi: lpfc: Kill lpfc_bus_reset_handler() (bsc#1197675). - scsi: lpfc: Reduce log messages seen after firmware download (bsc#1197675). - scsi: lpfc: Remove failing soft_wwn support (bsc#1197675). - scsi: lpfc: Remove NVMe support if kernel has NVME_FC disabled (bsc#1197675). - scsi: lpfc: Remove redundant flush_workqueue() call (bsc#1197675). - scsi: lpfc: SLI path split: Introduce lpfc_prep_wqe (bsc#1197675). - scsi: lpfc: SLI path split: Refactor Abort paths (bsc#1197675). - scsi: lpfc: SLI path split: Refactor base ELS paths and the FLOGI path (bsc#1197675). - scsi: lpfc: SLI path split: Refactor BSG paths (bsc#1197675). - scsi: lpfc: SLI path split: Refactor CT paths (bsc#1197675). - scsi: lpfc: SLI path split: Refactor fast and slow paths to native SLI4 (bsc#1197675). - scsi: lpfc: SLI path split: Refactor FDISC paths (bsc#1197675). - scsi: lpfc: SLI path split: Refactor lpfc_iocbq (bsc#1197675). - scsi: lpfc: SLI path split: Refactor LS_ACC paths (bsc#1197675). - scsi: lpfc: SLI path split: Refactor LS_RJT paths (bsc#1197675). - scsi: lpfc: SLI path split: Refactor misc ELS paths (bsc#1197675). - scsi: lpfc: SLI path split: Refactor PLOGI/PRLI/ADISC/LOGO paths (bsc#1197675). - scsi: lpfc: SLI path split: Refactor SCSI paths (bsc#1197675). - scsi: lpfc: SLI path split: Refactor the RSCN/SCR/RDF/EDC/FARPR paths (bsc#1197675). - scsi: lpfc: SLI path split: Refactor VMID paths (bsc#1197675). - scsi: lpfc: Update lpfc version to 14.2.0.0 (bsc#1197675). - scsi: lpfc: Update lpfc version to 14.2.0.1 (bsc#1197675). - scsi: lpfc: Use fc_block_rport() (bsc#1197675). - scsi: lpfc: Use kcalloc() (bsc#1197675). - scsi: lpfc: Use rport as argument for lpfc_chk_tgt_mapped() (bsc#1197675). - scsi: lpfc: Use rport as argument for lpfc_send_taskmgmt() (bsc#1197675). - scsi: qla2xxx: Fix crash during module load unload test (bsc#1197661). - scsi: qla2xxx: Fix disk failure to rediscover (bsc#1197661). - scsi: qla2xxx: Fix hang due to session stuck (bsc#1197661). - scsi: qla2xxx: Fix incorrect reporting of task management failure (bsc#1197661). - scsi: qla2xxx: Fix laggy FC remote port session recovery (bsc#1197661). - scsi: qla2xxx: Fix loss of NVMe namespaces after driver reload test (bsc#1197661). - scsi: qla2xxx: Fix missed DMA unmap for NVMe ls requests (bsc#1197661). - scsi: qla2xxx: Fix N2N inconsistent PLOGI (bsc#1197661). - scsi: qla2xxx: Fix stuck session of PRLI reject (bsc#1197661). - scsi: qla2xxx: Fix typos in comments (bsc#1197661). - scsi: qla2xxx: Increase max limit of ql2xnvme_queues (bsc#1197661). - scsi: qla2xxx: Reduce false trigger to login (bsc#1197661). - scsi: qla2xxx: Stop using the SCSI pointer (bsc#1197661). - scsi: qla2xxx: Update version to 10.02.07.400-k (bsc#1197661). - scsi: qla2xxx: Use correct feature type field during RFF_ID processing (bsc#1197661). - scsi: qla2xxx: Use named initializers for port_state_str (bsc#1197661). - scsi: qla2xxx: Use named initializers for q_dev_state (bsc#1197661). - serial: 8250_lpss: Balance reference count for PCI DMA device (git-fixes). - serial: 8250_mid: Balance reference count for PCI DMA device (git-fixes). - serial: 8250: Fix race condition in RTS-after-send handling (git-fixes). - serial: core: Fix the definition name in the comment of UPF_* flags (git-fixes). - soc: qcom: aoss: remove spurious