SUSE-SLE-Module-Server-Applications-15-SP4-2022-2706 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for postgresql fixes the following issues: - Fix the pg_server_requires macro on older rpm versions (SLE-12) - Avoid a dependency on awk in postgresql-script. - Move the dependency of llvmjit-devel on clang and llvm to the implementation packages where we can depend on the correct versions. - Fix postgresql_has_llvm usage - First round of changes to make it easier to build extensions for - add postgresql-llvmjit-devel subpackage: This package will pull in clang and llvm if the distro has a recent enough version, otherwise it will just pull postgresql-server-devel. - add postgresql macros to the postgresql-server-devel package those cover all the variables from pg_config and some macros to remove repitition from the spec files - Bump version to 14. (bsc#1195680) postgresql-14-150400.4.3.88.src.rpm postgresql-contrib-14-150400.4.3.88.noarch.rpm postgresql-devel-14-150400.4.3.88.noarch.rpm postgresql-docs-14-150400.4.3.88.noarch.rpm postgresql-plperl-14-150400.4.3.88.noarch.rpm postgresql-plpython-14-150400.4.3.88.noarch.rpm postgresql-pltcl-14-150400.4.3.88.noarch.rpm postgresql-server-14-150400.4.3.88.noarch.rpm postgresql-server-devel-14-150400.4.3.88.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-2561 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for mariadb fixes the following issues: - Added mariadb-galera (jsc#SLE-22245) Update to 10.6.8 (bsc#1199928): - CVE-2021-46669 (bsc#1199928) - CVE-2022-27376 (bsc#1198628) - CVE-2022-27377 (bsc#1198603) - CVE-2022-27378 (bsc#1198604) - CVE-2022-27379 (bsc#1198605) - CVE-2022-27380 (bsc#1198606) - CVE-2022-27381 (bsc#1198607) - CVE-2022-27382 (bsc#1198609) - CVE-2022-27383 (bsc#1198610) - CVE-2022-27384 (bsc#1198611) - CVE-2022-27386 (bsc#1198612) - CVE-2022-27387 (bsc#1198613) - CVE-2022-27444 (bsc#1198634) - CVE-2022-27445 (bsc#1198629) - CVE-2022-27446 (bsc#1198630) - CVE-2022-27447 (bsc#1198631) - CVE-2022-27448 (bsc#1198632) - CVE-2022-27449 (bsc#1198633) - CVE-2022-27451 (bsc#1198639) - CVE-2022-27452 (bsc#1198640) - CVE-2022-27455 (bsc#1198638) - CVE-2022-27456 (bsc#1198635) - CVE-2022-27457 (bsc#1198636) - CVE-2022-27458 (bsc#1198637) - The following issue is not affecting this package: CVE-2022-21427 Update to 10.6.7 (bsc#1196016): - CVE-2021-46665, CVE-2021-46664, CVE-2021-46661, CVE-2021-46668, CVE-2021-46663 Update to 10.6.6: - CVE-2022-24052, CVE-2022-24051, CVE-2022-24050, CVE-2022-24048, CVE-2021-46659 (bsc#1195339) The following issues have been fixed already but didn't have CVE references: - CVE-2021-46658 (bsc#1195334) - CVE-2021-46657 (bsc#1195325) Non security fixes: - Skip failing tests for s390x, fixes bsc#1195076 External refernences: - https://mariadb.com/kb/en/library/mariadb-1068-release-notes - https://mariadb.com/kb/en/library/mariadb-1068-changelog - https://mariadb.com/kb/en/library/mariadb-1067-release-notes - https://mariadb.com/kb/en/library/mariadb-1067-changelog - https://mariadb.com/kb/en/library/mariadb-1066-release-notes - https://mariadb.com/kb/en/library/mariadb-1066-changelog libmariadbd-devel-10.6.8-150400.3.7.1.x86_64.rpm libmariadbd19-10.6.8-150400.3.7.1.x86_64.rpm mariadb-10.6.8-150400.3.7.1.src.rpm mariadb-10.6.8-150400.3.7.1.x86_64.rpm mariadb-client-10.6.8-150400.3.7.1.x86_64.rpm mariadb-errormessages-10.6.8-150400.3.7.1.noarch.rpm mariadb-tools-10.6.8-150400.3.7.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-2849 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for at fixes the following issues: - Fixes an issue when an error "Read-only file system" appears when writing to '/dev/kmsg'. (bsc#1196219) at-3.2.2-150400.4.3.10.src.rpm at-3.2.2-150400.4.3.10.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-215 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for apache2-mod_auth_openidc fixes the following issues: - CVE-2022-23527: Fixed open redirect in oidc_validate_redirect_url() using tab character (bsc#1206441). - CVE-2021-39191: Fixed open redirect issue in target_link_uri parameter (bsc#1190223). apache2-mod_auth_openidc-2.3.8-150100.3.22.1.src.rpm apache2-mod_auth_openidc-2.3.8-150100.3.22.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-1875 low SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for grpc fixes the following issues: - grpc won't compile on SP4(bsc#1197726) - Add conditional to build without python2 if needed grpc-1.25.0-150200.3.5.1.src.rpm libgrpc++1-1.25.0-150200.3.5.1.x86_64.rpm libgrpc8-1.25.0-150200.3.5.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-1868 low SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for openwsman fixes the following issue: - fix FTBFS with newer libcurl in SLE 15-SP4 (bsc#1197792) libwsman-devel-2.6.7-150000.3.12.2.x86_64.rpm libwsman3-2.6.7-150000.3.12.2.x86_64.rpm openwsman-2.6.7-150000.3.12.2.src.rpm openwsman-server-2.6.7-150000.3.12.2.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-1929 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for redis fixes the following issues: - CVE-2022-24735: Fixed Lua code injection (bsc#1198952). - CVE-2022-24736: Fixed Lua NULL pointer dereference (bsc#1198953). redis-6.2.6-150400.3.3.7.src.rpm redis-6.2.6-150400.3.3.7.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-1814 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for sapconf fixes the following issues: Version update from 5.0.3 to 5.0.4: - Change block device handling to handle multipath devices correctly. Only the DM multipath devices (mpath) will be used for the settings, but not its paths (bsc#1188743) - Fixed wrong comparison used for setting force_latency (bsc#1185702) - SAP Note 1771258 v6 updates nofile values to 1048576 (bsc#1192841) sapconf-5.0.4-150000.7.21.1.noarch.rpm sapconf-5.0.4-150000.7.21.1.src.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-2119 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for salt fixes the following issue: - Make sure SaltCacheLoader use correct fileclient (bsc#1199149) - Fixes for Python 3.10 * Use the same logic in `_compat.py` and `entrypoints.py` to load the same `importlib.metadata.` salt-3004-150400.8.5.2.src.rpm True salt-api-3004-150400.8.5.2.x86_64.rpm True salt-cloud-3004-150400.8.5.2.x86_64.rpm True salt-fish-completion-3004-150400.8.5.2.noarch.rpm True salt-master-3004-150400.8.5.2.x86_64.rpm True salt-proxy-3004-150400.8.5.2.x86_64.rpm True salt-ssh-3004-150400.8.5.2.x86_64.rpm True salt-standalone-formulas-configuration-3004-150400.8.5.2.x86_64.rpm True salt-syndic-3004-150400.8.5.2.x86_64.rpm True SUSE-SLE-Module-Server-Applications-15-SP4-2022-3195 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This updates for yast2: rmt, network and schema fixes the following issues: yast2-rmt: - Adapted unit test to recent changes (bsc#1179893). - Sync ExcludeArch with rmt-server: whenever rmt-server is not available, the yast2-rmt module can't be usable neither. - No longer build as noarch: as the package is not installable on all architectures, it is by definition not 'architecture independent'. - Add rpmlintrc, filtering out "E: no-binary": the package is intentionally not marked noarch. yast2-network and yast2-schema: - Added missing route extrapara element to the networking section (bsc#1201129) yast2-rmt-1.3.4-150200.3.8.1.src.rpm yast2-rmt-1.3.4-150200.3.8.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-1824 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for dhcp fixes the following issues: - Properly handle DHCRELAY(6)_OPTIONS (bsc#1198657) dhcp-4.3.6.P1-150000.6.14.1.src.rpm dhcp-relay-4.3.6.P1-150000.6.14.1.x86_64.rpm dhcp-server-4.3.6.P1-150000.6.14.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-1730 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for libslirp fixes the following issues: - CVE-2021-3592: Fixed invalid pointer initialization may lead to information disclosure (bootp) (bsc#1187364). - CVE-2021-3594: Fixed invalid pointer initialization may lead to information disclosure (udp) (bsc#1187367). - CVE-2021-3595: Fixed invalid pointer initialization may lead to information disclosure (tftp) (bsc#1187366). - Fix a dhcp regression [bsc#1198773] libslirp-4.3.1-150300.6.2.src.rpm libslirp-devel-4.3.1-150300.6.2.x86_64.rpm libslirp0-4.3.1-150300.6.2.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-2688 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for rmt-server fixes the following issues: Version 2.8.0 - Forwarding information of registered systems to SCC more efficiently in batches - Syncing the systems' most recent last seen timestamps to SCC - Optional '--no-confirmation' switch to skip user confirmation when cleaning repository data - Fix "rmt-cli systems list --csv -a" for RMTs with millions of systems (bsc#1191552) - Enable users with old versions of RMT to sync systems with SCC by default rmt-server-2.8.0-150400.3.3.1.src.rpm rmt-server-2.8.0-150400.3.3.1.x86_64.rpm rmt-server-config-2.8.0-150400.3.3.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-1900 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for rabbitmq-c fixes the following issues: - Resolve package build issues (bsc#1198202) librabbitmq-devel-0.10.0-150300.5.3.1.x86_64.rpm librabbitmq4-0.10.0-150300.5.3.1.x86_64.rpm rabbitmq-c-0.10.0-150300.5.3.1.src.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-1908 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for postgresql14 fixes the following issues: - CVE-2022-1552: Confine additional operations within "security restricted operation" sandboxes (bsc#1199475). libecpg6-14.3-150200.5.12.2.x86_64.rpm postgresql14-14.3-150200.5.12.1.src.rpm postgresql14-14.3-150200.5.12.2.src.rpm postgresql14-contrib-14.3-150200.5.12.2.x86_64.rpm postgresql14-devel-14.3-150200.5.12.2.x86_64.rpm postgresql14-docs-14.3-150200.5.12.2.noarch.rpm postgresql14-plperl-14.3-150200.5.12.2.x86_64.rpm postgresql14-plpython-14.3-150200.5.12.2.x86_64.rpm postgresql14-pltcl-14.3-150200.5.12.2.x86_64.rpm postgresql14-server-14.3-150200.5.12.2.x86_64.rpm postgresql14-server-devel-14.3-150200.5.12.2.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-1826 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for nut fixes the following issues: - Fix package build requirements (bsc#1197789) nut-2.7.4-150000.6.3.1.src.rpm nut-2.7.4-150000.6.3.1.x86_64.rpm nut-devel-2.7.4-150000.6.3.1.x86_64.rpm nut-drivers-net-2.7.4-150000.6.3.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-2545 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for system-role-common-criteria fixes the following issues: - Restore UI layout after Common Criteria confirmation (bsc#1194279) system-role-common-criteria-15.4.1-150400.3.3.1.src.rpm system-role-common-criteria-15.4.1-150400.3.3.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-2035 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for grub2 fixes the following issues: This update provides security fixes and hardenings for Boothole 3 / Boothole 2022 (bsc#1198581) - CVE-2021-3695: Fixed that a crafted PNG grayscale image could lead to out-of-bounds write in heap (bsc#1191184) - CVE-2021-3696: Fixed that a crafted PNG image could lead to out-of-bound write during huffman table handling (bsc#1191185) - CVE-2021-3697: Fixed that a crafted JPEG image could lead to buffer underflow write in the heap (bsc#1191186) - CVE-2022-28733: Fixed fragmentation math in net/ip (bsc#1198460) - CVE-2022-28734: Fixed an out-of-bound write for split http headers (bsc#1198493) - CVE-2022-28735: Fixed some verifier framework changes (bsc#1198495) - CVE-2022-28736: Fixed a use-after-free in chainloader command (bsc#1198496) - Update SBAT security contact (bsc#1193282) - Bump grub's SBAT generation to 2 - Use boot disks in OpenFirmware, fixing regression caused when the root LV is completely in the boot LUN (bsc#1197948) grub2-2.06-150400.11.5.2.src.rpm grub2-x86_64-xen-2.06-150400.11.5.2.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-2295 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for 389-ds fixes the following issues: - CVE-2021-4091: Fixed double free in psearch (bsc#1195324). - CVE-2022-1949: Fixed full access control bypass with simple crafted query (bsc#1199889). 389-ds-2.0.15~git26.1ea6a6803-150400.3.5.1.src.rpm 389-ds-2.0.15~git26.1ea6a6803-150400.3.5.1.x86_64.rpm 389-ds-devel-2.0.15~git26.1ea6a6803-150400.3.5.1.x86_64.rpm lib389-2.0.15~git26.1ea6a6803-150400.3.5.1.x86_64.rpm libsvrcore0-2.0.15~git26.1ea6a6803-150400.3.5.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-3275 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for python-aiohttp, python-typing_extensions fixes the following issues: - Include in SLE-15 (bsc#1197831) - Fixed required/optional keys with old-style TypedDict - Test in separate multibuild flavor to break depcycles with full python stdlib - Clean requirements specifications for python flavors - Add transitional typing-extensions provides - Fix tests for Python 3.9 - Official support for Python 3.8 and 3.9 - Fix build without python2 available - Fix isinstance() with generic protocol subclasses after subscripting - Fix tests for non-default interpreters - Use environment marker to specify typing dependency - Fix unions of protocols on Python 2 python-typing_extensions-3.10.0.0-150400.3.2.1.src.rpm python3-typing_extensions-3.10.0.0-150400.3.2.1.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-2713 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for bind fixes the following issues: - CVE-2021-25219: Fixed flaw that allowed abusing lame cache to severely degrade resolver performance (bsc#1192146). - CVE-2021-25220: Fixed potentially incorrect answers by cached forwarders (bsc#1197135). - CVE-2022-0396: Fixed a incorrect handling of TCP connection slots time frame leading to deny of service (bsc#1197136). The following non-security bugs were fixed: - Update to release 9.16.31 (jsc#SLE-24600). - Logrotation broken since dropping chroot (bsc#1200685). - A non-existent initialization script (eg a leftorver "createNamedConfInclude" in /etc/sysconfig/named) may cause named not to start. A warning message is printed in named.prep and the fact is ignored. Also, the return value of a failed script was not handled properly causing a failed script to not prevent named to start. This is now fixed properly. [bsc#1199044, vendor-files.tar.bz2] bind-9.16.31-150400.5.6.1.src.rpm bind-9.16.31-150400.5.6.1.x86_64.rpm bind-doc-9.16.31-150400.5.6.1.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-2296 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for xen fixes the following issues: - CVE-2022-26362: Fixed race condition in typeref acquisition (bsc#1199965) - CVE-2022-26363, CVE-2022-26364: Fixed insufficient care with non-coherent mappings (bsc#1199966) xen-4.16.1_04-150400.4.5.2.src.rpm True xen-4.16.1_04-150400.4.5.2.x86_64.rpm True xen-devel-4.16.1_04-150400.4.5.2.x86_64.rpm True xen-tools-4.16.1_04-150400.4.5.2.x86_64.rpm True xen-tools-xendomains-wait-disk-4.16.1_04-150400.4.5.2.noarch.rpm True SUSE-SLE-Module-Server-Applications-15-SP4-2022-2260 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for qemu fixes the following issues: - CVE-2022-26354: Fixed missing virtqueue detach on error can lead to memory leak (bsc#1198712) - CVE-2022-26353: Fixed map leaking on error during receive (bsc#1198711) - CVE-2021-4207: Fixed double fetch in qxl_cursor() can lead to heap buffer overflow (bsc#1198037) - CVE-2021-4206: Fixed integer overflow in cursor_alloc() can lead to heap buffer overflow (bsc#1198035) qemu-6.2.0-150400.37.5.3.src.rpm qemu-6.2.0-150400.37.5.3.x86_64.rpm qemu-accel-tcg-x86-6.2.0-150400.37.5.3.x86_64.rpm qemu-audio-alsa-6.2.0-150400.37.5.3.x86_64.rpm qemu-audio-pa-6.2.0-150400.37.5.3.x86_64.rpm qemu-audio-spice-6.2.0-150400.37.5.3.x86_64.rpm qemu-block-curl-6.2.0-150400.37.5.3.x86_64.rpm qemu-block-iscsi-6.2.0-150400.37.5.3.x86_64.rpm qemu-block-rbd-6.2.0-150400.37.5.3.x86_64.rpm qemu-block-ssh-6.2.0-150400.37.5.3.x86_64.rpm qemu-chardev-baum-6.2.0-150400.37.5.3.x86_64.rpm qemu-chardev-spice-6.2.0-150400.37.5.3.x86_64.rpm qemu-guest-agent-6.2.0-150400.37.5.3.x86_64.rpm qemu-hw-display-qxl-6.2.0-150400.37.5.3.x86_64.rpm qemu-hw-display-virtio-gpu-6.2.0-150400.37.5.3.x86_64.rpm qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.5.3.x86_64.rpm qemu-hw-display-virtio-vga-6.2.0-150400.37.5.3.x86_64.rpm qemu-hw-usb-host-6.2.0-150400.37.5.3.x86_64.rpm qemu-hw-usb-redirect-6.2.0-150400.37.5.3.x86_64.rpm qemu-ipxe-1.0.0+-150400.37.5.3.noarch.rpm qemu-ksm-6.2.0-150400.37.5.3.x86_64.rpm qemu-kvm-6.2.0-150400.37.5.3.x86_64.rpm qemu-lang-6.2.0-150400.37.5.3.x86_64.rpm qemu-ui-curses-6.2.0-150400.37.5.3.x86_64.rpm qemu-ui-gtk-6.2.0-150400.37.5.3.x86_64.rpm qemu-ui-opengl-6.2.0-150400.37.5.3.x86_64.rpm qemu-ui-spice-app-6.2.0-150400.37.5.3.x86_64.rpm qemu-ui-spice-core-6.2.0-150400.37.5.3.x86_64.rpm qemu-x86-6.2.0-150400.37.5.3.x86_64.rpm qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.5.3.noarch.rpm qemu-sgabios-8-150400.37.5.3.noarch.rpm qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.5.3.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-2297 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for python-Twisted fixes the following issues: - CVE-2022-21716: Fixed that ssh server accepts an infinite amount of data using all the available memory (bsc#1196739). python-Twisted-22.2.0-150400.5.4.1.src.rpm python3-Twisted-22.2.0-150400.5.4.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-2655 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for postgresql-jdbc fixes the following issues: - CVE-2022-26520: Fixed arbitrary File Write Vulnerability (bsc#1197356) postgresql-jdbc-42.2.25-150400.3.3.2.noarch.rpm postgresql-jdbc-42.2.25-150400.3.3.2.src.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-2302 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for apache2 fixes the following issues: - CVE-2022-26377: Fixed possible request smuggling in mod_proxy_ajp (bsc#1200338) - CVE-2022-28614: Fixed read beyond bounds via ap_rwrite() (bsc#1200340) - CVE-2022-28615: Fixed read beyond bounds in ap_strcmp_match() (bsc#1200341) - CVE-2022-29404: Fixed denial of service in mod_lua r:parsebody (bsc#1200345) - CVE-2022-30556: Fixed information disclosure in mod_lua with websockets (bsc#1200350) - CVE-2022-30522: Fixed mod_sed denial of service (bsc#1200352) - CVE-2022-31813: Fixed mod_proxy X-Forwarded-For dropped by hop-by-hop mechanism (bsc#1200348) apache2-2.4.51-150400.6.3.1.src.rpm apache2-devel-2.4.51-150400.6.3.1.x86_64.rpm apache2-doc-2.4.51-150400.6.3.1.noarch.rpm apache2-worker-2.4.51-150400.6.3.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-2395 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for virglrenderer fixes the following issues: - CVE-2022-0135: Fix OOB in read_transfer_data. (bsc#1195389) libvirglrenderer1-0.9.1-150400.3.3.1.x86_64.rpm virglrenderer-0.9.1-150400.3.3.1.src.rpm virglrenderer-devel-0.9.1-150400.3.3.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-2880 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update of dpdk fixes the following issue: - Fix to read PCI device name as UTF strings (bsc#1198873) - Allow configuring thread granularity of Kernel NIC Interface (bsc#1195172) - Rebuild with new secure boot key due to grub2 boothole 3 issues (bsc#1198581) dpdk-19.11.10-150400.4.4.1.src.rpm dpdk-19.11.10-150400.4.4.1.x86_64.rpm dpdk-devel-19.11.10-150400.4.4.1.x86_64.rpm dpdk-kmp-default-19.11.10_k5.14.21_150400.24.11-150400.4.4.1.x86_64.rpm dpdk-tools-19.11.10-150400.4.4.1.x86_64.rpm libdpdk-20_0-19.11.10-150400.4.4.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-2657 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update of oracleasm fixes the following issue: - rebuild with new secure boot key due to grub2 boothole 3 issues (bsc#1198581) oracleasm-2.0.8-150400.25.2.8.src.rpm oracleasm-kmp-default-2.0.8_k5.14.21_150400.24.11-150400.25.2.8.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-2304 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for salt fixes the following issues: - CVE-2022-22967: Fixed missing check for PAM_ACCT_MGM return value that could be used to bypass authentication when using PAM (bsc#1200566) salt-3004-150400.8.8.1.src.rpm True salt-api-3004-150400.8.8.1.x86_64.rpm True salt-cloud-3004-150400.8.8.1.x86_64.rpm True salt-fish-completion-3004-150400.8.8.1.noarch.rpm True salt-master-3004-150400.8.8.1.x86_64.rpm True salt-proxy-3004-150400.8.8.1.x86_64.rpm True salt-ssh-3004-150400.8.8.1.x86_64.rpm True salt-standalone-formulas-configuration-3004-150400.8.8.1.x86_64.rpm True salt-syndic-3004-150400.8.8.1.x86_64.rpm True SUSE-SLE-Module-Server-Applications-15-SP4-2022-2359 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for squid fixes the following issues: - CVE-2021-46784: Fixed DoS when processing gopher server responses. (bsc#1200907) - Update to 5.6: - Improve handling of Gopher responses - Changes in 5.5: - fixes regression Bug 5192: esi_parser default is incorrect - Bug 5177: clientca certificates sent to https_port clients - Bug 5090: Must(!request->pinnedConnection()) violation - Kid restart leads to persistent queue overflows, delays/timeouts squid-5.6-150400.3.3.1.src.rpm squid-5.6-150400.3.3.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-2426 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for rsyslog fixes the following issues: - Remove inotify watch descriptor in imfile on inode change detected (bsc#1198939) rsyslog-8.2106.0-150400.5.3.1.src.rpm rsyslog-module-gssapi-8.2106.0-150400.5.3.1.x86_64.rpm rsyslog-module-gtls-8.2106.0-150400.5.3.1.x86_64.rpm rsyslog-module-mmnormalize-8.2106.0-150400.5.3.1.x86_64.rpm rsyslog-module-mysql-8.2106.0-150400.5.3.1.x86_64.rpm rsyslog-module-pgsql-8.2106.0-150400.5.3.1.x86_64.rpm rsyslog-module-relp-8.2106.0-150400.5.3.1.x86_64.rpm rsyslog-module-snmp-8.2106.0-150400.5.3.1.x86_64.rpm rsyslog-module-udpspoof-8.2106.0-150400.5.3.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-2581 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for libguestfs fixes the following issues: - CVE-2022-2211: Fixed a buffer overflow in get_keys (bsc#1201064). guestfs-data-1.44.2-150400.3.3.1.x86_64.rpm guestfs-tools-1.44.2-150400.3.3.1.x86_64.rpm guestfs-winsupport-1.44.2-150400.3.3.1.x86_64.rpm guestfsd-1.44.2-150400.3.3.1.x86_64.rpm libguestfs-1.44.2-150400.3.3.1.src.rpm libguestfs-devel-1.44.2-150400.3.3.1.x86_64.rpm libguestfs0-1.44.2-150400.3.3.1.x86_64.rpm perl-Sys-Guestfs-1.44.2-150400.3.3.1.x86_64.rpm python3-libguestfs-1.44.2-150400.3.3.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-2447 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for virt-manager fixes the following issues: - Add support for AMD Secure Encrypted Virtualization-Encrypted State (SEV-ES) (bsc#1196806, jsc#SLE-18732) - Add firmware features to description tooltip when mouse hovers over the selected firmware file - SLES 15 SP4 GMC --os-variant tag shouldn't be mandatory on s390x (bsc#1200691, bsc#1200422) - Make package xorriso a required dependency virt-install-4.0.0-150400.3.3.1.noarch.rpm virt-manager-4.0.0-150400.3.3.1.noarch.rpm virt-manager-4.0.0-150400.3.3.1.src.rpm virt-manager-common-4.0.0-150400.3.3.1.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-2448 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for dovecot23 fixes the following issues: - CVE-2022-30550: Fixed privilege escalation in dovecot when similar master and non-master passdbs are used (bsc#1201267). dovecot23-2.3.15-150200.62.1.src.rpm dovecot23-2.3.15-150200.62.1.x86_64.rpm dovecot23-backend-mysql-2.3.15-150200.62.1.x86_64.rpm dovecot23-backend-pgsql-2.3.15-150200.62.1.x86_64.rpm dovecot23-backend-sqlite-2.3.15-150200.62.1.x86_64.rpm dovecot23-devel-2.3.15-150200.62.1.x86_64.rpm dovecot23-fts-2.3.15-150200.62.1.x86_64.rpm dovecot23-fts-lucene-2.3.15-150200.62.1.x86_64.rpm dovecot23-fts-solr-2.3.15-150200.62.1.x86_64.rpm dovecot23-fts-squat-2.3.15-150200.62.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-2626 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for openCryptoki fixes the following issues: - Add the installation of the configuration file p11sak_defined_attrs.conf (bsc#1199862) openCryptoki-3.17.0-150400.4.3.1.src.rpm openCryptoki-3.17.0-150400.4.3.1.x86_64.rpm openCryptoki-devel-3.17.0-150400.4.3.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-3199 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for yast2-samba-provision fixes the following issues: Security issue fixed: - CVE-2018-17956: Fixed a credentials leak (bsc#1117597). Non-Security issues fixed: - Stop packaging docdir, it only contained the license which is now in licensedir. (bsc#1184897) - Catch and show internal python exceptions. (bsc#1140548) - Show a dialog with provision details or errors. (bsc#1132676) - Add metainfo (fate#319035) yast2-samba-provision-1.0.5-150400.9.3.3.noarch.rpm yast2-samba-provision-1.0.5-150400.9.3.3.src.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-2597 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for xen fixes the following issues: - CVE-2022-26363, CVE-2022-26364: Fixed insufficient care with non-coherent mappings (XSA-402) (bsc#1199966). - CVE-2022-21123, CVE-2022-21125, CVE-2022-21166: Fixed MMIO stale data vulnerabilities on x86 (XSA-404) (bsc#1200549). - CVE-2022-26362: Fixed a race condition in typeref acquisition (XSA-401) (bsc#1199965). - CVE-2022-33745: Fixed insufficient TLB flush for x86 PV guests in shadow mode (XSA-408) (bsc#1201394). - CVE-2022-23816, CVE-2022-23825, CVE-2022-29900: Fixed RETBLEED vulnerability, arbitrary speculative code execution with return instructions (XSA-407) (bsc#1201469). Fixed several upstream bugs (bsc#1027519). xen-4.16.1_06-150400.4.8.1.src.rpm True xen-4.16.1_06-150400.4.8.1.x86_64.rpm True xen-devel-4.16.1_06-150400.4.8.1.x86_64.rpm True xen-tools-4.16.1_06-150400.4.8.1.x86_64.rpm True xen-tools-xendomains-wait-disk-4.16.1_06-150400.4.8.1.noarch.rpm True SUSE-SLE-Module-Server-Applications-15-SP4-2022-2989 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for postgresql14 fixes the following issues: - Upgrade to version 14.5: - CVE-2022-2625: Fixed an issue where extension scripts would replace objects not belonging to that extension (bsc#1202368). - Upgrade to version 14.4 (bsc#1200437) - Release notes: https://www.postgresql.org/docs/release/14.4/ - Release announcement: https://www.postgresql.org/about/news/p-2470/ - Prevent possible corruption of indexes created or rebuilt with the CONCURRENTLY option (bsc#1200437) - Pin to llvm13 until the next patchlevel update (bsc#1198166) libecpg6-14.5-150200.5.17.1.x86_64.rpm postgresql14-14.5-150200.5.17.1.src.rpm postgresql14-contrib-14.5-150200.5.17.1.x86_64.rpm postgresql14-devel-14.5-150200.5.17.1.x86_64.rpm postgresql14-docs-14.5-150200.5.17.1.noarch.rpm postgresql14-plperl-14.5-150200.5.17.1.x86_64.rpm postgresql14-plpython-14.5-150200.5.17.1.x86_64.rpm postgresql14-pltcl-14.5-150200.5.17.1.x86_64.rpm postgresql14-server-14.5-150200.5.17.1.x86_64.rpm postgresql14-server-devel-14.5-150200.5.17.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-3258 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for sca-appliance-broker fixes the following issues: - Update setup-sca checks for php8 (bsc#1201011) sca-appliance-broker-1.3.2-150300.3.3.1.noarch.rpm sca-appliance-broker-1.3.2-150300.3.3.1.src.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-2977 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for util-linux fixes the following issues: - agetty: Resolve tty name even if stdin is specified (bsc#1197178) - libmount: When moving a mount point, update all sub mount entries in utab (bsc#1198731) util-linux-systemd-2.37.2-150400.8.3.1.src.rpm uuidd-2.37.2-150400.8.3.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-3009 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for rsyslog fixes the following issues: -Fix memory access violation issue in qDeqLinkedList during shutdown (bsc#1199283) rsyslog-8.2106.0-150400.5.6.1.src.rpm rsyslog-module-gssapi-8.2106.0-150400.5.6.1.x86_64.rpm rsyslog-module-gtls-8.2106.0-150400.5.6.1.x86_64.rpm rsyslog-module-mmnormalize-8.2106.0-150400.5.6.1.x86_64.rpm rsyslog-module-mysql-8.2106.0-150400.5.6.1.x86_64.rpm rsyslog-module-pgsql-8.2106.0-150400.5.6.1.x86_64.rpm rsyslog-module-relp-8.2106.0-150400.5.6.1.x86_64.rpm rsyslog-module-snmp-8.2106.0-150400.5.6.1.x86_64.rpm rsyslog-module-udpspoof-8.2106.0-150400.5.6.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-2941 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for libslirp fixes the following issues: - CVE-2021-3593: Fixed invalid pointer initialization may lead to information disclosure (udp6) (bsc#1187365). Non-security fixes: - Fix the version header (bsc#1201551) libslirp-4.3.1-150300.11.1.src.rpm libslirp-devel-4.3.1-150300.11.1.x86_64.rpm libslirp0-4.3.1-150300.11.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-3188 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This recommended update for salt fixes the following issues: - Add support for gpgautoimport in zypperpkg module - Update Salt to work with Jinja >= and <= 3.1.0 (bsc#1198744) - Fix salt.states.file.managed() for follow_symlinks=True and test=True (bsc#1199372) - Make Salt 3004 compatible with pyzmq >= 23.0.0 (bsc#1201082) - Add support for name, pkgs and diff_attr parameters to upgrade function for zypper and yum (bsc#1198489) - Fix ownership of salt thin directory when using the Salt Bundle - Set default target for pip from VENV_PIP_TARGET environment variable - Normalize package names once with pkg.installed/removed using yum (bsc#1195895) - Save log to logfile with docker.build - Use Salt Bundle in dockermod - Ignore errors on reading license files with dpkg_lowpkg (bsc#1197288) salt-3004-150400.8.11.1.src.rpm True salt-api-3004-150400.8.11.1.x86_64.rpm True salt-cloud-3004-150400.8.11.1.x86_64.rpm True salt-fish-completion-3004-150400.8.11.1.noarch.rpm True salt-master-3004-150400.8.11.1.x86_64.rpm True salt-proxy-3004-150400.8.11.1.x86_64.rpm True salt-ssh-3004-150400.8.11.1.x86_64.rpm True salt-standalone-formulas-configuration-3004-150400.8.11.1.x86_64.rpm True salt-syndic-3004-150400.8.11.1.x86_64.rpm True SUSE-SLE-Module-Server-Applications-15-SP4-2022-3286 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for 389-ds fixes the following issues: - CVE-2022-2850: Fixed an application crash when running a sync_repl client that could be triggered via a malformed cookie (bsc#1202470). Non-security fixes: - Update to version 2.0.16~git20.219f047ae: * Fix missing 'not' in description * CI - makes replication/acceptance_test.py::test_modify_entry more robust * fix repl keep alive event interval * Sync_repl may crash while managing invalid cookie * Hostname when set to localhost causing failures in other tests * lib389 - do not set backend name to lowercase * keep alive update event starts too soon * Fix various memory leaks * UI - LDAP Editor is not updated when we switch instances * Supplier should do periodic updates - Update sudoers schema to support UTF-8 (bsc#1197998) - Update to version 2.0.16~git9.e2a858a86: * UI - Various fixes and RFE's for UI * Remove problematic language from source code * CI - disable TLS hostname checking * Update npm and cargo packages * Support ECDSA private keys for TLS 389-ds-2.0.16~git20.219f047ae-150400.3.10.1.src.rpm 389-ds-2.0.16~git20.219f047ae-150400.3.10.1.x86_64.rpm 389-ds-devel-2.0.16~git20.219f047ae-150400.3.10.1.x86_64.rpm lib389-2.0.16~git20.219f047ae-150400.3.10.1.x86_64.rpm libsvrcore0-2.0.16~git20.219f047ae-150400.3.10.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-3261 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for openCryptoki fixes the following issues: - Fix C_GetMechanismList returning CKR_BUFFER_TOO_SMALL in the EP11 token (bsc#1202028) openCryptoki-3.17.0-150400.4.6.1.src.rpm openCryptoki-3.17.0-150400.4.6.1.x86_64.rpm openCryptoki-devel-3.17.0-150400.4.6.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-2922 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for libyang fixes the following issues: - CVE-2021-28905: Fixed a reachable assertion which could be exploited by an attacker to cause a denial of service (bsc#1186377). libyang-1.0.184-150300.3.3.1.src.rpm libyang-extentions-1.0.184-150300.3.3.1.x86_64.rpm libyang1-1.0.184-150300.3.3.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-3099 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for openvswitch fixes the following issues: - CVE-2021-36980: Fixed a use-after-free issue during the decoding of a RAW_ENCAP action (bsc#1188524). libopenvswitch-2_14-0-2.14.2-150400.24.3.1.x86_64.rpm libovn-20_06-0-20.06.2-150400.24.3.1.x86_64.rpm openvswitch-2.14.2-150400.24.3.1.src.rpm openvswitch-2.14.2-150400.24.3.1.x86_64.rpm openvswitch-devel-2.14.2-150400.24.3.1.x86_64.rpm openvswitch-ipsec-2.14.2-150400.24.3.1.x86_64.rpm openvswitch-pki-2.14.2-150400.24.3.1.x86_64.rpm openvswitch-test-2.14.2-150400.24.3.1.x86_64.rpm openvswitch-vtep-2.14.2-150400.24.3.1.x86_64.rpm ovn-20.06.2-150400.24.3.1.x86_64.rpm ovn-central-20.06.2-150400.24.3.1.x86_64.rpm ovn-devel-20.06.2-150400.24.3.1.x86_64.rpm ovn-docker-20.06.2-150400.24.3.1.x86_64.rpm ovn-host-20.06.2-150400.24.3.1.x86_64.rpm ovn-vtep-20.06.2-150400.24.3.1.x86_64.rpm python3-ovs-2.14.2-150400.24.3.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-3481 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for libvirt fixes the following issues: - spec: Include aarch64 in the list of architectures that 'Require' dmidecode (bsc#1202608) - qemu: Support memory allocation threads (bsc#1197084) libvirt-7.1.0-150300.6.35.2.src.rpm libvirt-bash-completion-7.1.0-150300.6.35.2.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-3159 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for mariadb fixes the following issues: - Updated to 10.6.9: - CVE-2022-32082: Fixed a reachable assertion that would crash the server (bsc#1201162). - CVE-2022-32089: Fixed a segmentation fault that coudl be triggered via a crafted query (bsc#1201169). - CVE-2022-32081: Fixed a buffer overflow on instant ADD/DROP of generated column (bsc#1201161). - CVE-2022-32091: Fixed a memory corruption issue that could be triggered via a crafted query (bsc#1201170). - CVE-2022-32084: Fixed a segmentation fault on INSERT SELECT queries (bsc#1201164). - Additionaly, the following issues were previously fixed: - CVE-2022-32088: Fixed a server crash when using ORDER BY with window function and UNION(bsc#1201168). - CVE-2022-32087: Fixed a segmentation fault that could be triggered via a crafted query (bsc#1201167). - CVE-2022-32086: Fixed a server crash on INSERT SELECT queries (bsc#1201166). - CVE-2022-32085: Fixed a segmentation fault that could be triggered via a crafted query (bsc#1201165). - CVE-2022-32083: Fixed a segmentation fault that could be triggered via a crafted query (bsc#1201163). Bugfixes: - Update mysql-systemd-helper to be aware of custom group (bsc#1200105). libmariadbd-devel-10.6.9-150400.3.12.1.x86_64.rpm libmariadbd19-10.6.9-150400.3.12.1.x86_64.rpm mariadb-10.6.9-150400.3.12.1.src.rpm mariadb-10.6.9-150400.3.12.1.x86_64.rpm mariadb-client-10.6.9-150400.3.12.1.x86_64.rpm mariadb-errormessages-10.6.9-150400.3.12.1.noarch.rpm mariadb-tools-10.6.9-150400.3.12.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-4308 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for virt-v2v fixes the following issues: - CVE-2022-2211: Fixed buffer overflow in get_keys (bsc#1201064). virt-v2v-1.44.2-150400.3.3.1.src.rpm virt-v2v-1.44.2-150400.3.3.1.x86_64.rpm virt-v2v-bash-completion-1.44.2-150400.3.3.1.noarch.rpm virt-v2v-man-pages-ja-1.44.2-150400.3.3.1.noarch.rpm virt-v2v-man-pages-uk-1.44.2-150400.3.3.1.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-3245 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for libyang fixes the following issues: - CVE-2021-28906: Fixed missing check in read_yin_leaf that can lead to DoS (bsc#1186378) - CVE-2021-28904: Fixed missing check in ext_get_plugin that lead to DoS (bsc#1186376). - CVE-2021-28903: Fixed stack overflow in lyxml_parse_mem (bsc#1186375). - CVE-2021-28902: Fixed missing check in read_yin_container that can lead to DoS (bsc#1186374). libyang-1.0.184-150300.3.6.1.src.rpm libyang-extentions-1.0.184-150300.3.6.1.x86_64.rpm libyang1-1.0.184-150300.3.6.