IRQF_ONESHOT flags (git-fixes). - soc: qcom: rpmpd: Check for null return of devm_kcalloc (git-fixes). - soc: ti: wkup_m3_ipc: Fix IRQ check in wkup_m3_ipc_probe (git-fixes). - soundwire: intel: fix wrong register name in intel_shim_wake (git-fixes). - spi: pxa2xx-pci: Balance reference count for PCI DMA device (git-fixes). - spi: tegra114: Add missing IRQ check in tegra_spi_probe (git-fixes). - staging:iio:adc:ad7280a: Fix handing of device address bit reversing (git-fixes). - tcp: add some entropy in __inet_hash_connect() (bsc#1180153). - tcp: change source port randomizarion at connect() time (bsc#1180153). - thermal: int340x: Check for NULL after calling kmemdup() (git-fixes). - thermal: int340x: Increase bitmap size (git-fixes). - udp_tunnel: Fix end of loop test in udp_tunnel_nic_unregister() (git-fixes). - Update config files (bsc#1195926 bsc#1175667). VIRTIO_PCI=m -> VIRTIO_PCI=y - usb: bdc: Adb shows offline after resuming from S2 (git-fixes). - usb: bdc: Fix a resource leak in the error handling path of 'bdc_probe()' (git-fixes). - usb: bdc: Fix unused assignment in bdc_probe() (git-fixes). - usb: bdc: remove duplicated error message (git-fixes). - usb: bdc: Use devm_clk_get_optional() (git-fixes). - usb: bdc: use devm_platform_ioremap_resource() to simplify code (git-fixes). - usb: dwc3: gadget: Use list_replace_init() before traversing lists (git-fixes). - usb: dwc3: qcom: add IRQ check (git-fixes). - usb: gadget: bdc: use readl_poll_timeout() to simplify code (git-fixes). - usb: gadget: Fix use-after-free bug by not setting udc->dev.driver (git-fixes). - usb: gadget: rndis: prevent integer overflow in rndis_set_response() (git-fixes). - usb: usbtmc: Fix bug in pipe direction for control transfers (git-fixes). - VFS: filename_create(): fix incorrect intent (bsc#1197534). - video: fbdev: atmel_lcdfb: fix an error code in atmel_lcdfb_probe() (git-fixes). - video: fbdev: controlfb: Fix COMPILE_TEST build (git-fixes). - video: fbdev: fbcvt.c: fix printing in fb_cvt_print_name() (git-fixes). - video: fbdev: matroxfb: set maxvram of vbG200eW to the same as vbG200 to avoid black screen (git-fixes). - video: fbdev: matroxfb: set maxvram of vbG200eW to the same as vbG200 to avoid black screen (git-fixes). - video: fbdev: omapfb: Add missing of_node_put() in dvic_probe_of (git-fixes). - video: fbdev: smscufx: Fix null-ptr-deref in ufx_usb_probe() (git-fixes). - VMCI: Fix the description of vmci_check_host_caps() (git-fixes). - vsprintf: Fix %pK with kptr_restrict == 0 (bsc#1197889). - wireguard: queueing: use CFI-safe ptr_ring cleanup function (git-fixes). - wireguard: selftests: rename DEBUG_PI_LIST to DEBUG_PLIST (git-fixes). - wireguard: socket: free skb in send6 when ipv6 is disabled (git-fixes). - wireguard: socket: ignore v6 endpoints when ipv6 is disabled (git-fixes). - x86/cpu: Add hardware-enforced cache coherency as a CPUID feature (bsc#1178134). - x86/mm/pat: Do not flush cache if hardware enforces cache coherency across encryption domnains (bsc#1178134). - x86/speculation: Warn about eIBRS + LFENCE + Unprivileged eBPF + SMT (bsc#1178134). - x86/speculation: Warn about Spectre v2 LFENCE mitigation (bsc#1178134). - xhci: fix garbage USBSTS being logged in some cases (git-fixes). cluster-md-kmp-preempt-5.3.18-150300.59.63.1.x86_64.rpm True