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-3246 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for frr fixes the following issues: - CVE-2022-37032: Fixed out-of-bounds read in the BGP daemon that may lead to information disclosure or denial of service (bsc#1202023). - CVE-2019-25074: Fixed a memory leak in the IS-IS daemon that may lead to server memory exhaustion (bsc#1202022). frr-7.4-150300.4.7.1.src.rpm frr-7.4-150300.4.7.1.x86_64.rpm frr-devel-7.4-150300.4.7.1.x86_64.rpm libfrr0-7.4-150300.4.7.1.x86_64.rpm libfrr_pb0-7.4-150300.4.7.1.x86_64.rpm libfrrcares0-7.4-150300.4.7.1.x86_64.rpm libfrrfpm_pb0-7.4-150300.4.7.1.x86_64.rpm libfrrgrpc_pb0-7.4-150300.4.7.1.x86_64.rpm libfrrospfapiclient0-7.4-150300.4.7.1.x86_64.rpm libfrrsnmp0-7.4-150300.4.7.1.x86_64.rpm libfrrzmq0-7.4-150300.4.7.1.x86_64.rpm libmlag_pb0-7.4-150300.4.7.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-3767 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for bind fixes the following issues: Update to release 9.16.33: - CVE-2022-2795: Fixed potential performance degredation due to missing database lookup limits when processing large delegations (bsc#1203614). - CVE-2022-3080: Fixed assertion failure when there was a stale CNAME in the cache for the incoming query and the stale-answer-client-timeout option is set to 0 (bsc#1203618). - CVE-2022-38177: Fixed a memory leak that could be externally triggered in the DNSSEC verification code for the ECDSA algorithm (bsc#1203619). - CVE-2022-38178: Fixed memory leaks that could be externally triggered in the DNSSEC verification code for the EdDSA algorithm (bsc#1203620). - Add systemd drop-in directory for named service (bsc#1201689). - Add modified createNamedConfInclude script and README-bind.chrootenv (bsc#1203250). - Feature Changes: - Response Rate Limiting (RRL) code now treats all QNAMEs that are subject to wildcard processing within a given zone as the same name, to prevent circumventing the limits enforced by RRL. - Zones using dnssec-policy now require dynamic DNS or inline-signing to be configured explicitly. - A backward-compatible approach was implemented for encoding internationalized domain names (IDN) in dig and converting the domain to IDNA2008 form; if that fails, BIND tries an IDNA2003 conversion. - The DNSSEC algorithms RSASHA1 and NSEC3RSASHA1 are now automatically disabled on systems where they are disallowed by the security policy. Primary zones using those algorithms need to be migrated to new algorithms prior to running on these systems, as graceful migration to different DNSSEC algorithms is not possible when RSASHA1 is disallowed by the operating system. - Log messages related to fetch limiting have been improved to provide more complete information. Specifically, the final counts of allowed and spilled fetches are now logged before the counter object is destroyed. - Non-dynamic zones that inherit dnssec-policy from the view or options blocks were not marked as inline-signed and therefore never scheduled to be re-signed. This has been fixed. - The old max-zone-ttl zone option was meant to be superseded by the max-zone-ttl option in dnssec-policy; however, the latter option was not fully effective. This has been corrected: zones no longer load if they contain TTLs greater than the limit configured in dnssec-policy. For zones with both the old max-zone-ttl option and dnssec-policy configured, the old option is ignored, and a warning is generated. - rndc dumpdb -expired was fixed to include expired RRsets, even if stale-cache-enable is set to no and the cache-cleaning time window has passed. (jsc#SLE-24600) bind-9.16.33-150400.5.11.1.src.rpm bind-9.16.33-150400.5.11.1.x86_64.rpm bind-doc-9.16.33-150400.5.11.1.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-4019 low SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for apparmor fixes the following issues: - profiles: permit php-fpm pid files directly under run/ (bsc#1202344) apache2-mod_apparmor-3.0.4-150400.5.3.1.x86_64.rpm apparmor-3.0.4-150400.5.3.1.src.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-3667 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for clone-master-clean-up fixes the following issues: - CVE-2021-32000: Fixed some potentially dangerous file system operations (bsc#1181050). Bugfixes: - Fixed clone-master-clean-up failing to remove btrfs snapshots (bsc#1203651). clone-master-clean-up-1.8-150100.3.14.1.noarch.rpm clone-master-clean-up-1.8-150100.3.14.1.src.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-3341 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for dpdk fixes the following issues: - CVE-2022-2132: Fixed DoS when a vhost header crosses more than two descriptors and exhausts all mbufs (bsc#1202903). - CVE-2022-28199: Fixed buffer overflow in the vhost code (bsc#1202956). dpdk-19.11.10-150400.4.7.1.src.rpm dpdk-19.11.10-150400.4.7.1.x86_64.rpm dpdk-devel-19.11.10-150400.4.7.1.x86_64.rpm dpdk-kmp-default-19.11.10_k5.14.21_150400.24.18-150400.4.7.1.x86_64.rpm dpdk-tools-19.11.10-150400.4.7.1.x86_64.rpm libdpdk-20_0-19.11.10-150400.4.7.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-3588 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for rmt-server fixes the following issues: - Implement `System-Token` header handling to improve unique system reporting. - Add --proxy-byos flag to rmt-cli systems command to filter BYOS systems using RMT as a proxy - Retry failed http requests automatically (bsc#1197405, bsc#1188578, bsc#1198721, bsc#1199961) - Improved rmt-client-setup-res script for CentOS8.x and RHEL/RES8.x (bsc#1197038) rmt-server-2.9-150400.3.6.1.src.rpm rmt-server-2.9-150400.3.6.1.x86_64.rpm rmt-server-config-2.9-150400.3.6.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-3811 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for ovmf fixes the following issues: - Disable option ROM on sev (bsc#1199156) - Fix detection issue of NVME controller (bsc#1203825) ovmf-202202-150400.5.5.1.src.rpm ovmf-202202-150400.5.5.1.x86_64.rpm ovmf-tools-202202-150400.5.5.1.x86_64.rpm qemu-ovmf-x86_64-202202-150400.5.5.1.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-3685 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This optional update for monitoring-plugins and its dependencies provides: freeradius-client: - Deliver missing freeradius-client to SUSE Package Hub 15 SP4 and solve migration issues from 15 SP3. (ijsc#MSC-399) - There are NO code changes. monitoring-plugins: - Deliver missing monitoring plugins to SUSE Package Hub 15 SP4 and solve migration issues from 15 SP3. (ijsc#MSC-399) - There are NO code changes. perl-Crypt-DES: - Deliver missing perl-Crypt-DES to SUSE Package Hub 15 SP4 and solve migration issues from 15 SP3. (ijsc#MSC-399) - There are NO code changes. perl-Crypt-Rijndael: - Deliver missing perl-Crypt-Rijndaelto SUSE Package Hub 15 SP4 and solve migration issues from 15 SP3. (ijsc#MSC-399) - There are NO code changes. perl-Net-SNMP: - Deliver missing perl-Net-SNMP to SUSE Package Hub 15 SP4 and solve migration issues from 15 SP3. (ijsc#MSC-399) - There are NO code changes. freeradius-client-1.1.7-150400.14.2.1.src.rpm freeradius-client-1.1.7-150400.14.2.1.x86_64.rpm freeradius-client-devel-1.1.7-150400.14.2.1.x86_64.rpm freeradius-client-libs-1.1.7-150400.14.2.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-3320 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for vsftpd fixes the following issues: - CVE-2021-3618: Enforced security checks against ALPACA attack (bsc#1187678, bsc#1187686, PM-3322). Bugfixes: - Fixed a seccomp failure in FIPS mode when SSL was enabled (bsc#1052900). - Allowed wait4() to be called so that the broker can wait for its child processes (bsc#1021387). - Allowed sendto() syscall when /dev/log support is enabled (bsc#786024). vsftpd-3.0.5-150400.3.3.1.src.rpm vsftpd-3.0.5-150400.3.3.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-3437 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This recommended update for mariadb-galera provides: - Deliver missing mariadb-galera to SUSE Linux Enterprise 15 Service Pack 4 PackageHub - There are NO code changes libmariadbd-devel-10.6.9-150400.3.14.1.x86_64.rpm libmariadbd19-10.6.9-150400.3.14.1.x86_64.rpm mariadb-10.6.9-150400.3.14.1.src.rpm mariadb-10.6.9-150400.3.14.1.x86_64.rpm mariadb-client-10.6.9-150400.3.14.1.x86_64.rpm mariadb-errormessages-10.6.9-150400.3.14.1.noarch.rpm mariadb-tools-10.6.9-150400.3.14.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-4370 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for rsyslog fixes the following issues: - Parsing of legacy config syntax (bsc#1205275) - Remove $klogConsoleLogLevel setting from rsyslog.conf as this legacy setting from pre-systemd times is obsolete and can block important systemd messages (bsc#1191833) rsyslog-8.2106.0-150400.5.11.1.src.rpm rsyslog-module-gssapi-8.2106.0-150400.5.11.1.x86_64.rpm rsyslog-module-gtls-8.2106.0-150400.5.11.1.x86_64.rpm rsyslog-module-mmnormalize-8.2106.0-150400.5.11.1.x86_64.rpm rsyslog-module-mysql-8.2106.0-150400.5.11.1.x86_64.rpm rsyslog-module-pgsql-8.2106.0-150400.5.11.1.x86_64.rpm rsyslog-module-relp-8.2106.0-150400.5.11.1.x86_64.rpm rsyslog-module-snmp-8.2106.0-150400.5.11.1.x86_64.rpm rsyslog-module-udpspoof-8.2106.0-150400.5.11.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-4387 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for libteam fixes the following issues: - Set ports priority to local and kernel configurations (bsc#1200505) libteam-1.27-150000.4.6.1.src.rpm libteam-tools-1.27-150000.4.6.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-3845 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This feature update for grub2 fixes the following issues: - Include loopback into signed grub2 image (jsc#PED-2151, jsc#PED-2150) - Enable "Automatic TPM Disk Unlock" mechanism (jsc#PED-1423, jsc#PED-1091, bsc#1196668) - Fix installation failure due to unavailable nvram device on ppc64le (bsc#1201361) grub2-2.06-150400.11.12.1.src.rpm grub2-x86_64-xen-2.06-150400.11.12.1.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-3974 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for util-linux fixes the following issues: - Fix file conflict during upgrade (bsc#1204211) - libuuid improvements (bsc#1201959, PED-1150): libuuid: Fix range when parsing UUIDs. Improve cache handling for short running applications-increment the cache size over runtime. Implement continuous clock handling for time based UUIDs. Check clock value from clock file to provide seamless libuuid. util-linux-systemd-2.37.2-150400.8.8.1.src.rpm uuidd-2.37.2-150400.8.8.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-3748 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for salt fixes the following issues: - Add Amazon EC2 detection for virtual grains (bsc#1195624) - Change the delimiters to prevent possible tracebacks on some packages with dpkg_lowpkg - Fix 'test_ipc' unit test - Fix Syndic authentication errors (bsc#1199562) - Fix state.apply in test mode with file state module on user/group checking (bsc#1202167) - Fix the regression in schedule module released in version 3004 (bsc#1202631) - Handle non-UTF-8 bytes in core grains generation (bsc#1202165) - Make zypperpkg to retry if RPM lock is temporarily unavailable (bsc#1200596) salt-3004-150400.8.14.1.src.rpm True salt-api-3004-150400.8.14.1.x86_64.rpm True salt-cloud-3004-150400.8.14.1.x86_64.rpm True salt-fish-completion-3004-150400.8.14.1.noarch.rpm True salt-master-3004-150400.8.14.1.x86_64.rpm True salt-proxy-3004-150400.8.14.1.x86_64.rpm True salt-ssh-3004-150400.8.14.1.x86_64.rpm True salt-standalone-formulas-configuration-3004-150400.8.14.1.x86_64.rpm True salt-syndic-3004-150400.8.14.1.x86_64.rpm True SUSE-SLE-Module-Server-Applications-15-SP4-2022-3996 low SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for 389-ds fixes the following issues: - CVE-2021-45710: Fixed tokio data race with memory corruption (bsc#1194119). - Update to version 2.0.16~git56.d15a0a7: - Failure to migrate from openldap if pwdPolicyChecker present (bsc#1205146). - Resolve issue with checklist post migration when dds is present (bsc#1204748). - Improve reliability of migrations from openldap when dynamic directory services is configured (bsc#1204493). 389-ds-2.0.16~git56.d15a0a7-150400.3.15.1.src.rpm 389-ds-2.0.16~git56.d15a0a7-150400.3.15.1.x86_64.rpm 389-ds-devel-2.0.16~git56.d15a0a7-150400.3.15.1.x86_64.rpm lib389-2.0.16~git56.d15a0a7-150400.3.15.1.x86_64.rpm libsvrcore0-2.0.16~git56.d15a0a7-150400.3.15.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-3531 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for squid fixes the following issues: Updated squid to version 5.7: - CVE-2022-41317: Fixed exposure of sensitive information in cache manager (bsc#1203677). - CVE-2022-41318: Fixed buffer overread in SSPI and SMB Authentication (bsc#1203680). squid-5.7-150400.3.6.1.src.rpm squid-5.7-150400.3.6.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-3537 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for postgresql-jdbc fixes the following issues: - CVE-2022-31197: Fixed SQL injection vulnerability (bsc#1202170). postgresql-jdbc-42.2.25-150400.3.6.1.noarch.rpm postgresql-jdbc-42.2.25-150400.3.6.1.src.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-4488 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for apache2-mod_wsgi fixes the following issues: - CVE-2022-2255: Hardened the trusted proxy header filter to avoid bypass. (bsc#1201634) apache2-mod_wsgi-python3-4.5.18-150000.4.6.1.src.rpm apache2-mod_wsgi-python3-4.5.18-150000.4.6.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-3795 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for qemu fixes the following issues: - CVE-2022-0216: Fixed a use after free issue found in hw/scsi/lsi53c895a.c. (bsc#1198038) - CVE-2022-35414: Fixed an uninitialized read during address translation that leads to a crash. (bsc#1201367) qemu-6.2.0-150400.37.8.2.src.rpm qemu-6.2.0-150400.37.8.2.x86_64.rpm qemu-accel-tcg-x86-6.2.0-150400.37.8.2.x86_64.rpm qemu-audio-alsa-6.2.0-150400.37.8.2.x86_64.rpm qemu-audio-pa-6.2.0-150400.37.8.2.x86_64.rpm qemu-audio-spice-6.2.0-150400.37.8.2.x86_64.rpm qemu-block-curl-6.2.0-150400.37.8.2.x86_64.rpm qemu-block-iscsi-6.2.0-150400.37.8.2.x86_64.rpm qemu-block-rbd-6.2.0-150400.37.8.2.x86_64.rpm qemu-block-ssh-6.2.0-150400.37.8.2.x86_64.rpm qemu-chardev-baum-6.2.0-150400.37.8.2.x86_64.rpm qemu-chardev-spice-6.2.0-150400.37.8.2.x86_64.rpm qemu-guest-agent-6.2.0-150400.37.8.2.x86_64.rpm qemu-hw-display-qxl-6.2.0-150400.37.8.2.x86_64.rpm qemu-hw-display-virtio-gpu-6.2.0-150400.37.8.2.x86_64.rpm qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.8.2.x86_64.rpm qemu-hw-display-virtio-vga-6.2.0-150400.37.8.2.x86_64.rpm qemu-hw-usb-host-6.2.0-150400.37.8.2.x86_64.rpm qemu-hw-usb-redirect-6.2.0-150400.37.8.2.x86_64.rpm qemu-ipxe-1.0.0+-150400.37.8.2.noarch.rpm qemu-ksm-6.2.0-150400.37.8.2.x86_64.rpm qemu-kvm-6.2.0-150400.37.8.2.x86_64.rpm qemu-lang-6.2.0-150400.37.8.2.x86_64.rpm qemu-ui-curses-6.2.0-150400.37.8.2.x86_64.rpm qemu-ui-gtk-6.2.0-150400.37.8.2.x86_64.rpm qemu-ui-opengl-6.2.0-150400.37.8.2.x86_64.rpm qemu-ui-spice-app-6.2.0-150400.37.8.2.x86_64.rpm qemu-ui-spice-core-6.2.0-150400.37.8.2.x86_64.rpm qemu-x86-6.2.0-150400.37.8.2.x86_64.rpm qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.8.2.noarch.rpm qemu-sgabios-8-150400.37.8.2.noarch.rpm qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.8.2.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-3991 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for dhcp fixes the following issues: - CVE-2022-2928: Fixed an option refcount overflow (bsc#1203988). - CVE-2022-2929: Fixed a DHCP memory leak (bsc#1203989). dhcp-4.3.6.P1-150000.6.17.1.src.rpm dhcp-relay-4.3.6.P1-150000.6.17.1.x86_64.rpm dhcp-server-4.3.6.P1-150000.6.17.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-3727 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for xen fixes the following issues: Updated to version 4.16.2 (bsc#1027519): - CVE-2022-33746: Fixed DoS due to excessively long P2M pool freeing (bsc#1203806). - CVE-2022-33748: Fixed DoS due to race in locking (bsc#1203807). Bugfixes: - Fixed Xen DomU unable to emulate audio device (bsc#1201994). - Fixed logic error in built-in default of max_event_channels (bsc#1167608, bsc#1201631). xen-4.16.2_06-150400.4.11.1.src.rpm xen-4.16.2_06-150400.4.11.1.x86_64.rpm xen-devel-4.16.2_06-150400.4.11.1.x86_64.rpm xen-tools-4.16.2_06-150400.4.11.1.x86_64.rpm xen-tools-xendomains-wait-disk-4.16.2_06-150400.4.11.1.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-3915 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for vsftpd fixes the following issues: Bugfixes: - Removed unsupported systemd hardening options (bsc#1196918). vsftpd-3.0.5-150400.3.6.1.src.rpm vsftpd-3.0.5-150400.3.6.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-3855 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for mariadb fixes the following issues: Update version from 10.6.9 to 10.6.10: - Fix regression causing full text index corruption if shutdown before changes are fully flushed - Fix regression causing frequent "Data structure corruption" in InnoDB after OOM - Fix incorrect recovery or backup of instant ALTER TABLE - Fix issue with InnoDB Temporary Tablespace (ibtmp1) causing it to continuously grow in size until the disk is full - For full list of changes please check https://mariadb.com/kb/en/library/mariadb-10610-release-notes and https://mariadb.com/kb/en/library/mariadb-10610-changelog libmariadbd-devel-10.6.10-150400.3.17.1.x86_64.rpm libmariadbd19-10.6.10-150400.3.17.1.x86_64.rpm mariadb-10.6.10-150400.3.17.1.src.rpm mariadb-10.6.10-150400.3.17.1.x86_64.rpm mariadb-client-10.6.10-150400.3.17.1.x86_64.rpm mariadb-errormessages-10.6.10-150400.3.17.1.noarch.rpm mariadb-tools-10.6.10-150400.3.17.