dlm-kmp-preempt-5.3.18-150300.59.63.1.x86_64.rpm True gfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64.rpm True kernel-preempt-5.3.18-150300.59.63.1.nosrc.rpm True kernel-preempt-5.3.18-150300.59.63.1.x86_64.rpm True kernel-preempt-devel-5.3.18-150300.59.63.1.x86_64.rpm True kernel-preempt-extra-5.3.18-150300.59.63.1.x86_64.rpm True kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.x86_64.rpm True kernel-preempt-optional-5.3.18-150300.59.63.1.x86_64.rpm True kselftests-kmp-preempt-5.3.18-150300.59.63.1.x86_64.rpm True ocfs2-kmp-preempt-5.3.18-150300.59.63.1.x86_64.rpm True reiserfs-kmp-preempt-5.3.18-150300.59.63.1.x86_64.rpm True cluster-md-kmp-preempt-5.3.18-150300.59.63.1.aarch64.rpm True dlm-kmp-preempt-5.3.18-150300.59.63.1.aarch64.rpm True dtb-aarch64-5.3.18-150300.59.63.1.src.rpm True dtb-al-5.3.18-150300.59.63.1.aarch64.rpm True dtb-zte-5.3.18-150300.59.63.1.aarch64.rpm True gfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64.rpm True kernel-preempt-5.3.18-150300.59.63.1.aarch64.rpm True kernel-preempt-devel-5.3.18-150300.59.63.1.aarch64.rpm True kernel-preempt-extra-5.3.18-150300.59.63.1.aarch64.rpm True kernel-preempt-livepatch-devel-5.3.18-150300.59.63.1.aarch64.rpm True kernel-preempt-optional-5.3.18-150300.59.63.1.aarch64.rpm True kselftests-kmp-preempt-5.3.18-150300.59.63.1.aarch64.rpm True ocfs2-kmp-preempt-5.3.18-150300.59.63.1.aarch64.rpm True reiserfs-kmp-preempt-5.3.18-150300.59.63.1.aarch64.rpm True openSUSE-SLE-15.4-2022-1162 important SUSE Updates openSUSE-SLE 15.4 This update for subversion fixes the following issues: - CVE-2022-24070: Fixed a memory corruption issue in mod_dav_svn as used by Apache HTTP server. This could be exploited by a remote attacker to cause a denial of service (bsc#1197940). - CVE-2021-28544: Fixed an information leak issue where Subversion servers may reveal the original path of files protected by path-based authorization (bsc#1197939). subversion-1.10.6-150300.10.8.1.src.rpm subversion-python-ctypes-1.10.6-150300.10.8.1.x86_64.rpm subversion-python-ctypes-1.10.6-150300.10.8.1.s390x.rpm subversion-python-ctypes-1.10.6-150300.10.8.1.ppc64le.rpm subversion-python-ctypes-1.10.6-150300.10.8.1.aarch64.rpm openSUSE-SLE-15.4-2022-1259 important SUSE Updates openSUSE-SLE 15.4 This update for icedtea-web fixes the following issues: - CVE-2019-10181: Fixed an issue where an attacker could inject unsigned code in a signed JAR file (bsc#1142835). - CVE-2019-10182: Fixed a path traversal issue where an attacker could upload arbritrary files by tricking a victim into running a specially crafted application(bsc#1142825). - CVE-2019-10185: Fixed an issue where an attacker could write files to arbitrary locations during JAR auto-extraction (bsc#1142832). icedtea-web-1.7.2-150100.7.3.1.src.rpm icedtea-web-1.7.2-150100.7.3.1.x86_64.rpm icedtea-web-javadoc-1.7.2-150100.7.3.1.noarch.rpm icedtea-web-1.7.2-150100.7.3.1.s390x.rpm icedtea-web-1.7.2-150100.7.3.1.ppc64le.rpm icedtea-web-1.7.2-150100.7.3.1.aarch64.rpm openSUSE-SLE-15.4-2022-1265 important SUSE Updates openSUSE-SLE 15.4 This update for jsoup, jsr-305 fixes the following issues: - CVE-2021-37714: Fixed infinite in untrusted HTML or XML data parsing (bsc#1189749). Changes in jsr-305: - Build with java source and target levels 8 - Upgrade to upstream