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-3818 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for rabbitmq-server fixes the following issues: - Ensure maintenance mode state table exists after node [re]boot (bsc#1199431) erlang-rabbitmq-client-3.8.11-150300.3.6.1.x86_64.rpm rabbitmq-server-3.8.11-150300.3.6.1.src.rpm rabbitmq-server-3.8.11-150300.3.6.1.x86_64.rpm rabbitmq-server-plugins-3.8.11-150300.3.6.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-4018 low SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for python-service_identity fixes the following issues: - Loose the filelist for the package info to avoid build failure (bsc#1203743) python-service_identity-18.1.0-150200.3.5.1.src.rpm python3-service_identity-18.1.0-150200.3.5.1.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-4168 low SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for redis fixes the following issues: - CVE-2022-3647: Fixed crash in sigsegvHandler debug function (bsc#1204633). redis-6.2.6-150400.3.6.1.src.rpm redis-6.2.6-150400.3.6.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-4061 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for sapconf fixes the following issues: - Adapt check of an active saptune service during the initial package installation to work in a chroot environment and fix the missing enablement of sapconf (bsc#1190736, bsc#1190787) sapconf-5.0.5-150000.7.24.1.noarch.rpm sapconf-5.0.5-150000.7.24.1.src.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-4040 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for libvirt fixes the following issues: - apparmor: Fix QEMU access for UEFI variable files (bsc#1203976) - qemu: Don't assume that /usr/libexec/qemu-kvm exists (bsc#1158430, bsc#1196087) - qemu: Support memory allocation threads (bsc#1197084) - spec: Include aarch64 in the list of architectures that 'Require' dmidecode (bsc#1202608) - vmx: Require networkName for bridged and custom NICs (bsc#1202630) libvirt-8.0.0-150400.7.3.1.src.rpm libvirt-8.0.0-150400.7.3.1.x86_64.rpm libvirt-client-8.0.0-150400.7.3.1.x86_64.rpm libvirt-daemon-8.0.0-150400.7.3.1.x86_64.rpm libvirt-daemon-config-network-8.0.0-150400.7.3.1.x86_64.rpm libvirt-daemon-config-nwfilter-8.0.0-150400.7.3.1.x86_64.rpm libvirt-daemon-driver-interface-8.0.0-150400.7.3.1.x86_64.rpm libvirt-daemon-driver-libxl-8.0.0-150400.7.3.1.x86_64.rpm libvirt-daemon-driver-network-8.0.0-150400.7.3.1.x86_64.rpm libvirt-daemon-driver-nodedev-8.0.0-150400.7.3.1.x86_64.rpm libvirt-daemon-driver-nwfilter-8.0.0-150400.7.3.1.x86_64.rpm libvirt-daemon-driver-qemu-8.0.0-150400.7.3.1.x86_64.rpm libvirt-daemon-driver-secret-8.0.0-150400.7.3.1.x86_64.rpm libvirt-daemon-driver-storage-8.0.0-150400.7.3.1.x86_64.rpm libvirt-daemon-driver-storage-core-8.0.0-150400.7.3.1.x86_64.rpm libvirt-daemon-driver-storage-disk-8.0.0-150400.7.3.1.x86_64.rpm libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.3.1.x86_64.rpm libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.3.1.x86_64.rpm libvirt-daemon-driver-storage-logical-8.0.0-150400.7.3.1.x86_64.rpm libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.3.1.x86_64.rpm libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.3.1.x86_64.rpm libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.3.1.x86_64.rpm libvirt-daemon-hooks-8.0.0-150400.7.3.1.x86_64.rpm libvirt-daemon-qemu-8.0.0-150400.7.3.1.x86_64.rpm libvirt-daemon-xen-8.0.0-150400.7.3.1.x86_64.rpm libvirt-devel-8.0.0-150400.7.3.1.x86_64.rpm libvirt-doc-8.0.0-150400.7.3.1.noarch.rpm libvirt-lock-sanlock-8.0.0-150400.7.3.1.x86_64.rpm libvirt-nss-8.0.0-150400.7.3.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-4007 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for xen fixes the following issues: - CVE-2022-33746: Fixed DoS due to excessively long P2M pool freeing (bsc#1203806). - CVE-2022-33748: Fixed DoS due to race in locking (bsc#1203807). - CVE-2022-42311, CVE-2022-42312, CVE-2022-42313, CVE-2022-42314, CVE-2022-42315, CVE-2022-42316, CVE-2022-42317, CVE-2022-42318: xen: Xenstore: Guests can let xenstored run out of memory (bsc#1204482) - CVE-2022-42309: xen: Xenstore: Guests can crash xenstored (bsc#1204485) - CVE-2022-42310: xen: Xenstore: Guests can create orphaned Xenstore nodes (bsc#1204487) - CVE-2022-42319: xen: Xenstore: Guests can cause Xenstore to not free temporary memory (bsc#1204488) - CVE-2022-42320: xen: Xenstore: Guests can get access to Xenstore nodes of deleted domains (bsc#1204489) - CVE-2022-42321: xen: Xenstore: Guests can crash xenstored via exhausting the stack (bsc#1204490) - CVE-2022-42322,CVE-2022-42323: xen: Xenstore: cooperating guests can create arbitrary numbers of nodes (bsc#1204494) - CVE-2022-42325,CVE-2022-42326: xen: Xenstore: Guests can create arbitrary number of nodes via transactions (bsc#1204496) - xen: Frontends vulnerable to backends (bsc#1193923). xen-4.16.2_08-150400.4.16.1.src.rpm True xen-4.16.2_08-150400.4.16.1.x86_64.rpm True xen-devel-4.16.2_08-150400.4.16.1.x86_64.rpm True xen-tools-4.16.2_08-150400.4.16.1.x86_64.rpm True xen-tools-xendomains-wait-disk-4.16.2_08-150400.4.16.1.noarch.rpm True SUSE-SLE-Module-Server-Applications-15-SP4-2022-4601 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for GNOME 41 fixes the following issues: atkmm1_6: - Version update from 2.28.1 to 2.28.3 (jsc#PED-2235): * Meson build: Avoid unnecessary configuration warnings * Meson build: Perl is not required by new versions of mm-common * Meson build: Require meson >= 0.55.0 * Meson build: Specify 'check' option in run_command(). Will be necessary with future versions of Meson. * Require atk >= 2.12.0 Not a new requirement, but previously it was not specified in configure.ac and meson.build * Support building with Visual Studio 2022 eog: - Version update from 41.1 to 41.2 (jsc#PED-2235): * eog-window: use correct type for display_profile * Fix discovery of Evince for multi-page images evince: - Version update 41.3 to 41.4 (jsc#PED-2235): * shell: Fix failures when thumbnail extraction takes too long * Fix build with meson 0.60.0 and newer evolution: - Ensure evolution-devel is forward compatible with evolution-data-server-devel in a same major version (jsc#PED-2235) evolution-data-center: - Version update from 3.42.4 to 3.42.5 (jsc#PED-2235): * Google OAuth out-of-band (oob) flow will be deprecated folks: - Version update 0.15.3 to 0.15.5 (jsc#PED-2235): * vapi: Add missing generic type argument * Fix docs build against newer eds version * Fix build against newer eds version * Remove volatile keyword from tests gcr: - Version update 3.41.0 to 3.41.1 (jsc#PED-2235): * Add G_SPAWN_CLOEXEC_PIPES flag to all the g_spawn commands * Add gi-docgen dependency which is needed by the docs * Fix build with meson 0.60.0 and newer * Fix build without systemd * Several CI fixes geocode-glib: - Version update from 3.26.2 to 3.26.4 (jsc#PED-2235): * Fix to a test data file not being installed, and a bug fix for a bug in the libsoup3 port * Add support for libsoup 3.x gjs: - Version update from 1.70.1 to 1.70.2 (jsc#PED-2235): * Build and compatibility fixes backported from the development branch * Reverse order of running-from-source checks - Require xorg-x11-Xvfb for proper package build (bsc#1203274) glib2: - Version update from 2.70.4 to 2.70.5 (jsc#PED-2235): * Bugs fixed: glgo#GNOME/GLib#2620, glgo#GNOME/GLib!2537, glgo#GNOME/GLib!2555 * Split gtk-docs from -devel package, these are not needed during building projects using glib2 gnome-control-center: - Fix the size of logo icon in About system (bsc#1200581) - Version update from 41.4 to 41.7 (jsc#PED-2235): * Cellular: Remove duplicate line from .desktop * Info: Allow changing "Device Name" by pressing "Enter" * Info: Remove trailing space after CPU name * Keyboard: Fix crash resetting all keyboard shortcuts * Keyboard: Fix leaks * Network: Fix saving passwords for non-wifi connections * Network: Fix critical when opening VPN details page * Wacom: Fix leaks gnome-desktop: - Version update from 41.2 to 41.8 (jsc#PED-2235): * Version increase but no actual changes gnome-music: - Version update from 41.0 to 41.1 (jsc#PED-2235): * Ensure the correct album is played * Fix build with meson 0.61.0 and newer * Fix crash on empty selection * Fix incorrect playlist import * Fix time displayed in RTL languages * Improve async queue work * Make random shuffle actually random * Make shuffle random * Speed increase on first startup on larger collections * Time is reversed in RTL gnome-remote-desktop: - Version update from 41.2 to 41.3 (jsc#PED-2235): * Add Icelandic translation gnome-session: - Clear error messages that can be ignored because expected to happen for GDM sessions (bsc#1204867) - Add fix for gnome-session to exit immediately when lost name on bus (bsc#1175622, bsc#1188882) gnome-shell: - Disable offline update suggestion before shutdown/reboot in SLE and openSUSE Leap (bsc#944832) - Version update from 41.4 to 41.9 (jsc#PED-2235): * Allow extension updates with only Extension Manager installed * Allow more intermediate icon sizes in app grid * Disable workspace switching while in search. * Do not create systemd scope for D-Bus activated apps * Fix calendar to correctly align world clocks header in RTL * Fix drag placeholder position in dash in RTL locales * Fix edge case where windows stay dimmed after a modal is closed * Fix feedback when turning on a11y features by keyboard * Fix focus tracking in magnifier on wayland * Fix fractional timezone offsets in world clock * Fix glitches in overview transition * Fix logging in with realmd * Fix memory leak * Fix opening device settings for enterprise WPA networks * Fix programatically set scrollview fade * Fix regression in ibus support * Fix unresponsive top bar in overview when in fullscreen * Handle monitor changes during startup animation * Hide overview after 'Show Details' from app context menu * Improve Belgian on-screen keyboard layout * Improve CSS shadow appearance * Make sure startup animation completes * Misc. bug fixes and cleanups * Only close messages via delete key if they can be closed * Respect IM hint for candidates list in on-screen keyboard gnome-software: - Disable offline update feature in SUSE Linux Enterprise and openSUSE Leap (bsc#944832) - Version update from 41.4 to 41.5 (jsc#PED-2235): * Added several appstream-related fixed * Disable scroll-by-mouse-wheel on featured carousel * Ensure details page shows app provided on command line gnome-terminal: - Version update from 3.42.2 to 3.42.3 (jsc#PED-2235): * Fix build with meson 0.61.0 and newer * window: Use a normal menu for the popup menu gnome-user-docs: - Version update from 41.1 to 41.5 (jsc#PED-2235): * Added missing icon for network-wired-symbolic gspell: - Version update from 1.8.4 to 1.10.0 (jsc#PED-2235): * Build: distribute more files in tarballs * Documentation improvements gtkmm3: - Version update from 3.24.5 to 3.24.6 (jsc#PED-2235): * Build with Meson: MSVC build: Support Visual Studio 2022 * Check if Perl is required for building documentation * Don't use deprecated python3.path() and execute (..., gui_app...) * GTK: TreeValueProxy: Declare copy constructor = default, avoiding warnings from the claing++ compiler * Object::_release_c_instance(): Unref orphan managed widgets * SizeGroup demo: Set active items in the combo boxs, so something is shown * Specify 'check' option in run_command() gtk-vnc: - Version update from 1.3.0 to 1.3.1 (jsc#PED-2235): * Add 'check' arg to meson run_command() * Fix invalid use of subprojects with meson * Support ZRLE encoding for zero size alpha cursors gupnp-av: - Version update from 0.12.11 to 0.14.1 (jsc#PED-2235): * Add utility function to format GDateTime to the iso variant DIDL expects * Allow to be used as a subproject * Drop autotools * Fix stripping @refID * Fix unsetting subtitleFileType * Make Feature derivable again * Obsolete code removal. * Port to modern GObject * Remove hand-written ref-counting, use RcBox/AtomicRcBox instead. * Switch to meson build system, following upstream - Rename libgupnp-av-1_0-2 subpackage to libgupnp-av-1_0-3, correcting the package name to match the provided library - Conflict with the wrongly provided libgupnp-av-1_0-2 gvfs: - Version update from 1.48.1 to 1.48.2 (jsc#PED-2235): * sftp: Adapt on new OpenSSH password prompts * smb: Rework anonymous handling to avoid EINVAL * smb: Ignore EINVAL for kerberos/ccache login libgsf: - Version update from 1.14.48 to 1.14.50 (jsc#PED-2235): * Fix error handling problem when writing ole files * Fix problems with non-western text in OLE properties * Use g_date_time_new_from_iso8601 and g_date_time_format_iso8601 when available libmediaart: - Version update from 1.9.5 to 1.9.6 (jsc#PED-2235): * build: Add introspection/vapi/tests options * build: Use library() to optionally build a static library libnma: - Version update from 1.8.32 to 1.8.40 (jsc#PED-2235): * Ad-Hoc networks now default to using WPA2 instead of WEP * Add possibility of building libnma-gtk4 library with Gtk4 support * Do not allow setting empty 802.1x domain for EAP TLS * Fixed keyboard accelerator for certificate chooser * Fixed libnma-gtk4 version of mobile-wizard * Include OWE wireless security option * The GtkBuilder files for Gtk4 are now included in the release tarball * WEP is no longer provided as an option for connecting to hidden networks due to its deprecated status - New sub-packages libnma-gtk4-0, typelib-1_0-NMA4-1_0 and libnma-gtk4-devel - Split out documentation files in own docs sub-package libnotify: - Version update from 0.7.10 to 0.7.12 (jsc#PED-2235): * Delete unused notifynotification.xml * Fix potential build errors with old glib version we require * docs/notify-send: Add --transient option to manpage * notification: Bookend calling NotifyActionCallback with temporary reference * notification: Include sender-pid hint by default if not provided * notify-send: Add debug message about server not supporting persistence * notify-send: Add explicit option to create transient notifications * notify-send: Add support for boolean hints * notify-send: Move server capabilities check to a separate function * notify-send: Support passing any hint value, by parsing variant strings libpeas: - Version update from 1.30.0 to 1.32.0 (jsc#PED-2235): * Icon licenses have been corrected * Parallel build system operation fixes * Use gi-docgen for documentation * Various build warnings squashed * Various GIR data that should not have been exported was removed - Stop packaging the demo files/sub-package librsvg: - Version update from 2.52.6 to 2.52.9 (jsc#PED-2235): * Catch circular references when rendering patterns * Fix regressions when computing element geometries * Fix regression outputting all text as paths libsecret: - Version update from 0.20.4 to 0.20.5 (jsc#PED-2235): * Add bash-completion for secret-tool * Add locking capabilities to secret tool * Add support for TPM2 based secret storage * Create default collection after DBus.Error.UnknownObject * Detect local storage in snaps in the same way as flatpaks * Drop autotools-based build * GI annotation and documentation fixes * Port documentation to gi-docgen * Use G_GNUC_NULL_TERMINATED where appropriate collection, methods, prompt: Port to GTask * secret-file-backend: Avoid closing the same file descriptor twice mutter: - Version update from 41.5 to 41.9 (jsc#PED-2235): * Fix '--replace option' * Fix missing root window properties after XWayland start * Fix night light without GAMMA_LUT property * KMS: Survive missing GAMMA_LUT property * wayland: Fix rotation transform * Misc. bug fixes nautilus: - Version update from 41.2 to 41.5(jsc#PED-2235): * Drag-and-drop bugfixes * HighContrast style fixes orca: - Version update from 41.1 to 41.3 (jsc#PED-2235): * Add more event-flood detection and handling for improved performance * Fix bug causing accessing preferences to fail for Esperanto * Web: Fix bug causing widgets descending from off-screen label elements to be skipped over * Web: Fix presentation of the FluentUI react dialog (and any other dialog which has an ARIA document-role descendant) * WebKitGtk: Fail gracefully when structural navigation commands are used in WebKitGtk 2.36.x python-cairo: - Add python3-cairo to SUSE Linux Enterprise Micro 5.3 as it is now required by python3-gobject-cairo python-gobject: - Add dependency on python-cairo to python-gobject-cairo: The introspection wrapper needs pycairo (bsc#1179584) - Version update from 3.42.0 to 3.42.2 (jsc#PED-2235): * Add a workaround for a PyPy 3.9+ bug when threads are used * Do not error out for unknown scopes * Prompt an error instead of crashing when marshaling unsupported fundamental types in some cases * Fix a crash/refcounting error in case marshaling a hash table fails * Fix crashes when marshaling zero terminated arrays for certain item types * Implement DynamicImporter.find_spec() to silence deprecation warning * Make the test suite pass again with PyPy * Some test/CI fixes * gtk overrides: Do not override Treeview.enable_model_drag_xx for GTK4 * gtk overrides: restore Gtk.ListStore.insert_with_valuesv with newer GTK4 * interface: Fix leak when overriding GInterfaceInfo * setup.py: look up pycairo headers without importing the module trackers-python: - Allow system calls used by gstreamer (bsc#1196205) - Version update from 3.2.2 to 3.2.1 (jsc#PED-2235): * Backport seccomp rules for rseq and mbind syscalls vala: - Version update from 0.54.6 to 0.54.8 (jsc#PED-2235): * Add missing TraverseVisitor.visit_data_type() * Add support for "copy_/free_function" metadata for compact classes * Catch and throw possible inner error of lock statements * Clear SemanticAnalyzer.current_{symbol,source_file} when not needed anymore * Don't count instance-parameter when checking for backwards closure reference * Fix a few binding errors * Free empty stack list for code contexts * Handle duplicated and unnamed symbols. * Improve UI parsing and handling of nested objects and properties * Make sure to drop our "trap" jump target in case of an error * Move dynamic property errors to semantic analyzer pass * Require lvalue access of delegate target/destroy "fields" * Show source location when reporting deprecations * Transform assignment of an array element as needed * manual: Update from wiki.gnome.org * parser: Improve handling of nullable VarType in with-statement * parser: Reduce the source reference of main block method to its beginning xdg-desktop-portal-gnome: - Version update from 0.54.6 to 0.54.8 (jsc#PED-2235): * Properly bind property in Lockdown portal gtk-vnc-1.3.1-150400.3.3.1.src.rpm gtk-vnc-devel-1.3.1-150400.3.3.1.x86_64.rpm libgvncpulse-1_0-0-1.3.1-150400.3.3.1.x86_64.rpm typelib-1_0-GVnc-1_0-1.3.1-150400.3.3.1.x86_64.rpm typelib-1_0-GVncPulse-1_0-1.3.1-150400.3.3.1.x86_64.rpm typelib-1_0-GtkVnc-2_0-1.3.1-150400.3.3.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-4000 low SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for python-Twisted fixes the following issues: - CVE-2022-39348: Fixed NameVirtualHost Host header injection (bsc#1204781). python-Twisted-22.2.0-150400.5.7.1.src.rpm python3-Twisted-22.2.0-150400.5.7.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-4130 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for frr fixes the following issues: - CVE-2022-37035: Fixed a possible use-after-free due to a race condition related to bgp_notify_send_with_data() and bgp_process_packet() (bsc#1202085). - CVE-2022-42917: Fixed a privilege escalation from frr to root in frr config creation (bsc#1204124). frr-7.4-150300.4.10.1.src.rpm frr-7.4-150300.4.10.1.x86_64.rpm frr-devel-7.4-150300.4.10.1.x86_64.rpm libfrr0-7.4-150300.4.10.1.x86_64.rpm libfrr_pb0-7.4-150300.4.10.1.x86_64.rpm libfrrcares0-7.4-150300.4.10.1.x86_64.rpm libfrrfpm_pb0-7.4-150300.4.10.1.x86_64.rpm libfrrgrpc_pb0-7.4-150300.4.10.1.x86_64.rpm libfrrospfapiclient0-7.4-150300.4.10.1.x86_64.rpm libfrrsnmp0-7.4-150300.4.10.1.x86_64.rpm libfrrzmq0-7.4-150300.4.10.1.x86_64.rpm libmlag_pb0-7.4-150300.4.10.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-4153 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for krb5 fixes the following issues: - CVE-2022-42898: Fixed integer overflow in PAC parsing (bsc#1205126). krb5-1.19.2-150400.3.3.1.src.rpm krb5-plugin-kdb-ldap-1.19.2-150400.3.3.1.x86_64.rpm krb5-server-1.19.2-150400.3.3.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-4141 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for grub2 fixes the following issues: - CVE-2022-2601: Fixed buffer overflow in grub_font_construct_glyph (bsc#1205178). - CVE-2022-3775: Fixed integer underflow in blit_comb() (bsc#1205182). Other: - Bump upstream SBAT generation to 3 grub2-2.06-150400.11.17.1.src.rpm grub2-x86_64-xen-2.06-150400.11.17.1.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-4645 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for postgresql14, postgresql15 fixes the following issues: postgresql15 is shipped in version 15.1. * https://www.postgresql.org/about/news/2543/ * https://www.postgresql.org/docs/15/release-15-1.html Update to 15.0: * https://www.postgresql.org/about/news/p-2526/ * https://www.postgresql.org/docs/15/release-15.html postgresql14 was updated to 14.6. (bsc#1205300) * https://www.postgresql.org/about/news/2543/ * https://www.postgresql.org/docs/14/release-14-6.html The libpq5 and libecpg6 libraries are now provided by postgresql15. libecpg6-15.1-150200.5.3.2.x86_64.rpm postgresql-15-150400.4.6.2.src.rpm postgresql-contrib-15-150400.4.6.2.noarch.rpm postgresql-devel-15-150400.4.6.2.noarch.rpm postgresql-docs-15-150400.4.6.2.noarch.rpm postgresql-plperl-15-150400.4.6.2.noarch.rpm postgresql-plpython-15-150400.4.6.2.noarch.rpm postgresql-pltcl-15-150400.4.6.2.noarch.rpm postgresql-server-15-150400.4.6.2.noarch.rpm postgresql-server-devel-15-150400.4.6.2.noarch.rpm postgresql14-14.6-150200.5.20.2.src.rpm postgresql14-contrib-14.6-150200.5.20.2.x86_64.rpm postgresql14-devel-14.6-150200.5.20.2.x86_64.rpm postgresql14-docs-14.6-150200.5.20.2.noarch.rpm postgresql14-plperl-14.6-150200.5.20.2.x86_64.rpm postgresql14-plpython-14.6-150200.5.20.2.x86_64.rpm postgresql14-pltcl-14.6-150200.5.20.2.x86_64.rpm postgresql14-server-14.6-150200.5.20.2.x86_64.rpm postgresql14-server-devel-14.6-150200.5.20.2.x86_64.rpm postgresql15-15.1-150200.5.3.2.src.rpm postgresql15-contrib-15.1-150200.5.3.2.x86_64.rpm postgresql15-devel-15.1-150200.5.3.2.x86_64.rpm postgresql15-docs-15.1-150200.5.3.2.noarch.rpm postgresql15-plperl-15.1-150200.5.3.2.x86_64.rpm postgresql15-plpython-15.1-150200.5.3.2.x86_64.rpm postgresql15-pltcl-15.1-150200.5.3.2.x86_64.rpm postgresql15-server-15.1-150200.5.3.2.x86_64.rpm postgresql15-server-devel-15.1-150200.5.3.2.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-4420 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for salt fixes the following issues: - Pass the context to pillar ext modules - Align Amazon EC2 (Nitro) grains with upstream (bsc#1203685) - Detect module run syntax version - Implement automated patches alignment for the Salt Bundle - Ignore extend declarations from excluded SLS files (bsc#1203886) - Clarify pkg.installed pkg_verify documentation - Enhance capture of error messages for Zypper calls in zypperpkg module - Make pass renderer configurable and fix detected issues - Workaround fopen line buffering for binary mode (bsc#1203834) salt-3004-150400.8.17.7.src.rpm True salt-api-3004-150400.8.17.7.x86_64.rpm True salt-cloud-3004-150400.8.17.7.x86_64.rpm True salt-fish-completion-3004-150400.8.17.7.noarch.rpm True salt-master-3004-150400.8.17.7.x86_64.rpm True salt-proxy-3004-150400.8.17.7.x86_64.rpm True salt-ssh-3004-150400.8.17.7.x86_64.rpm True salt-standalone-formulas-configuration-3004-150400.8.17.7.x86_64.rpm True salt-syndic-3004-150400.8.17.7.x86_64.rpm True SUSE-SLE-Module-Server-Applications-15-SP4-2022-4383 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for iputils fixes the following issues: - Fix occasional memory access violation when using `ping` (bsc#1203957) iputils-20211215-150400.3.3.2.src.rpm rarpd-20211215-150400.3.3.2.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-4385 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for clone-master-clean-up fixes the following issues: Version update from 1.8 to 1.10: - Fix failure if postfix is not installed by adding a check for the directory's existance (bsc#1204835) - Clean up initiatorname.iscsi (bsc#1203024) clone-master-clean-up-1.10-150100.3.17.1.noarch.rpm clone-master-clean-up-1.10-150100.3.17.1.src.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-4215 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for erlang fixes the following issues: - CVE-2022-37026: fixed a client authorization bypass vulnerability for SSL, TLS, and DTLS in Erlang/OTP. [bsc#1205318] erlang-22.3-150300.3.3.1.src.rpm erlang-22.3-150300.3.3.1.x86_64.rpm erlang-epmd-22.3-150300.3.3.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-4384 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for migrate-sles-to-sles4sap fixes the following issues: - Add missing required package dependencies to wget, coreutils, openssl and SUSE Connect (bsc#1205281) migrate-sles-to-sles4sap-15.1.2-150100.3.12.1.noarch.rpm migrate-sles-to-sles4sap-15.1.2-150100.3.12.1.src.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-4396 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update of frr fixes the following issues: - rebuild against the new net-snmp (jsc#SLE-11203). frr-7.4-150300.4.12.1.src.rpm frr-7.4-150300.4.12.1.x86_64.rpm frr-devel-7.4-150300.4.12.1.x86_64.rpm libfrr0-7.4-150300.4.12.1.x86_64.rpm libfrr_pb0-7.4-150300.4.12.1.x86_64.rpm libfrrcares0-7.4-150300.4.12.1.x86_64.rpm libfrrfpm_pb0-7.4-150300.4.12.1.x86_64.rpm libfrrgrpc_pb0-7.4-150300.4.12.1.x86_64.rpm libfrrospfapiclient0-7.4-150300.4.12.1.x86_64.rpm libfrrsnmp0-7.4-150300.4.12.1.x86_64.rpm libfrrzmq0-7.4-150300.4.12.1.x86_64.rpm libmlag_pb0-7.4-150300.4.12.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-4457 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for libtpms fixes the following issues: - CVE-2021-3623: Fixed out-of-bounds access when trying to resume the state of the vTPM (bsc#1187767) libtpms-0.8.2-150300.3.6.1.src.rpm libtpms-devel-0.8.2-150300.3.6.1.x86_64.rpm libtpms0-0.8.2-150300.3.6.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-4365 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update of powerman fixes the following issues: - rebuild against the new net-snmp (jsc#SLE-11203). libpowerman0-2.3.26-150400.3.2.1.x86_64.rpm powerman-2.3.26-150400.3.2.1.src.rpm powerman-2.3.26-150400.3.2.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-4378 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for rabbitmq-server fixes the following issues: - CVE-2022-31008: Fixed predictable secret seed in URI encryption (bsc#1205267). erlang-rabbitmq-client-3.8.11-150300.3.11.1.x86_64.rpm rabbitmq-server-3.8.11-150300.3.11.1.src.rpm rabbitmq-server-3.8.11-150300.3.11.1.x86_64.rpm rabbitmq-server-plugins-3.8.11-150300.3.11.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-4338 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update of 389-ds fixes the following issues: - rebuild against the new net-snmp (jsc#SLE-11203). 389-ds-2.0.16~git56.d15a0a7-150400.3.17.1.src.rpm 389-ds-2.0.16~git56.d15a0a7-150400.3.17.1.x86_64.rpm 389-ds-devel-2.0.16~git56.d15a0a7-150400.3.17.1.x86_64.rpm lib389-2.0.16~git56.d15a0a7-150400.3.17.1.x86_64.rpm libsvrcore0-2.0.16~git56.d15a0a7-150400.3.17.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-4626 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for freeradius-server fixes the following issues: - CVE-2022-41859: Fixes an information leakage in EAP-PWD (bsc#1206204). - CVE-2022-41860: Fixes a crash on unknown option in EAP-SIM (bsc#1206205). - CVE-2022-41861: Fixes a crash on invalid abinary data (bsc#1206206). - rebuild against the new net-snmp (jsc#SLE-11203). freeradius-server-3.0.25-150400.4.4.1.src.rpm freeradius-server-3.0.25-150400.4.4.1.x86_64.rpm freeradius-server-devel-3.0.25-150400.4.4.1.x86_64.rpm freeradius-server-krb5-3.0.25-150400.4.4.1.x86_64.rpm freeradius-server-ldap-3.0.25-150400.4.4.1.x86_64.rpm freeradius-server-libs-3.0.25-150400.4.4.1.x86_64.rpm freeradius-server-mysql-3.0.25-150400.4.4.1.x86_64.rpm freeradius-server-perl-3.0.25-150400.4.4.1.x86_64.rpm freeradius-server-postgresql-3.0.25-150400.4.4.1.x86_64.rpm freeradius-server-python3-3.0.25-150400.4.4.1.x86_64.rpm freeradius-server-sqlite-3.0.25-150400.4.4.1.x86_64.rpm freeradius-server-utils-3.0.25-150400.4.4.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-1913 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for libslirp and slirp4netns fixes the following issues: libslirp was updated to version 4.7.0+44 (current git master): * Fix vmstate regression * Align outgoing packets * Bump incoming packet alignment to 8 bytes * vmstate: only enable when building under GNU C * ncsitest: Fix build with msvc * Separate out SLIRP_PACKED to SLIRP_PACKED_BEGIN/END * ncsi: Add Mellanox Get Mac Address handler * slirp: Add out-of-band ethernet address * ncsi: Add OEM command handler * ncsi: Add basic test for Get Version ID response * ncsi: Use response header for payload length * ncsi: Pass command header to response handlers * ncsi: Add Get Version ID command * ncsi: Pass Slirp structure to response handlers * slirp: Add manufacturer's ID Release v4.7.0 * slirp: invoke client callback before creating timers * pingtest: port to timer_new_opaque * introduce timer_new_opaque callback * introduce slirp_timer_new wrapper * icmp6: make ndp_send_ra static * socket: Handle ECONNABORTED from recv * bootp: fix g_str_has_prefix warning/critical * slirp: Don't duplicate packet in tcp_reass * Rename insque/remque -> slirp_[ins|rem]que * mbuf: Use SLIRP_DEBUG to enable mbuf debugging instead of DEBUG * Replace inet_ntoa() with safer inet_ntop() * Add VMS_END marker * bootp: add support for UEFI HTTP boot * IPv6 DNS proxying support * Add missing scope_id in caching * socket: Move closesocket(so->s_aux) to sofree * socket: Check so_type instead of so_tcpcb for Unix-to-inet translation * socket: Add s_aux field to struct socket for storing auxilliary socket * socket: Initialize so_type in socreate * socket: Allocate Unix-to-TCP hostfwd port from OS by binding to port 0 * Allow to disable internal DHCP server * slirp_pollfds_fill: Explain why dividing so_snd.sb_datalen by two * CI: run integration tests with slirp4netns * socket: Check address family for Unix-to-inet accept translation * socket: Add debug args for tcpx_listen (inet and Unix sockets) * socket: Restore original definition of fhost * socket: Move <sys/un.h> include to socket.h * Support Unix sockets in hostfwd * resolv: fix IPv6 resolution on Darwin * Use the exact sockaddr size in getnameinfo call * Initialize sin6_scope_id to zero * slirp_socketpair_with_oob: Connect pair through 127.0.0.1 * resolv: fix memory leak when using libresolv * pingtest: Add a trivial ping test * icmp: Support falling back on trying a SOCK_RAW socket Update to version 4.6.1+7: * Haiku: proper path to resolv.conf for DNS server * Fix for Haiku * dhcp: Always send DHCP_OPT_LEN bytes in options Update to version 4.6.1: * Fix "DHCP broken in libslirp v4.6.0" Update to version 4.6.0: * udp: check upd_input buffer size * tftp: introduce a header structure * tftp: check tftp_input buffer size * upd6: check udp6_input buffer size * bootp: check bootp_input buffer size * bootp: limit vendor-specific area to input packet memory buffer Update to version 4.4.0: * socket: consume empty packets * slirp: check pkt_len before reading protocol header * Add DNS resolving for iOS * sosendoob: better document what urgc is used for * TCPIPHDR_DELTA: Fix potential negative value * udp, udp6, icmp, icmp6: Enable forwarding errors on Linux * icmp, icmp6: Add icmp_forward_error and icmp6_forward_error * udp, udp6, icmp: handle TTL value * ip_stripoptions use memmove slirp4netns was updated to 1.2.0: * Add slirp4netns --target-type=bess /path/to/bess.sock for supporting UML (#281) * Explicitly support DHCP (#270) * Update parson to v1.1.3 (#273) kgabis/parson@70dc239...2d7b3dd Update to version 1.1.11: * Add --macaddress option to specify the MAC address of the tap interface. * Updated the man page. Update to version 1.1.8: Update to 1.0.0: * --enable-sandbox is now out of experimental libslirp-4.7.0+44-150300.15.2.src.rpm libslirp-devel-4.7.0+44-150300.15.2.x86_64.rpm libslirp0-4.7.0+44-150300.15.2.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2022-4455 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for 389-ds fixes the following issues: - support pam_saslauthd for authentication pass through requirements. (jsc#PED-2701 bsc#1205974) Update to version 2.0.17~git7.959d36e: * RFE - split pass through auth cli * BUG - Pam PTA multiple issues * Increase default task TTL Update to version 2.0.17~git4.9447f5f: * Fix typo in `lib389.cli_conf.backend._get_backend` (#5542) * Make logger's parameter name unified (#5540) * Bump VERSION.sh to 2.0.17 * Fix a rebase typo (#5537) * Bump version ot 2.0.17 * Add copyright text to the repository files * Make db compaction TOD day more robust. * UI - Fix npm vulnerability in loader-utils * UI - fix audit issue with npm loader-utils (#5514) * Fix dsctl tls ca-certfiicate add-cert arg requirement * RFE - CLI allow adding CA certificate bundles * memberof is slow on update/fixup if there are several 'groupattr' (#5455) 389-ds-2.0.17~git7.959d36e-150400.3.20.1.src.rpm 389-ds-2.0.17~git7.959d36e-150400.3.20.1.x86_64.rpm 389-ds-devel-2.0.17~git7.959d36e-150400.3.20.1.x86_64.rpm lib389-2.0.17~git7.959d36e-150400.3.20.1.x86_64.rpm libsvrcore0-2.0.17~git7.959d36e-150400.3.20.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-19 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for rmt-server fixes the following issues: Update to version 2.10: - Add option to turn off system token support (bsc#1205089) - Update the `last_seen_at` column on zypper service refresh - Do not retry to import non-existing files in air-gapped mode (bsc#1204769) - CVE-2022-31254: Fixed a local privilege escalation related to the packaging of rmt-server (bsc#1204285). rmt-server-2.10-150400.3.9.1.src.rpm rmt-server-2.10-150400.3.9.1.x86_64.rpm rmt-server-config-2.10-150400.3.9.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-142 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for bind fixes the following issues: Version update from 9.16.33 to 9.16.35 (jsc#SLE-24801, jsc#SLE-24600) - New Features: * Support for parsing and validating the dohpath service parameter in SVCB records was added. * named now logs the supported cryptographic algorithms during startup and in the output of named -V - Bug Fixes: * A crash was fixed that happened when a dnssec-policy zone that used NSEC3 was reconfigured to enable inline-signing. * In certain resolution scenarios, quotas could be erroneously reached for servers, including any configured forwarders, resulting in SERVFAIL answers being sent to clients. * rpz-ip rules in response-policy zones could be ineffective in some cases if a query had the CD (Checking Disabled) bit set to 1. * Previously, if Internet connectivity issues were experienced during the initial startup of named, a BIND resolver with dnssec-validation set to auto could enter into a state where it would not recover without stopping named, manually deleting the managed-keys.bind and managed-keys.bind.jnl files, and starting named again. * The statistics counter representing the current number of clients awaiting recursive resolution results (RecursClients) could overflow in certain resolution scenarios. * Previously, BIND failed to start on Solaris-based systems with hundreds of CPUs. * When a DNS resource records TTL value was equal to the resolver configured prefetch eligibility value, the record was erroneously not treated as eligible for prefetching. * Changing just the TSIG key names for primaries in catalog zones member zones was not effective. This has been fixed. - Known Issues: * Upgrading from BIND 9.16.32 or any older version may require a manual configuration change. The following configurations are affected: + type primary zones configured with dnssec-policy but without either allow-update or update-policy + type secondary zones configured with dnssec-policy In these cases please add inline-signing yes; to the individual zone configuration(s). Without applying this change, named will fail to start. For more details, see https://kb.isc.org/docs/dnssec-policy-requires-dynamic-dns-or-inline-signing bind-9.16.35-150400.5.14.1.src.rpm bind-9.16.35-150400.5.14.1.x86_64.rpm bind-doc-9.16.35-150400.5.14.1.