version 3.0.2 Changes in jsoup: - Upgrade to upstream version 1.14.2 - Generate tarball using source service instead of a script jsoup-1.14.2-150200.3.3.1.noarch.rpm jsoup-1.14.2-150200.3.3.1.src.rpm jsoup-javadoc-1.14.2-150200.3.3.1.noarch.rpm jsr-305-3.0.2-150200.3.3.1.noarch.rpm jsr-305-3.0.2-150200.3.3.1.src.rpm jsr-305-javadoc-3.0.2-150200.3.3.1.noarch.rpm openSUSE-SLE-15.4-2022-1200 moderate SUSE Updates openSUSE-SLE 15.4 This update for ClusterTools2 fixes the following issues: - change version from 3.1.1 to 3.1.2 - As newer versions of pacemaker display the output from command 'crmadmin --quiet' on stdout instead on stderr, the command 'cs_clusterstate' was enhanced to adapt these change. (bsc#1188652) - Adapt 'cs_show_scores' to support newer versions of pacemaker and crmshi. (bsc#1188456) - man page updates ClusterTools2-3.1.2-150100.8.9.1.noarch.rpm ClusterTools2-3.1.2-150100.8.9.1.src.rpm openSUSE-SLE-15.4-2022-1158 important SUSE Updates openSUSE-SLE 15.4 This update for xz fixes the following issues: - CVE-2022-1271: Fixed an incorrect escaping of malicious filenames (ZDI-CAN-16587). (bsc#1198062) liblzma5-32bit-5.2.3-150000.4.7.1.x86_64.rpm liblzma5-5.2.3-150000.4.7.1.x86_64.rpm xz-5.2.3-150000.4.7.1.src.rpm xz-5.2.3-150000.4.7.1.x86_64.rpm xz-devel-32bit-5.2.3-150000.4.7.1.x86_64.rpm xz-devel-5.2.3-150000.4.7.1.x86_64.rpm xz-lang-5.2.3-150000.4.7.1.noarch.rpm xz-static-devel-5.2.3-150000.4.7.1.x86_64.rpm liblzma5-5.2.3-150000.4.7.1.s390x.rpm xz-5.2.3-150000.4.7.1.s390x.rpm xz-devel-5.2.3-150000.4.7.1.s390x.rpm xz-static-devel-5.2.3-150000.4.7.1.s390x.rpm liblzma5-5.2.3-150000.4.7.1.ppc64le.rpm xz-5.2.3-150000.4.7.1.ppc64le.rpm xz-devel-5.2.3-150000.4.7.1.ppc64le.rpm xz-static-devel-5.2.3-150000.4.7.1.ppc64le.rpm liblzma5-5.2.3-150000.4.7.1.aarch64.rpm xz-5.2.3-150000.4.7.1.aarch64.rpm xz-devel-5.2.3-150000.4.7.1.aarch64.rpm xz-static-devel-5.2.3-150000.4.7.1.aarch64.rpm openSUSE-SLE-15.4-2022-1218 important SUSE Updates openSUSE-SLE 15.4 This update for SDL2 fixes the following issues: - CVE-2021-33657: Fix a buffer overflow when parsing a crafted BMP image (bsc#1198001). SDL2-2.0.8-150200.11.6.1.src.rpm libSDL2-2_0-0-2.0.8-150200.11.6.1.x86_64.rpm libSDL2-2_0-0-32bit-2.0.8-150200.11.6.1.x86_64.rpm libSDL2-devel-2.0.8-150200.11.6.1.x86_64.rpm libSDL2-devel-32bit-2.0.8-150200.11.6.1.x86_64.rpm libSDL2-2_0-0-2.0.8-150200.11.6.1.s390x.rpm libSDL2-devel-2.0.8-150200.11.6.1.s390x.rpm libSDL2-2_0-0-2.0.8-150200.11.6.1.ppc64le.rpm libSDL2-devel-2.0.8-150200.11.6.1.ppc64le.rpm libSDL2-2_0-0-2.0.8-150200.11.6.1.aarch64.rpm libSDL2-devel-2.0.8-150200.11.6.1.aarch64.rpm openSUSE-SLE-15.4-2022-1166 important SUSE Updates openSUSE-SLE 15.4 Recommended update for cloud-regionsrv-client contains the following fix: cloud-regionsrv-client: Shipping cloud-regionsrv-client-addon-azure to unrestricted channels. (#MSC-282) cloud-regionsrv-client-10.0.2-150000.6.67.1.noarch.rpm cloud-regionsrv-client-10.0.2-150000.6.67.1.src.rpm cloud-regionsrv-client-addon-azure-1.0.3-150000.6.67.1.noarch.rpm cloud-regionsrv-client-generic-config-1.0.0-150000.6.67.1.noarch.rpm cloud-regionsrv-client-plugin-azure-2.0.0-150000.6.67.1.noarch.rpm cloud-regionsrv-client-plugin-ec2-1.0.2-150000.6.67.1.noarch.rpm cloud-regionsrv-client-plugin-gce-1.0.0-150000.6.67.1.noarch.rpm openSUSE-SLE-15.4-2022-1176 important SUSE Updates openSUSE-SLE 15.4 This update for MozillaThunderbird fixes the following issues: - Updated to version 91.8 (bsc#1197903): - CVE-2022-1097: Fixed a memory corruption issue with NSSToken objects. - CVE-2022-28281: Fixed a memory corruption issue due to unexpected WebAuthN Extensions. - CVE-2022-1197: Fixed an issue where OpenPGP revocation information was ignored. - CVE-2022-1196: Fixed a memory corruption issue after VR process destruction. - CVE-2022-28282: Fixed a memory corruption issue in document translation. - CVE-2022-28285: Fixed a memory corruption issue in JIT code generation. - CVE-2022-28286: Fixed an iframe layout issue that could have been exploited to stage spoofing attacks. - CVE-2022-24713: Fixed a potential denial of service via complex regular expressions. - CVE-2022-28289: Fixed multiple memory corruption issues. Non-security fixes: - Changed Google accounts using password authentication to use OAuth2. - Fixed an issue where OpenPGP ECC keys created by Thunderbird could not be imported into GnuPG. - Fixed an issue where exporting multiple public PGP keys from Thunderbird was not possible. - Fixed an issue where replying to a newsgroup message erroneously displayed a "No-reply" popup warning. - Fixed an issue with opening older address books. - Fixed an issue where LDAP directories would be lost when switching to "Offline" mode. - Fixed an issue when importing webcals. MozillaThunderbird-91.8.0-150200.8.65.1.src.rpm MozillaThunderbird-91.8.0-150200.8.65.1.x86_64.rpm MozillaThunderbird-translations-common-91.8.0-150200.8.65.1.x86_64.rpm MozillaThunderbird-translations-other-91.8.0-150200.8.65.1.x86_64.rpm MozillaThunderbird-91.8.0-150200.8.65.1.s390x.rpm MozillaThunderbird-translations-common-91.8.0-150200.8.65.1.s390x.rpm MozillaThunderbird-translations-other-91.8.0-150200.8.65.1.s390x.rpm MozillaThunderbird-91.8.0-150200.8.65.1.ppc64le.rpm MozillaThunderbird-translations-common-91.8.0-150200.8.65.1.ppc64le.rpm MozillaThunderbird-translations-other-91.8.0-150200.8.65.1.ppc64le.rpm MozillaThunderbird-91.8.0-150200.8.65.1.aarch64.rpm MozillaThunderbird-translations-common-91.8.0-150200.8.65.1.aarch64.rpm MozillaThunderbird-translations-other-91.8.0-150200.8.65.1.aarch64.rpm openSUSE-SLE-15.4-2022-1279 important SUSE Updates openSUSE-SLE 15.4 This update for sgi-bitmap-fonts fixes the following issues: - Fix package building issue (bsc#1197854) sgi-bitmap-fonts-1.0-150000.3.3.1.noarch.rpm sgi-bitmap-fonts-1.0-150000.3.3.1.src.rpm openSUSE-SLE-15.4-2022-1280 important SUSE Updates openSUSE-SLE 15.4 This update for HANA-Firewall fixes the following issues: - Fix package building issues (bsc#1197697) HANA-Firewall-2.0.2-150000.3.3.1.src.rpm HANA-Firewall-2.0.2-150000.3.3.1.x86_64.rpm HANA-Firewall-2.0.2-150000.3.3.1.ppc64le.rpm openSUSE-SLE-15.4-2022-1271 important SUSE Updates openSUSE-SLE 15.4 This update for netty fixes the following issues: - Updated to version 4.1.75: - CVE-2021-37136: Fixed an unrestricted decompressed data size in Bzip2Decoder (bsc#1190610). - CVE-2021-37137: Fixed an unrestricted chunk length in SnappyFrameDecoder, which might lead to excessive memory usage (#bsc#1190613). - CVE-2021-43797: Fixed a potential HTTP request smuggling issue due to insufficient validation