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-177 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for util-linux fixes the following issues: - Fix tests not passing when '@' character is in build path: Fixes rpmbuild %checks fail when @ in the directory path (bsc#1194038). - libuuid continuous clock handling for time based UUIDs: Prevent use of the new libuuid ABI by uuidd %post before update of libuuid1 (bsc#1205646). util-linux-systemd-2.37.2-150400.8.14.1.src.rpm uuidd-2.37.2-150400.8.14.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-103 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for postgresql-jdbc fixes the following issues: - CVE-2022-41946: Fixed a local information disclosure issue due to improper handling of temporary files (bsc#1206921). postgresql-jdbc-42.2.25-150400.3.9.2.noarch.rpm postgresql-jdbc-42.2.25-150400.3.9.2.src.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-346 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for salt fixes the following issues: - Control the collection of lvm grains via config (bsc#1204939) salt-3004-150400.8.20.1.src.rpm True salt-api-3004-150400.8.20.1.x86_64.rpm True salt-cloud-3004-150400.8.20.1.x86_64.rpm True salt-fish-completion-3004-150400.8.20.1.noarch.rpm True salt-master-3004-150400.8.20.1.x86_64.rpm True salt-proxy-3004-150400.8.20.1.x86_64.rpm True salt-ssh-3004-150400.8.20.1.x86_64.rpm True salt-standalone-formulas-configuration-3004-150400.8.20.1.x86_64.rpm True salt-syndic-3004-150400.8.20.1.x86_64.rpm True SUSE-SLE-Module-Server-Applications-15-SP4-2023-295 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for redis fixes the following issues: - CVE-2022-35977: Fixed an integer overflow that could allow authenticated users to cause a crash (bsc#1207202). - CVE-2023-22458: Fixed a missing check that could allow authenticated users to cause a crash (bsc#1207203). redis-6.2.6-150400.3.11.1.src.rpm redis-6.2.6-150400.3.11.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-169 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for xen fixes the following issues: - CVE-2022-23824: Fixed multiple speculative execution issues (bnc#1205209). Non-security fixes: - Updated to version 4.16.3 (bsc#1027519). xen-4.16.3_02-150400.4.19.1.src.rpm True xen-4.16.3_02-150400.4.19.1.x86_64.rpm True xen-devel-4.16.3_02-150400.4.19.1.x86_64.rpm True xen-tools-4.16.3_02-150400.4.19.1.x86_64.rpm True xen-tools-xendomains-wait-disk-4.16.3_02-150400.4.19.1.noarch.rpm True SUSE-SLE-Module-Server-Applications-15-SP4-2023-322 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for apache2 fixes the following issues: - CVE-2022-37436: Fixed an issue in mod_proxy where a malicious backend could cause the response headers to be truncated early, resulting in some headers being incorporated into the response body (bsc#1207251). - CVE-2022-36760: Fixed an issue in mod_proxy_ajp that could allow request smuggling attacks (bsc#1207250). - CVE-2006-20001: Fixed an issue in mod_proxy_ajp where a request header could cause memory corruption (bsc#1207247). apache2-2.4.51-150400.6.6.1.src.rpm apache2-devel-2.4.51-150400.6.6.1.x86_64.rpm apache2-doc-2.4.51-150400.6.6.1.noarch.rpm apache2-worker-2.4.51-150400.6.6.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-212 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for nginx fixes the following issues: - CVE-2022-41741: Handle duplicated atoms in mp4 streams, to mitigate out-of-bound reads. (bsc#1204526) - CVE-2022-41742: Handle duplicated atoms in mp4 streams, to mitigate out-of-bound reads. (bsc#1204527) nginx-1.21.5-150400.3.3.1.src.rpm nginx-1.21.5-150400.3.3.1.x86_64.rpm nginx-source-1.21.5-150400.3.3.1.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-314 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for apache2-mod_security2 fixes the following issues: - CVE-2022-48279: Fixed a potential firewall bypass due to an incorrect parsing of HTTP multipart requests (bsc#1207378). apache2-mod_security2-2.9.4-150400.3.3.1.src.rpm apache2-mod_security2-2.9.4-150400.3.3.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-341 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for bind fixes the following issues: - Updated to version 9.16.37 (jsc#SLE-24600): - CVE-2022-3094: Fixed an issue where a message flood could exhaust all available memory (bsc#1207471). - CVE-2022-3736: Fixed a potential crash upon receiving an RRSIG in configurations with stale cache and stale answers enabled and stale-answer-client-timeout set to a positive value (bsc#1207473). - CVE-2022-3924: Fixed a potential crash upon reaching the recursive-clients soft quota in configurations with stale answers enabled and stale-answer-client-timeout set to a positive value (bsc#1207475). bind-9.16.37-150400.5.17.1.src.rpm bind-9.16.37-150400.5.17.1.x86_64.rpm bind-doc-9.16.37-150400.5.17.1.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-389 critical SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for apr-util fixes the following issues: - CVE-2022-25147: Fixed a buffer overflow possible with specially crafted input during base64 encoding (bsc#1207866) apr-util-1.6.1-150300.18.5.1.src.rpm libapr-util1-dbd-mysql-1.6.1-150300.18.5.1.x86_64.rpm libapr-util1-dbd-pgsql-1.6.1-150300.18.5.1.x86_64.rpm libapr-util1-dbd-sqlite3-1.6.1-150300.18.5.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-785 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for grub2 fixes the following issues: - Remove zfs modules (bsc#1205554) - Make grub.cfg invariant to efi and legacy platforms (bsc#1205200) grub2-2.06-150400.11.23.2.src.rpm grub2-x86_64-xen-2.06-150400.11.23.2.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-473 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for libica fixes the following issues: libica was upgraded to version 4.2.0 (jsc#PED-581, bsc#1202365). Note that the major library versions was changed from libica.so.3 to libica.so.4. Features: - Display build info via icainfo -v - New API function ica_get_build_version() - Display fips indication via icainfo -f - New API function ica_get_fips_indicator() - New API function ica_aes_gcm_initialize_fips() - New API function ica_aes_gcm_kma_get_iv() - New API function ica_get_msa_level() Upgrade to version 4.1.1 (jsc#PED-581, bsc#1202365). v4.1.1: - Fix aes-xts multi-part operations v4.1.0 - FIPS: make libica FIPS 140-3 compliant - New API function ica_ecdsa_sign_ex() - New icainfo output option -r Upgraded to version 4.0.3 (jsc#PED-581, jsc#PED-621, jsc#PED-629) v4.0.3 - Reduce the number of open file descriptors - Various bug fixes v4.0.2 - Various bug fixes v4.0.1 - Various bug fixes - Compute HMAC from installed library v4.0.0 - NO_SW_FALLBACKS is now the default for libica.so - Removed deprecated API functions including tests - Introduced 'const' for some API function parameters - icastats: new parm -k to display detailed counters This update also provides rebuilds of openssl-ibmca and openCryptoki against the new libica. openssl-ibmca was updated: - Upgraded to version 2.3.1 (jsc#PED-597) - Adjustments for libica 4.1.0 - First version including the provider - Fix for engine build without OpenSSL 3.0 sources - Fix PKEY segfault with OpenSSL 3.0 - Build against libica 4.0 openCryptoki-3.17.0-150400.4.8.1.src.rpm openCryptoki-3.17.0-150400.4.8.1.x86_64.rpm openCryptoki-devel-3.17.0-150400.4.8.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-605 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update of quagga fixes the following issues: - rebuild against the new net-snmp (jsc#SLE-11203). libfpm_pb0-1.1.1-150400.12.2.1.x86_64.rpm libospf0-1.1.1-150400.12.2.1.x86_64.rpm libospfapiclient0-1.1.1-150400.12.2.1.x86_64.rpm libquagga_pb0-1.1.1-150400.12.2.1.x86_64.rpm libzebra1-1.1.1-150400.12.2.1.x86_64.rpm quagga-1.1.1-150400.12.2.1.src.rpm quagga-1.1.1-150400.12.2.1.x86_64.rpm quagga-devel-1.1.1-150400.12.2.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-1727 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for 389-ds fixes the following issues: - Prevent memory access violation in `cl5configtrim` (bsc#1205996) - Improve pam_saslauthd migration handling from openldap (bsc#1206563) - Add functionality to do bulk updates to entries - Improve `saslauthd` migration options - Update plugins for new split PAM and LDAP pass thru auth - Add specialized group edit modal to the UI - 'dsidm' now asks for the old password on password reset - Prevent virtual attribute indexing - Allow mutliple MemberOf fixup tasks with different bases/filters 389-ds-2.0.17~git20.ff6dbd9-150400.3.23.1.src.rpm 389-ds-2.0.17~git20.ff6dbd9-150400.3.23.1.x86_64.rpm 389-ds-devel-2.0.17~git20.ff6dbd9-150400.3.23.1.x86_64.rpm lib389-2.0.17~git20.ff6dbd9-150400.3.23.1.x86_64.rpm libsvrcore0-2.0.17~git20.ff6dbd9-150400.3.23.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-569 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for postgresql15 fixes the following issues: Update to 15.2: - CVE-2022-41862: Fixed memory leak in libpq (bsc#1208102). libecpg6-15.2-150200.5.6.1.x86_64.rpm postgresql15-15.2-150200.5.6.1.src.rpm postgresql15-contrib-15.2-150200.5.6.1.x86_64.rpm postgresql15-devel-15.2-150200.5.6.1.x86_64.rpm postgresql15-docs-15.2-150200.5.6.1.noarch.rpm postgresql15-plperl-15.2-150200.5.6.1.x86_64.rpm postgresql15-plpython-15.2-150200.5.6.1.x86_64.rpm postgresql15-pltcl-15.2-150200.5.6.1.x86_64.rpm postgresql15-server-15.2-150200.5.6.1.x86_64.rpm postgresql15-server-devel-15.2-150200.5.6.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-431 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for apache2-mod_security2 fixes the following issues: - CVE-2023-24021: Fixed FILES_TMP_CONTENT missing complete content (bsc#1207379). apache2-mod_security2-2.9.4-150400.3.6.1.src.rpm apache2-mod_security2-2.9.4-150400.3.6.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-692 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for xen fixes the following issues: - CVE-2022-27672: Fixed speculative execution vulnerability due to RAS being dynamically partitioned between non-idle threads (bsc#1208286). Bugfixes: - Fixed launch-xenstore error (bsc#1205792) - Fixed issues in VMX (bsc#1027519). xen-4.16.3_04-150400.4.22.1.src.rpm xen-4.16.3_04-150400.4.22.1.x86_64.rpm xen-devel-4.16.3_04-150400.4.22.1.x86_64.rpm xen-tools-4.16.3_04-150400.4.22.1.x86_64.rpm xen-tools-xendomains-wait-disk-4.16.3_04-150400.4.22.1.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-1593 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for certification-sles-eal4 fixes the following issues: - Update to version 15.2+git20230219.8d115ca: * fixed setenv syntax for CSH configuration script (bsc#1199905) certification-sles-eal4-15.2+git20230219.8d115ca-150200.5.18.1.src.rpm certification-sles-eal4-15.2+git20230219.8d115ca-150200.5.18.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-517 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update of openhpi fixes the following issues: - rebuild against the new net-snmp (jsc#SLE-11203). libopenhpi4-3.8.0-150400.10.2.1.x86_64.rpm openhpi-3.8.0-150400.10.2.1.src.rpm openhpi-3.8.0-150400.10.2.1.x86_64.rpm openhpi-clients-3.8.0-150400.10.2.1.x86_64.rpm openhpi-daemon-3.8.0-150400.10.2.1.x86_64.rpm openhpi-devel-3.8.0-150400.10.2.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-1658 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for apache2 fixes the following issues: - CVE-2023-27522: Fixed HTTP response splitting in mod_proxy_uwsgi (bsc#1209049). - CVE-2023-25690: Fixed HTTP request splitting with mod_rewrite and mod_proxy (bsc#1209047). The following non-security bugs were fixed: - Fixed mod_proxy handling of very long urls (bsc#1207327) - Fixed passing health check does not recover worker from its error state (bsc#1208708). apache2-2.4.51-150400.6.11.1.src.rpm apache2-devel-2.4.51-150400.6.11.1.x86_64.rpm apache2-doc-2.4.51-150400.6.11.1.noarch.rpm apache2-worker-2.4.51-150400.6.11.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-614 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update of nut fixes the following issues: - rebuild against the new net-snmp (jsc#SLE-11203). nut-2.7.4-150400.15.2.1.src.rpm nut-2.7.4-150400.15.2.1.x86_64.rpm nut-devel-2.7.4-150400.15.2.1.x86_64.rpm nut-drivers-net-2.7.4-150400.15.2.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-807 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for salt fixes the following issues: - Fix problem with detecting PTF packages (bsc#1208691) - Fix pkg.version_cmp on openEuler systems and a few other OS flavors - Make pkg.remove function from zypperpkg module to handle also PTF packages salt-3004-150400.8.25.1.src.rpm True salt-api-3004-150400.8.25.1.x86_64.rpm True salt-cloud-3004-150400.8.25.1.x86_64.rpm True salt-fish-completion-3004-150400.8.25.1.noarch.rpm True salt-master-3004-150400.8.25.1.x86_64.rpm True salt-proxy-3004-150400.8.25.1.x86_64.rpm True salt-ssh-3004-150400.8.25.1.x86_64.rpm True salt-standalone-formulas-configuration-3004-150400.8.25.1.x86_64.rpm True salt-syndic-3004-150400.8.25.1.x86_64.rpm True SUSE-SLE-Module-Server-Applications-15-SP4-2023-671 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for qemu fixes the following issues: - CVE-2022-4144: Fixed qxl_phys2virt unsafe address translation that can lead to out-of-bounds read (bsc#1205808). - CVE-2022-3165: Fixed integer underflow in vnc_client_cut_text_ext() (bsc#1203788). - CVE-2022-1050: Fixed use-after-free issue in pvrdma_exec_cmd() (bsc#1197653). Bugfixes: - Fixed deviation of guest clock (bsc#1206527). - Fixed broken "block limits" VPD emulation (bsc#1202364). qemu-6.2.0-150400.37.11.1.src.rpm qemu-6.2.0-150400.37.11.1.x86_64.rpm qemu-accel-tcg-x86-6.2.0-150400.37.11.1.x86_64.rpm qemu-audio-alsa-6.2.0-150400.37.11.1.x86_64.rpm qemu-audio-pa-6.2.0-150400.37.11.1.x86_64.rpm qemu-audio-spice-6.2.0-150400.37.11.1.x86_64.rpm qemu-block-curl-6.2.0-150400.37.11.1.x86_64.rpm qemu-block-iscsi-6.2.0-150400.37.11.1.x86_64.rpm qemu-block-rbd-6.2.0-150400.37.11.1.x86_64.rpm qemu-block-ssh-6.2.0-150400.37.11.1.x86_64.rpm qemu-chardev-baum-6.2.0-150400.37.11.1.x86_64.rpm qemu-chardev-spice-6.2.0-150400.37.11.1.x86_64.rpm qemu-guest-agent-6.2.0-150400.37.11.1.x86_64.rpm qemu-hw-display-qxl-6.2.0-150400.37.11.1.x86_64.rpm qemu-hw-display-virtio-gpu-6.2.0-150400.37.11.1.x86_64.rpm qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.11.1.x86_64.rpm qemu-hw-display-virtio-vga-6.2.0-150400.37.11.1.x86_64.rpm qemu-hw-usb-host-6.2.0-150400.37.11.1.x86_64.rpm qemu-hw-usb-redirect-6.2.0-150400.37.11.1.x86_64.rpm qemu-ipxe-1.0.0+-150400.37.11.1.noarch.rpm qemu-ksm-6.2.0-150400.37.11.1.x86_64.rpm qemu-kvm-6.2.0-150400.37.11.1.x86_64.rpm qemu-lang-6.2.0-150400.37.11.1.x86_64.rpm qemu-ui-curses-6.2.0-150400.37.11.1.x86_64.rpm qemu-ui-gtk-6.2.0-150400.37.11.1.x86_64.rpm qemu-ui-opengl-6.2.0-150400.37.11.1.x86_64.rpm qemu-ui-spice-app-6.2.0-150400.37.11.1.x86_64.rpm qemu-ui-spice-core-6.2.0-150400.37.11.1.x86_64.rpm qemu-x86-6.2.0-150400.37.11.1.x86_64.rpm qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.11.1.noarch.rpm qemu-sgabios-8-150400.37.11.1.noarch.rpm qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.11.1.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-1751 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for clone-master-clean-up fixes the following issue: - clone-master-clean-up fails when /etc/iscsi/initiatorname.iscsi doesn't exist (bsc#1207993) clone-master-clean-up-1.11-150100.3.20.1.noarch.rpm clone-master-clean-up-1.11-150100.3.20.1.src.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-1697 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for bind fixes the following issues: - A constant stream of zone additions and deletions via rndc reconfig could cause increased memory consumption due to delayed cleaning of view memory. - The speed of the message digest algorithms (MD5, SHA-1, SHA-2) and of NSEC3 hashing has been improved. - Building BIND 9 failed when the --enable-dnsrps switch for ./configure was used. (jsc#SLE-24600) - Updated keyring and signature bind-9.16.38-150400.5.20.2.src.rpm bind-9.16.38-150400.5.20.2.x86_64.rpm bind-doc-9.16.38-150400.5.20.2.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-705 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for postgresql14 fixes the following issues: Update to 14.7: - CVE-2022-41862: Fixed memory leak in libpq (bsc#1208102). postgresql14-14.7-150200.5.23.1.src.rpm postgresql14-contrib-14.7-150200.5.23.1.x86_64.rpm postgresql14-devel-14.7-150200.5.23.1.x86_64.rpm postgresql14-docs-14.7-150200.5.23.1.noarch.rpm postgresql14-plperl-14.7-150200.5.23.1.x86_64.rpm postgresql14-plpython-14.7-150200.5.23.1.x86_64.rpm postgresql14-pltcl-14.7-150200.5.23.1.x86_64.rpm postgresql14-server-14.7-150200.5.23.1.x86_64.rpm postgresql14-server-devel-14.7-150200.5.23.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-633 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for oracleasm fixes the following issue: - Installation and stability issues such as kernel panics caused by compatibility issues. (bsc#1202844) oracleasm-2.0.8-150400.25.5.1.src.rpm oracleasm-kmp-default-2.0.8_k5.14.21_150400.24.46-150400.25.5.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-694 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for redis fixes the following issues: - CVE-2022-36021: Fixed integer overflow in RANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands (bsc#1208790). - CVE-2023-25155: Fixed integer Overflow in RAND commands can lead to assertion (bsc#1208793). The following non-security bug was fixed: - Fixed redis-sentinel not starting due to the hardening in the systemd service (bsc#1208235). redis-6.2.6-150400.3.16.1.src.rpm redis-6.2.6-150400.3.16.