against control characters (bsc#1193672). - CVE-2021-21290: Fixed an information disclosure via the local system temporary directory (bsc#1182103). netty-4.1.75-150200.4.6.2.src.rpm netty-4.1.75-150200.4.6.2.x86_64.rpm netty-javadoc-4.1.75-150200.4.6.2.noarch.rpm netty-poms-4.1.75-150200.4.6.2.noarch.rpm netty-4.1.75-150200.4.6.2.s390x.rpm netty-4.1.75-150200.4.6.2.ppc64le.rpm netty-4.1.75-150200.4.6.2.aarch64.rpm openSUSE-SLE-15.4-2022-1260 important SUSE Updates openSUSE-SLE 15.4 This update for git fixes the following issues: - CVE-2022-24765: Fixed a potential command injection via git worktree (bsc#1198234). git-2.26.2-150000.36.1.src.rpm openSUSE-SLE-15.4-2022-1277 moderate SUSE Updates openSUSE-SLE 15.4 This update for dcraw fixes the following issues: - CVE-2017-13735: Fixed a denial of service issue due to a floating point exception (bsc#1056170). - CVE-2017-14608: Fixed an invalid memory access that could lead to information disclosure or denial of service (bsc#1063798). - CVE-2018-19655: Fixed a buffer overflow that could lead to an application crash (bsc#1117896). - CVE-2018-5801: Fixed an invalid memory access that could lead to denial of service (bsc#1084690). - CVE-2018-5805: Fixed a buffer overflow that could lead to an application crash (bsc#1097973). - CVE-2018-5806: Fixed an invalid memory access that could lead to denial of service (bsc#1097974). - CVE-2018-19565: Fixed an invalid memory access that could lead to information disclosure or denial of service (bsc#1117622). - CVE-2018-19566: Fixed an invalid memory access that could lead to information disclosure or denial of service (bsc#1117517). - CVE-2018-19567: Fixed a denial of service issue due to a floating point exception (bsc#1117512). - CVE-2018-19568: Fixed a denial of service issue due to a floating point exception (bsc#1117436). - CVE-2021-3624: Fixed a buffer overflow that could lead to code execution or denial of service (bsc#1189642). Non-security fixes: - Updated to version 9.28.0. dcraw-9.28.0-150000.3.3.1.src.rpm dcraw-9.28.0-150000.3.3.1.x86_64.rpm dcraw-lang-9.28.0-150000.3.3.1.noarch.rpm dcraw-9.28.0-150000.3.3.1.s390x.rpm dcraw-9.28.0-150000.3.3.1.ppc64le.rpm dcraw-9.28.0-150000.3.3.1.aarch64.rpm openSUSE-SLE-15.4-2022-1274 important SUSE Updates openSUSE-SLE 15.4 This update for GraphicsMagick fixes the following issues: - CVE-2022-1270: Fixed a heap buffer overflow when parsing MIFF (bsc#1198351). GraphicsMagick-1.3.35-150300.3.3.1.src.rpm GraphicsMagick-1.3.35-150300.3.3.1.x86_64.rpm GraphicsMagick-devel-1.3.35-150300.3.3.1.x86_64.rpm libGraphicsMagick++-Q16-12-1.3.35-150300.3.3.1.x86_64.rpm libGraphicsMagick++-devel-1.3.35-150300.3.3.1.x86_64.rpm libGraphicsMagick-Q16-3-1.3.35-150300.3.3.1.x86_64.rpm libGraphicsMagick3-config-1.3.35-150300.3.3.1.x86_64.rpm libGraphicsMagickWand-Q16-2-1.3.35-150300.3.3.1.x86_64.rpm perl-GraphicsMagick-1.3.35-150300.3.3.1.x86_64.rpm GraphicsMagick-1.3.35-150300.3.3.1.s390x.rpm GraphicsMagick-devel-1.3.35-150300.3.3.1.s390x.rpm libGraphicsMagick++-Q16-12-1.3.35-150300.3.3.1.s390x.rpm libGraphicsMagick++-devel-1.3.35-150300.3.3.1.s390x.rpm libGraphicsMagick-Q16-3-1.3.35-150300.3.3.1.s390x.rpm libGraphicsMagick3-config-1.3.35-150300.3.3.1.s390x.rpm libGraphicsMagickWand-Q16-2-1.3.35-150300.3.3.1.s390x.rpm perl-GraphicsMagick-1.3.35-150300.3.3.1.s390x.rpm GraphicsMagick-1.3.35-150300.3.3.1.ppc64le.rpm GraphicsMagick-devel-1.3.35-150300.3.3.1.ppc64le.rpm libGraphicsMagick++-Q16-12-1.3.35-150300.3.3.1.ppc64le.rpm libGraphicsMagick++-devel-1.3.35-150300.3.3.1.ppc64le.rpm libGraphicsMagick-Q16-3-1.3.35-150300.3.3.1.ppc64le.rpm libGraphicsMagick3-config-1.3.35-150300.3.3.1.ppc64le.rpm libGraphicsMagickWand-Q16-2-1.3.35-150300.3.3.1.ppc64le.rpm perl-GraphicsMagick-1.3.35-150300.3.3.1.ppc64le.rpm GraphicsMagick-1.3.35-150300.3.3.1.aarch64.rpm GraphicsMagick-devel-1.3.35-150300.3.3.1.aarch64.rpm libGraphicsMagick++-Q16-12-1.3.35-150300.3.3.1.aarch64.rpm libGraphicsMagick++-devel-1.3.35-150300.3.3.1.aarch64.rpm libGraphicsMagick-Q16-3-1.3.35-150300.3.3.1.aarch64.rpm libGraphicsMagick3-config-1.3.35-150300.3.3.1.aarch64.rpm libGraphicsMagickWand-Q16-2-1.3.35-150300.3.3.1.aarch64.rpm perl-GraphicsMagick-1.3.35-150300.3.3.1.aarch64.rpm openSUSE-SLE-15.4-2022-1276 important SUSE Updates openSUSE-SLE 15.4 This update for nbd fixes the following issues: - CVE-2022-26495: Fixed an integer overflow with a resultant heap-based buffer overflow (bsc#1196827). - CVE-2022-26496: Fixed a stack-based buffer overflow when parsing the name field by sending a crafted NBD_OPT_INFO (bsc#1196828). Update to version 3.24 (bsc#1196827, bsc#1196828, CVE-2022-26495, CVE-2022-26496): * https://github.com/advisories/GHSA-q9rw-8758-hccj Update to version 3.23: * Don't overwrite the hostname with the TLS hostname Update to version 3.22: - nbd-server: handle auth for v6-mapped IPv4 addresses - nbd-client.c: parse the next option in all cases - configure.ac: silence a few autoconf 2.71 warnings - spec: Relax NBD_OPT_LIST_META_CONTEXTS - client: Don't confuse Unix socket with TLS hostname - server: Avoid deprecated g_memdup Update to version 3.21: - Fix --disable-manpages build - Fix a bug in whitespace handling regarding authorization files - Support client-side marking of devices as read-only - Support preinitialized NBD connection (i.e., skip the negotiation). - Fix the systemd unit file for nbd-client so it works with netlink (the more common situation nowadays) Update to 3.20.0 (no changelog) Update to version 3.19.0: * Better error messages in case of unexpected disconnects * Better compatibility with non-bash sh implementations (for configure.sh) * Fix for a segfault in NBD_OPT_INFO handling * The ability to specify whether to listen on both TCP and Unix domain sockets, rather than to always do so * Various minor editorial and spelling fixes in the documentation. Update to version 1.18.0: * Client: Add the "-g" option to avoid even trying the NBD_OPT_GO message * Server: fixes to inetd mode * Don't make gnutls and libnl automagic. * Server: bugfixes in handling of some export names during verification. * Server: clean supplementary groups when changing user. * Client: when using the netlink protocol, only set a timeout when there actually is a timeout, rather than defaulting to 0 seconds * Improve documentation on the nbdtab file * Minor improvements to some error messages * Improvements to test suite so it works better on non-GNU userland environments - Update to version 1.17.0: * proto: add xNBD command NBD_CMD_CACHE to the spec * server: do not crash when handling child name * server: Close socket pair