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-1739 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for pgadmin4 fixes the following issues: - CVE-2023-22298: Fixed an open redirect vulnerability (bsc#1207238). pgadmin4-4.30-150300.3.6.1.src.rpm pgadmin4-4.30-150300.3.6.1.x86_64.rpm pgadmin4-doc-4.30-150300.3.6.1.noarch.rpm pgadmin4-web-4.30-150300.3.6.1.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-1298 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for ndctl fixes the following issues: - Fix parsing of environment variable NDCTL_TIMEOUT (bsc#1208548) ndctl-71.1-150400.10.3.1.src.rpm ndctl-71.1-150400.10.3.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-879 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for qemu fixes the following issues: - CVE-2021-3507: Fixed heap buffer overflow in DMA read data transfers in fdc (bsc#1185000). - CVE-2020-14394: Fixed infinite loop in xhci_ring_chain_length() (bsc#1180207). qemu-6.2.0-150400.37.14.2.src.rpm qemu-6.2.0-150400.37.14.2.x86_64.rpm qemu-accel-tcg-x86-6.2.0-150400.37.14.2.x86_64.rpm qemu-audio-alsa-6.2.0-150400.37.14.2.x86_64.rpm qemu-audio-pa-6.2.0-150400.37.14.2.x86_64.rpm qemu-audio-spice-6.2.0-150400.37.14.2.x86_64.rpm qemu-block-curl-6.2.0-150400.37.14.2.x86_64.rpm qemu-block-iscsi-6.2.0-150400.37.14.2.x86_64.rpm qemu-block-rbd-6.2.0-150400.37.14.2.x86_64.rpm qemu-block-ssh-6.2.0-150400.37.14.2.x86_64.rpm qemu-chardev-baum-6.2.0-150400.37.14.2.x86_64.rpm qemu-chardev-spice-6.2.0-150400.37.14.2.x86_64.rpm qemu-guest-agent-6.2.0-150400.37.14.2.x86_64.rpm qemu-hw-display-qxl-6.2.0-150400.37.14.2.x86_64.rpm qemu-hw-display-virtio-gpu-6.2.0-150400.37.14.2.x86_64.rpm qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.14.2.x86_64.rpm qemu-hw-display-virtio-vga-6.2.0-150400.37.14.2.x86_64.rpm qemu-hw-usb-host-6.2.0-150400.37.14.2.x86_64.rpm qemu-hw-usb-redirect-6.2.0-150400.37.14.2.x86_64.rpm qemu-ipxe-1.0.0+-150400.37.14.2.noarch.rpm qemu-ksm-6.2.0-150400.37.14.2.x86_64.rpm qemu-kvm-6.2.0-150400.37.14.2.x86_64.rpm qemu-lang-6.2.0-150400.37.14.2.x86_64.rpm qemu-ui-curses-6.2.0-150400.37.14.2.x86_64.rpm qemu-ui-gtk-6.2.0-150400.37.14.2.x86_64.rpm qemu-ui-opengl-6.2.0-150400.37.14.2.x86_64.rpm qemu-ui-spice-app-6.2.0-150400.37.14.2.x86_64.rpm qemu-ui-spice-core-6.2.0-150400.37.14.2.x86_64.rpm qemu-x86-6.2.0-150400.37.14.2.x86_64.rpm qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.14.2.noarch.rpm qemu-sgabios-8-150400.37.14.2.noarch.rpm qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.14.2.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-848 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for xen fixes the following issues: - CVE-2022-42332: Fixed use-after-free in x86 shadow plus log-dirty mode (bsc#1209017). - CVE-2022-42333,CVE-2022-42334: Fixed x86/HVM pinned cache attributes mis-handling (bsc#1209018). - CVE-2022-42331: Fixed speculative vulnerability in 32bit SYSCALL path on x86 (bsc#1209019). xen-4.16.3_06-150400.4.25.1.src.rpm True xen-4.16.3_06-150400.4.25.1.x86_64.rpm True xen-devel-4.16.3_06-150400.4.25.1.x86_64.rpm True xen-tools-4.16.3_06-150400.4.25.1.x86_64.rpm True xen-tools-xendomains-wait-disk-4.16.3_06-150400.4.25.1.noarch.rpm True SUSE-SLE-Module-Server-Applications-15-SP4-2023-1759 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update of dpdk fixes the following issues: - rebuild the package with the new secure boot key (bsc#1209188). dpdk-19.11.10-150400.4.9.1.src.rpm dpdk-19.11.10-150400.4.9.1.x86_64.rpm dpdk-devel-19.11.10-150400.4.9.1.x86_64.rpm dpdk-kmp-default-19.11.10_k5.14.21_150400.24.46-150400.4.9.1.x86_64.rpm dpdk-tools-19.11.10-150400.4.9.1.x86_64.rpm libdpdk-20_0-19.11.10-150400.4.9.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-1760 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update of oracleasm fixes the following issues: - rebuild the package with the new secure boot key (bsc#1209188). oracleasm-2.0.8-150400.25.7.1.src.rpm oracleasm-kmp-default-2.0.8_k5.14.21_150400.24.46-150400.25.7.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-1717 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update of grub2 fixes the following issues: - rebuild the package with the new secure boot key (bsc#1209188). grub2-2.06-150400.11.25.1.src.rpm grub2-x86_64-xen-2.06-150400.11.25.1.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-2783 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for grpc, protobuf, python-Deprecated, python-PyGithub, python-aiocontextvars, python-avro, python-bcrypt, python-cryptography, python-cryptography-vectors, python-google-api-core, python-googleapis-common-protos, python-grpcio-gcp, python-humanfriendly, python-jsondiff, python-knack, python-opencensus, python-opencensus-context, python-opencensus-ext-threading, python-opentelemetry-api, python-psutil, python-pytest-asyncio, python-requests, python-websocket-client, python-websockets fixes the following issues: grpc: - Update in SLE-15 (bsc#1197726, bsc#1144068) protobuf: - Fix a potential DoS issue in protobuf-cpp and protobuf-python, CVE-2022-1941, bsc#1203681 - Fix a potential DoS issue when parsing with binary data in protobuf-java, CVE-2022-3171, bsc#1204256 - Fix potential Denial of Service in protobuf-java in the parsing procedure for binary data, CVE-2021-22569, bsc#1194530 - Add missing dependency of python subpackages on python-six (bsc#1177127) - Updated to version 3.9.2 (bsc#1162343) * Remove OSReadLittle* due to alignment requirements. * Don't use unions and instead use memcpy for the type swaps. - Disable LTO (bsc#1133277) python-aiocontextvars: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) python-avro: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) python-cryptography: - update to 3.3.2 (bsc#1182066, CVE-2020-36242, bsc#1198331) * SECURITY ISSUE: Fixed a bug where certain sequences of update() calls when symmetrically encrypting very large payloads (>2GB) could result in an integer overflow, leading to buffer overflows. CVE-2020-36242 python-cryptography-vectors: - update to 3.2 (bsc#1178168, CVE-2020-25659): * CVE-2020-25659: Attempted to make RSA PKCS#1v1.5 decryption more constant time, to protect against Bleichenbacher vulnerabilities. Due to limitations imposed by our API, we cannot completely mitigate this vulnerability. * Support for OpenSSL 1.0.2 has been removed. * Added basic support for PKCS7 signing (including SMIME) via PKCS7SignatureBuilder. - update to 3.3.2 (bsc#1198331) python-Deprecated: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - update to 1.2.13: python-google-api-core: - Update to 1.14.2 python-googleapis-common-protos: - Update to 1.6.0 python-grpcio-gcp: - Initial spec for v0.2.2 python-humanfriendly: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Update to 10.0 python-jsondiff: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Update to version 1.3.0 python-knack: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Update to version 0.9.0 python-opencensus: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Disable Python2 build - Update to 0.8.0 python-opencensus-context: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) python-opencensus-ext-threading: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial build version 0.1.2 python-opentelemetry-api: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Version update to 1.5.0 python-psutil: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - update to 5.9.1 - remove the dependency on net-tools, since it conflicts with busybox-hostnmame which is default on MicroOS. (bsc#1184753) - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) python-PyGithub: - Update to 1.43.5: python-pytest-asyncio: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Initial release of python-pytest-asyncio 0.8.0 python-requests: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) python-websocket-client: - Update in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - Update to version 1.3.2 python-websockets: - Include in SLE-15 (bsc#1199282, jsc#PM-3243, jsc#SLE-24629) - update to 9.1: python-constantly-15.1.0-150000.3.4.1.src.rpm python-hyperlink-17.2.1-150000.3.4.1.src.rpm python-zope.interface-4.4.2-150000.3.4.1.src.rpm python3-constantly-15.1.0-150000.3.4.1.noarch.rpm python3-hyperlink-17.2.1-150000.3.4.1.noarch.rpm python3-zope.interface-4.4.2-150000.3.4.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-1955 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for mariadb fixes the following issues: - Update to 10.6.12: libmariadbd-devel-10.6.12-150400.3.20.5.x86_64.rpm libmariadbd19-10.6.12-150400.3.20.5.x86_64.rpm mariadb-10.6.12-150400.3.20.5.src.rpm mariadb-10.6.12-150400.3.20.5.x86_64.rpm mariadb-client-10.6.12-150400.3.20.5.x86_64.rpm mariadb-errormessages-10.6.12-150400.3.20.5.noarch.rpm mariadb-tools-10.6.12-150400.3.20.5.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-1963 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for grub2 fixes the following issues: - Fix aarch64 kiwi image's file not found due to '/@' prepended to path in btrfs filesystem. (bsc#1209165) - Make grub more robust against storage race condition causing system boot failures (bsc#1189036) - Fix unknown filesystem error on disks with 4096 sector size (bsc#1207064, bsc#1209234) - Fix installation over serial console ends up in infinite boot loop (bsc#1187810, bsc#1209667, bsc#1209372) grub2-2.06-150400.11.30.1.src.rpm grub2-x86_64-xen-2.06-150400.11.30.1.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-1849 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for apache2-mod_auth_openidc fixes the following issues: - CVE-2023-28625: Fixed NULL pointer dereference when OIDCStripCookies was set and a crafted Cookie header was supplied (bsc#1210073). apache2-mod_auth_openidc-2.3.8-150100.3.25.1.src.rpm apache2-mod_auth_openidc-2.3.8-150100.3.25.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-1877 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for pgadmin4 fixes the following issues: - CVE-2023-0241: Fixed a directory traversal vulnerability (bsc#1207464). pgadmin4-4.30-150300.3.9.1.src.rpm pgadmin4-4.30-150300.3.9.1.x86_64.rpm pgadmin4-doc-4.30-150300.3.9.1.noarch.rpm pgadmin4-web-4.30-150300.3.9.1.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-2063 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for davfs2 fixes the following issues: - Do not download the update_cache_file on each lookup. It is enough to get the latest file size when a file is not open or not dirty to detect if it has been changed on the server, so next FUSE read will have the correct size. (bsc#1198576, bsc#1188967). davfs2-1.5.4-150000.3.11.1.src.rpm davfs2-1.5.4-150000.3.11.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-2089 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for sapconf fixes the following issues: - version update from 5.0.5 to 5.0.6 - add parameter IGNORE_RELOAD to /etc/sysconfig/sapconf to prevent sapconf from changing any system tunables during package update (bsc#1209408) - fix for a race condition which leads to a missing start/restart of sapconf, which ends up with restored kernel parameters to defaults (bsc#1207899) correctly. Only the DM multipath devices (mpath) will be used for sapconf-5.0.6-150000.7.27.1.noarch.rpm sapconf-5.0.6-150000.7.27.1.src.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-2051 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for libtpms fixes the following issues: - CVE-2023-1017: Fixed out-of-bounds write in CryptParameterDecryption (bsc#1206022). - CVE-2023-1018: Fixed out-of-bounds read in CryptParameterDecryption (bsc#1206023). libtpms-0.8.2-150300.3.9.1.src.rpm libtpms-devel-0.8.2-150300.3.9.1.x86_64.rpm libtpms0-0.8.2-150300.3.9.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-2122 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for redis fixes the following issues: - CVE-2022-36021: Fixed possible integer overflow via specially crafted SRANDMEMBER, ZRANDMEMBER, and HRANDFIELD commands (bsc#1208790). - CVE-2023-28856: Fixed possible DoS when using HINCRBYFLOAT to create an hash field (bsc#1210548). - CVE-2023-25155: Fixed integer overflow in RAND commands that can lead to assertion (bsc#1208793). redis-6.2.6-150400.3.19.1.src.rpm redis-6.2.6-150400.3.19.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-2317 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for util-linux fixes the following issue: - Add upstream patch to prevent possible performance degradation of libuuid (bsc#1210164) util-linux-systemd-2.37.2-150400.8.17.1.src.rpm uuidd-2.37.2-150400.8.17.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-2234 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for ovmf fixes the following issues: - CVE-2021-38578: Fixed potential underflow in SmmEntryPointwhen computing BufferSize (bsc#1196741). - CVE-2019-14560: Fixed potential secure boot bypass caused by improper check of GetEfiGlobalVariable2() return value (bsc#1174246). - revert a patch to fix xen boot problems (bsc#1205613) ovmf-202202-150400.5.10.1.src.rpm ovmf-202202-150400.5.10.1.x86_64.rpm ovmf-tools-202202-150400.5.10.1.x86_64.rpm qemu-ovmf-x86_64-202202-150400.5.10.1.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-2355 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for librelp fixes the following issues: - update to librelp 1.11.0 (bsc#1210649) librelp-1.11.0-150000.3.3.1.src.rpm librelp-devel-1.11.0-150000.3.3.1.x86_64.rpm librelp0-1.11.0-150000.3.3.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-2667 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for bind fixes the following issues: Update to release 9.16.42 Security Fixes: * The overmem cleaning process has been improved, to prevent the cache from significantly exceeding the configured max-cache-size limit. (CVE-2023-2828) * A query that prioritizes stale data over lookup triggers a fetch to refresh the stale data in cache. If the fetch is aborted for exceeding the recursion quota, it was possible for named to enter an infinite callback loop and crash due to stack overflow. This has been fixed. (CVE-2023-2911) Bug Fixes: * Previously, it was possible for a delegation from cache to be returned to the client after the stale-answer-client-timeout duration. This has been fixed. [bsc#1212544, bsc#1212567, jsc#SLE-24600] Update to release 9.16.41 Bug Fixes: * When removing delegations from an opt-out range, empty-non-terminal NSEC3 records generated by those delegations were not cleaned up. This has been fixed. [jsc#SLE-24600] Update to release 9.16.40 Bug Fixes: * Logfiles using timestamp-style suffixes were not always correctly removed when the number of files exceeded the limit set by versions. This has been fixed for configurations which do not explicitly specify a directory path as part of the file argument in the channel specification. * Performance of DNSSEC validation in zones with many DNSKEY records has been improved. Update to release 9.16.39 Feature Changes: * libuv support for receiving multiple UDP messages in a single recvmmsg() system call has been tweaked several times between libuv versions 1.35.0 and 1.40.0; the current recommended libuv version is 1.40.0 or higher. New rules are now in effect for running with a different version of libuv than the one used at compilation time. These rules may trigger a fatal error at startup: - Building against or running with libuv versions 1.35.0 and 1.36.0 is now a fatal error. - Running with libuv version higher than 1.34.2 is now a fatal error when named is built against libuv version 1.34.2 or lower. - Running with libuv version higher than 1.39.0 is now a fatal error when named is built against libuv version 1.37.0, 1.38.0, 1.38.1, or 1.39.0. * This prevents the use of libuv versions that may trigger an assertion failure when receiving multiple UDP messages in a single system call. Bug Fixes: * named could crash with an assertion failure when adding a new zone into the configuration file for a name which was already configured as a member zone for a catalog zone. This has been fixed. * When named starts up, it sends a query for the DNSSEC key for each configured trust anchor to determine whether the key has changed. In some unusual cases, the query might depend on a zone for which the server is itself authoritative, and would have failed if it were sent before the zone was fully loaded. This has now been fixed by delaying the key queries until all zones have finished loading. [jsc#SLE-24600] bind-9.16.42-150400.5.27.1.src.rpm bind-9.16.42-150400.5.27.1.x86_64.rpm bind-doc-9.16.42-150400.5.27.1.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-2571 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for salt fixes the following issues: salt: - Update to Salt release version 3006.0 (jsc#PED-4361) * See release notes: https://docs.saltproject.io/en/latest/topics/releases/3006.0.html - Add missing patch after rebase to fix collections Mapping issues - Add python3-looseversion as new dependency for salt - Add python3-packaging as new dependency for salt - Allow entrypoint compatibility for "importlib-metadata>=5.0.0" (bsc#1207071) - Avoid conflicts with Salt dependencies versions (bsc#1211612) - Avoid failures due transactional_update module not available in Salt 3006.0 (bsc#1211754) - Create new salt-tests subpackage containing Salt tests - Drop conflictive patch dicarded from upstream - Fix package build with old setuptools versions - Fix SLS rendering error when Jinja macros are used - Fix version detection and avoid building and testing failures - Prevent deadlocks in salt-ssh executions - Require python3-jmespath runtime dependency (bsc#1209233) - Make master_tops compatible with Salt 3000 and older minions (bsc#1212516, bsc#1212517) python-jmespath: - Deliver python3-jmespath to SUSE Linux Enterprise Micro on s390x architecture as it is now required by Salt (no source changes) python-ply: - Deliver python3-ply to SUSE Linux Enterprise Micro on s390x architecture as it is a requirement for python-jmespath (no source changes) salt-3006.0-150400.8.34.2.src.rpm True salt-api-3006.0-150400.8.34.2.x86_64.rpm True salt-cloud-3006.0-150400.8.34.2.x86_64.rpm True salt-fish-completion-3006.0-150400.8.34.2.noarch.rpm True salt-master-3006.0-150400.8.34.2.x86_64.rpm True salt-proxy-3006.0-150400.8.34.2.x86_64.rpm True salt-ssh-3006.0-150400.8.34.2.x86_64.rpm True salt-standalone-formulas-configuration-3006.0-150400.8.34.2.x86_64.rpm True salt-syndic-3006.0-150400.8.34.2.x86_64.rpm True SUSE-SLE-Module-Server-Applications-15-SP4-2023-2207 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for postgresql15 fixes the following issues: Updated to version 15.3: - CVE-2023-2454: Fixed an issue where a user having permission to create a schema could hijack the privileges of a security definer function or extension script (bsc#1211228). - CVE-2023-2455: Fixed an issue that could allow a user to see or modify rows that should have been invisible (bsc#1211229). - Internal fixes (bsc#1210303). libecpg6-15.3-150200.5.9.1.x86_64.rpm postgresql15-15.3-150200.5.9.1.src.rpm postgresql15-contrib-15.3-150200.5.9.1.x86_64.rpm postgresql15-devel-15.3-150200.5.9.1.x86_64.rpm postgresql15-docs-15.3-150200.5.9.1.noarch.rpm postgresql15-plperl-15.3-150200.5.9.1.x86_64.rpm postgresql15-plpython-15.3-150200.5.9.1.x86_64.rpm postgresql15-pltcl-15.3-150200.5.9.1.x86_64.rpm postgresql15-server-15.3-150200.5.9.1.x86_64.rpm postgresql15-server-devel-15.3-150200.5.9.