when fork fails nbd-3.24-150000.3.3.1.src.rpm nbd-3.24-150000.3.3.1.x86_64.rpm nbd-3.24-150000.3.3.1.s390x.rpm nbd-3.24-150000.3.3.1.ppc64le.rpm nbd-3.24-150000.3.3.1.aarch64.rpm openSUSE-SLE-15.4-2022-1284 moderate SUSE Updates openSUSE-SLE 15.4 This update for golang-packaging fixes the following issues: - Move rpm macros from /etc/rpm to /usr/lib/rpm/macros.d (bsc#1191383). Update to version 15.0.16: * Update CHANGELOG file * Don't throw an error on prep if does not exist. * Enable -buildmode=pie on riscv64 - Update to version 15.0.15: * Only create directories that do not yet exist * filelelist can try to access source_dir independently - Update to version 15.0.14: * Ensure to touch $RPM_BUILD_ROOT only in the various install phases * Add support for riscv64 - Update to version 15.0.13: * Preserve modification time of source files golang-packaging-15.0.16-150000.3.9.1.noarch.rpm golang-packaging-15.0.16-150000.3.9.1.src.rpm openSUSE-SLE-15.4-2022-1263 critical SUSE Updates openSUSE-SLE 15.4 This update for cloud-regionsrv-client fixes the following issues: - Update to version 10.0.3 (bsc#1198389) - Descend into the extension tree even if top level module is recommended - Cache license state for AHB support to detect type switch - Properly clean suse.com credentials when switching from SCC to update infrastructure - New log message to indicate base product registration success cloud-regionsrv-client-10.0.3-150000.6.70.1.noarch.rpm cloud-regionsrv-client-10.0.3-150000.6.70.1.src.rpm cloud-regionsrv-client-addon-azure-1.0.4-150000.6.70.1.noarch.rpm cloud-regionsrv-client-generic-config-1.0.0-150000.6.70.1.noarch.rpm cloud-regionsrv-client-plugin-azure-2.0.0-150000.6.70.1.noarch.rpm cloud-regionsrv-client-plugin-ec2-1.0.2-150000.6.70.1.noarch.rpm cloud-regionsrv-client-plugin-gce-1.0.0-150000.6.70.1.noarch.rpm openSUSE-SLE-15.4-2022-1296 important SUSE Updates openSUSE-SLE 15.4 This update for openjpeg fixes the following issues: - CVE-2018-14423: Fixed division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl,and pi_next_rpcl in lib/openjp3d/pi.c (bsc#1102016). - CVE-2018-16376: Fixed heap-based buffer overflow function t2_encode_packet in lib/openmj2/t2.c (bsc#1106881). - CVE-2020-8112: Fixed a heap buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c (bsc#1162090). - CVE-2020-15389: Fixed a use-after-free if a mix of valid and invalid files in a directory operated on by the decompressor (bsc#1173578). - CVE-2020-27823: Fixed a heap buffer over-write in opj_tcd_dc_level_shift_encode() (bsc#1180457), - CVE-2021-29338: Fixed an integer Overflow allows remote attackers to crash the application (bsc#1184774). libopenjpeg1-1.5.2-150000.4.5.1.x86_64.rpm libopenjpeg1-32bit-1.5.2-150000.4.5.1.x86_64.rpm openjpeg-1.5.2-150000.4.5.1.src.rpm openjpeg-1.5.2-150000.4.5.1.x86_64.rpm openjpeg-devel-1.5.2-150000.4.5.1.x86_64.rpm openjpeg-devel-32bit-1.5.2-150000.4.5.1.x86_64.rpm libopenjpeg1-1.5.2-150000.4.5.1.s390x.rpm openjpeg-1.5.2-150000.4.5.1.s390x.rpm openjpeg-devel-1.5.2-150000.4.5.1.s390x.rpm libopenjpeg1-1.5.2-150000.4.5.1.ppc64le.rpm openjpeg-1.5.2-150000.4.5.1.ppc64le.rpm openjpeg-devel-1.5.2-150000.4.5.1.ppc64le.rpm libopenjpeg1-1.5.2-150000.4.5.1.aarch64.rpm openjpeg-1.5.2-150000.4.5.1.aarch64.rpm openjpeg-devel-1.5.2-150000.4.5.1.aarch64.rpm