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-2205 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for postgresql14 fixes the following issues: Updated to version 14.8: - CVE-2023-2454: Fixed an issue where a user having permission to create a schema could hijack the privileges of a security definer function or extension script (bsc#1211228). - CVE-2023-2455: Fixed an issue that could allow a user to see or modify rows that should have been invisible (bsc#1211229). - Internal fixes (bsc#1210303). postgresql14-14.8-150200.5.26.1.src.rpm postgresql14-contrib-14.8-150200.5.26.1.x86_64.rpm postgresql14-devel-14.8-150200.5.26.1.x86_64.rpm postgresql14-docs-14.8-150200.5.26.1.noarch.rpm postgresql14-plperl-14.8-150200.5.26.1.x86_64.rpm postgresql14-plpython-14.8-150200.5.26.1.x86_64.rpm postgresql14-pltcl-14.8-150200.5.26.1.x86_64.rpm postgresql14-server-14.8-150200.5.26.1.x86_64.rpm postgresql14-server-devel-14.8-150200.5.26.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-2250 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for openvswitch fixes the following issues: - CVE-2022-4338: Fixed Integer Underflow in Organization Specific TLV (bsc#1206580). - CVE-2022-4337: Fixed Out-of-Bounds Read in Organization Specific TLV (bsc#1206581). libopenvswitch-2_14-0-2.14.2-150400.24.6.1.x86_64.rpm libovn-20_06-0-20.06.2-150400.24.6.1.x86_64.rpm openvswitch-2.14.2-150400.24.6.1.src.rpm openvswitch-2.14.2-150400.24.6.1.x86_64.rpm openvswitch-devel-2.14.2-150400.24.6.1.x86_64.rpm openvswitch-ipsec-2.14.2-150400.24.6.1.x86_64.rpm openvswitch-pki-2.14.2-150400.24.6.1.x86_64.rpm openvswitch-test-2.14.2-150400.24.6.1.x86_64.rpm openvswitch-vtep-2.14.2-150400.24.6.1.x86_64.rpm ovn-20.06.2-150400.24.6.1.x86_64.rpm ovn-central-20.06.2-150400.24.6.1.x86_64.rpm ovn-devel-20.06.2-150400.24.6.1.x86_64.rpm ovn-docker-20.06.2-150400.24.6.1.x86_64.rpm ovn-host-20.06.2-150400.24.6.1.x86_64.rpm ovn-vtep-20.06.2-150400.24.6.1.x86_64.rpm python3-ovs-2.14.2-150400.24.6.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-2276 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for grub2 fixes the following issues: - grub2-once: Fix 'sh: terminal_output: command not found' error (bsc#1204563) - Fix PowerVS deployment fails to boot with 90 cores (bsc#1208581) grub2-2.06-150400.11.33.1.src.rpm grub2-x86_64-xen-2.06-150400.11.33.1.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-2296 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for openvswitch fixes the following issues: - CVE-2023-1668: Fixed remote traffic denial of service via crafted packets with IP proto 0 (bsc#1210054). libopenvswitch-2_14-0-2.14.2-150400.24.9.1.x86_64.rpm libovn-20_06-0-20.06.2-150400.24.9.1.x86_64.rpm openvswitch-2.14.2-150400.24.9.1.src.rpm openvswitch-2.14.2-150400.24.9.1.x86_64.rpm openvswitch-devel-2.14.2-150400.24.9.1.x86_64.rpm openvswitch-ipsec-2.14.2-150400.24.9.1.x86_64.rpm openvswitch-pki-2.14.2-150400.24.9.1.x86_64.rpm openvswitch-test-2.14.2-150400.24.9.1.x86_64.rpm openvswitch-vtep-2.14.2-150400.24.9.1.x86_64.rpm ovn-20.06.2-150400.24.9.1.x86_64.rpm ovn-central-20.06.2-150400.24.9.1.x86_64.rpm ovn-devel-20.06.2-150400.24.9.1.x86_64.rpm ovn-docker-20.06.2-150400.24.9.1.x86_64.rpm ovn-host-20.06.2-150400.24.9.1.x86_64.rpm ovn-vtep-20.06.2-150400.24.9.1.x86_64.rpm python3-ovs-2.14.2-150400.24.9.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-2366 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for xen fixes the following issues: - Added debug-info to xen-syms (bsc#1209237) - Update to Xen 4.16.4 bug fix release (bsc#1027519) - Added upstream bug fixes (bsc#1027519) - Fix host-assisted kexec/kdump for HVM domUs (bsc#1209245) - Drop patches contained in new tarball and switch to upstream backports for some patches xen-4.16.4_02-150400.4.28.1.src.rpm xen-4.16.4_02-150400.4.28.1.x86_64.rpm xen-devel-4.16.4_02-150400.4.28.1.x86_64.rpm xen-tools-4.16.4_02-150400.4.28.1.x86_64.rpm xen-tools-xendomains-wait-disk-4.16.4_02-150400.4.28.1.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-2295 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for rmt-server fixes the following issues: Updated to version 2.13: - CVE-2023-28120: Fixed a potential XSS issue in an embedded dependency (bsc#1209507). - CVE-2023-27530: Fixed a denial of service issue in multipart request parsing (bsc#1209096). Non-security fixes: - Fixed transactional update on GCE (bsc#1211398). - Use HTTPS in rmt-client-setup-res (bsc#1209825). - Various build fixes (bsc#1207670, bsc#1203171, bsc#1206593, bsc#1202053). rmt-server-2.13-150400.3.12.1.src.rpm rmt-server-2.13-150400.3.12.1.x86_64.rpm rmt-server-config-2.13-150400.3.12.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-2479 low SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for mariadb fixes the following issues: Updated to version 10.6.13: - CVE-2022-47015: Fixed a denial of service that could be triggered by a crafted SQL query (bsc#1207404). libmariadbd-devel-10.6.13-150400.3.23.1.x86_64.rpm libmariadbd19-10.6.13-150400.3.23.1.x86_64.rpm mariadb-10.6.13-150400.3.23.1.src.rpm mariadb-10.6.13-150400.3.23.1.x86_64.rpm mariadb-client-10.6.13-150400.3.23.1.x86_64.rpm mariadb-errormessages-10.6.13-150400.3.23.1.noarch.rpm mariadb-tools-10.6.13-150400.3.23.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-2356 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for libvirt fixes the following issues: - CVE-2023-2700: Fixed a memory leak that could be triggered by repeatedly querying an SR-IOV PCI device's capabilities (bsc#1211390). Non-security fixes: - Fixed a potential crash during driver cleanup (bsc#1209861). - Added Apparmor support for SUSE edk2 firmware paths (boo#1208567). - Fixed lxc container initialization with systemd and hybrid groups (boo#1183247). - Added the option to specify the virtual CPU address size in bits for qemu (bsc#1199583). libvirt-8.0.0-150400.7.6.1.src.rpm libvirt-8.0.0-150400.7.6.1.x86_64.rpm libvirt-client-8.0.0-150400.7.6.1.x86_64.rpm libvirt-daemon-8.0.0-150400.7.6.1.x86_64.rpm libvirt-daemon-config-network-8.0.0-150400.7.6.1.x86_64.rpm libvirt-daemon-config-nwfilter-8.0.0-150400.7.6.1.x86_64.rpm libvirt-daemon-driver-interface-8.0.0-150400.7.6.1.x86_64.rpm libvirt-daemon-driver-libxl-8.0.0-150400.7.6.1.x86_64.rpm libvirt-daemon-driver-network-8.0.0-150400.7.6.1.x86_64.rpm libvirt-daemon-driver-nodedev-8.0.0-150400.7.6.1.x86_64.rpm libvirt-daemon-driver-nwfilter-8.0.0-150400.7.6.1.x86_64.rpm libvirt-daemon-driver-qemu-8.0.0-150400.7.6.1.x86_64.rpm libvirt-daemon-driver-secret-8.0.0-150400.7.6.1.x86_64.rpm libvirt-daemon-driver-storage-8.0.0-150400.7.6.1.x86_64.rpm libvirt-daemon-driver-storage-core-8.0.0-150400.7.6.1.x86_64.rpm libvirt-daemon-driver-storage-disk-8.0.0-150400.7.6.1.x86_64.rpm libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.6.1.x86_64.rpm libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.6.1.x86_64.rpm libvirt-daemon-driver-storage-logical-8.0.0-150400.7.6.1.x86_64.rpm libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.6.1.x86_64.rpm libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.6.1.x86_64.rpm libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.6.1.x86_64.rpm libvirt-daemon-hooks-8.0.0-150400.7.6.1.x86_64.rpm libvirt-daemon-qemu-8.0.0-150400.7.6.1.x86_64.rpm libvirt-daemon-xen-8.0.0-150400.7.6.1.x86_64.rpm libvirt-devel-8.0.0-150400.7.6.1.x86_64.rpm libvirt-doc-8.0.0-150400.7.6.1.noarch.rpm libvirt-lock-sanlock-8.0.0-150400.7.6.1.x86_64.rpm libvirt-nss-8.0.0-150400.7.6.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-2547 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for qemu fixes the following issues: - vCPU stalls in Qemu with NFS storage (bsc#1211000) qemu-6.2.0-150400.37.17.1.src.rpm qemu-6.2.0-150400.37.17.1.x86_64.rpm qemu-accel-tcg-x86-6.2.0-150400.37.17.1.x86_64.rpm qemu-audio-alsa-6.2.0-150400.37.17.1.x86_64.rpm qemu-audio-pa-6.2.0-150400.37.17.1.x86_64.rpm qemu-audio-spice-6.2.0-150400.37.17.1.x86_64.rpm qemu-block-curl-6.2.0-150400.37.17.1.x86_64.rpm qemu-block-iscsi-6.2.0-150400.37.17.1.x86_64.rpm qemu-block-rbd-6.2.0-150400.37.17.1.x86_64.rpm qemu-block-ssh-6.2.0-150400.37.17.1.x86_64.rpm qemu-chardev-baum-6.2.0-150400.37.17.1.x86_64.rpm qemu-chardev-spice-6.2.0-150400.37.17.1.x86_64.rpm qemu-guest-agent-6.2.0-150400.37.17.1.x86_64.rpm qemu-hw-display-qxl-6.2.0-150400.37.17.1.x86_64.rpm qemu-hw-display-virtio-gpu-6.2.0-150400.37.17.1.x86_64.rpm qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.17.1.x86_64.rpm qemu-hw-display-virtio-vga-6.2.0-150400.37.17.1.x86_64.rpm qemu-hw-usb-host-6.2.0-150400.37.17.1.x86_64.rpm qemu-hw-usb-redirect-6.2.0-150400.37.17.1.x86_64.rpm qemu-ipxe-1.0.0+-150400.37.17.1.noarch.rpm qemu-ksm-6.2.0-150400.37.17.1.x86_64.rpm qemu-kvm-6.2.0-150400.37.17.1.x86_64.rpm qemu-lang-6.2.0-150400.37.17.1.x86_64.rpm qemu-ui-curses-6.2.0-150400.37.17.1.x86_64.rpm qemu-ui-gtk-6.2.0-150400.37.17.1.x86_64.rpm qemu-ui-opengl-6.2.0-150400.37.17.1.x86_64.rpm qemu-ui-spice-app-6.2.0-150400.37.17.1.x86_64.rpm qemu-ui-spice-core-6.2.0-150400.37.17.1.x86_64.rpm qemu-x86-6.2.0-150400.37.17.1.x86_64.rpm qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.17.1.noarch.rpm qemu-sgabios-8-150400.37.17.1.noarch.rpm qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.17.1.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-2851 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for rdma-core fixes the following issues: - Update to rdma-core v38.3 (bsc#1204271, bsc#1212069) ibacm-38.3-150400.6.3.1.x86_64.rpm iwpmd-38.3-150400.6.3.1.x86_64.rpm libibverbs-utils-38.3-150400.6.3.1.x86_64.rpm librdmacm-utils-38.3-150400.6.3.1.x86_64.rpm rdma-core-38.3-150400.6.3.1.src.rpm rdma-ndd-38.3-150400.6.3.1.x86_64.rpm srp_daemon-38.3-150400.6.3.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-2792 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for mariadb fixes the following issues: - Update to 10.6.14 libmariadbd-devel-10.6.14-150400.3.26.1.x86_64.rpm libmariadbd19-10.6.14-150400.3.26.1.x86_64.rpm mariadb-10.6.14-150400.3.26.1.src.rpm mariadb-10.6.14-150400.3.26.1.x86_64.rpm mariadb-client-10.6.14-150400.3.26.1.x86_64.rpm mariadb-errormessages-10.6.14-150400.3.26.1.noarch.rpm mariadb-tools-10.6.14-150400.3.26.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-2854 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for libvirt fixes the following issues: - Fix potential crash during driver cleanup (bsc#1209861) libvirt-7.1.0-150300.6.38.1.src.rpm libvirt-bash-completion-7.1.0-150300.6.38.1.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-3089 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for xmltooling fixes the following issues: - CVE-2023-36661: Fix server-side request forgery vulnerability (bsc#1212359) libxmltooling-devel-3.1.0-150300.3.3.1.x86_64.rpm libxmltooling-lite9-3.1.0-150300.3.3.1.x86_64.rpm libxmltooling9-3.1.0-150300.3.3.1.x86_64.rpm xmltooling-3.1.0-150300.3.3.1.src.rpm xmltooling-schemas-3.1.0-150300.3.3.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-3468 low SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for python3 fixes the following issue: - Rename sources in preparation of python3.11 (jsc#PED-68) python3-Automat-20.2.0-150400.5.69.noarch.rpm python3-Automat-20.2.0-150400.5.69.src.rpm python3-Twisted-22.2.0-150400.12.32.src.rpm python3-Twisted-22.2.0-150400.12.32.x86_64.rpm python3-evtx-0.5.3b-150400.20.30.noarch.rpm python3-evtx-0.5.3b-150400.20.30.src.rpm python3-incremental-21.3.0-150400.5.69.noarch.rpm python3-incremental-21.3.0-150400.5.69.src.rpm python3-python-slugify-5.0.2-150400.5.69.noarch.rpm python3-python-slugify-5.0.2-150400.5.69.src.rpm python3-text-unidecode-1.3-150400.5.69.noarch.rpm python3-text-unidecode-1.3-150400.5.69.src.rpm python3-typing_extensions-3.10.0.0-150400.7.69.noarch.rpm python3-typing_extensions-3.10.0.0-150400.7.69.src.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-2774 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for vsftpd fixes the following issues: - Fix the documentation of the strict_ssl_read_eof option. The documentation says option would be disabled by default, but it is in fact enabled. [bsc#1200075] - Use valid separator for logrotate config file. [bsc#1192179] vsftpd-3.0.5-150400.3.9.1.src.rpm vsftpd-3.0.5-150400.3.9.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-2823 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for rabbitmq-c fixes the following issues: - CVE-2023-35789: Fixed insecure credentials submission (bsc#1212499). librabbitmq-devel-0.10.0-150300.5.6.1.x86_64.rpm librabbitmq4-0.10.0-150300.5.6.1.x86_64.rpm rabbitmq-c-0.10.0-150300.5.6.1.src.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-3145 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for salt fixes the following issues: Security fixes: - CVE-2023-28370: Fix an open redirect vulnerability in 'StaticFileHandler' under certain configurations (bsc#1211741) Bug fixes: - Prevent error loading 'known_hosts' when '$HOME' is not set (bsc#1210994) - Fix ModuleNotFoundError and other issues raised by salt-support module (bsc#1211591) salt-3006.0-150400.8.37.2.src.rpm True salt-api-3006.0-150400.8.37.2.x86_64.rpm True salt-cloud-3006.0-150400.8.37.2.x86_64.rpm True salt-fish-completion-3006.0-150400.8.37.2.noarch.rpm True salt-master-3006.0-150400.8.37.2.x86_64.rpm True salt-proxy-3006.0-150400.8.37.2.x86_64.rpm True salt-ssh-3006.0-150400.8.37.2.x86_64.rpm True salt-standalone-formulas-configuration-3006.0-150400.8.37.2.x86_64.rpm True salt-syndic-3006.0-150400.8.37.2.x86_64.rpm True SUSE-SLE-Module-Server-Applications-15-SP4-2023-2832 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for squid fixes the following issues: - Move pidfile back to /run/squid.pid (bsc#1210960) squid-5.7-150400.3.9.1.src.rpm squid-5.7-150400.3.9.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-2779 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for system-role-common-criteria, yast2-storage-ng fixes the following issues: system-role-common-criteria was updated to 15.4.2: - Set the encryption password directly from the role dialog (jsc#PED-4166, jsc#PED-4474) yast2-storage-ng was updated to 4.4.44: - Honor encryption settings if they are set into ProductFeatures by the Common Critera role (jsc#PED-4166, jsc#PED-4474). - Prevent setting the volume label for a mounted btrfs or swap (bsc#1211337) system-role-common-criteria-15.4.2-150400.3.6.1.src.rpm system-role-common-criteria-15.4.2-150400.3.6.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-3027 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for libteam fixes the following issues: - Add option to change evaluation logic of multiple link-watchers (jsc#PED-2209) libteam-1.27-150000.4.9.1.src.rpm libteam-tools-1.27-150000.4.9.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-3381 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for scc-hypervisor-collector, python-pyvmomi, virtual-host-gatherer fixes the following issues: scc-hypervisor-collector: - New package for the implementation of Hypervisor Topology Data to SCC (jsc#PED-3623) python-pyvmomi: - Submission to SUSE Linux Enterprise condestream as dependency for `scc-hypervisor-collector` (jsc#PED-3623) virtual-host-gatherer: - Submission to SUSE Linux Enterprise condestream as dependency for `scc-hypervisor-collector` (jsc#PED-3623) python-pyvmomi-6.7.3-150200.3.5.5.src.rpm python3-pyvmomi-6.7.3-150200.3.5.5.noarch.rpm scc-hypervisor-collector-0.1.0~git0.90e575f-150300.7.3.2.noarch.rpm scc-hypervisor-collector-0.1.0~git0.90e575f-150300.7.3.2.src.rpm scc-hypervisor-collector-common-0.1.0~git0.90e575f-150300.7.3.2.noarch.rpm virtual-host-gatherer-1.0.26-150300.7.3.3.noarch.rpm virtual-host-gatherer-1.0.26-150300.7.3.3.src.rpm virtual-host-gatherer-Kubernetes-1.0.26-150300.7.3.3.noarch.rpm virtual-host-gatherer-Libvirt-1.0.26-150300.7.3.3.noarch.rpm virtual-host-gatherer-Nutanix-1.0.26-150300.7.3.3.noarch.rpm virtual-host-gatherer-VMware-1.0.26-150300.7.3.3.noarch.rpm virtual-host-gatherer-libcloud-1.0.26-150300.7.3.3.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-3484 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for bind fixes the following issues: - Add dnstap support (jsc#PED-4852, jsc#PED-4853) - Log named-checkconf output (bsc#1213049) - Update to release 9.16.43 bind-9.16.43-150400.5.34.1.src.rpm bind-9.16.43-150400.5.34.1.x86_64.rpm bind-doc-9.16.43-150400.5.34.1.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-3286 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for util-linux fixes the following issues: - Fix blkid for floppy drives (bsc#1194900) - Fix rpmbuild %checks fail when @ in the directory path (bsc#1194038) util-linux-systemd-2.37.2-150400.8.20.1.src.rpm uuidd-2.37.2-150400.8.20.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-3279 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for 389-ds fixes the following issues: - Update for stability patches (bsc#1213191) - OpenLDAP to 389-ds migration - exclude unsupported attributes (bsc#1210462) - SSSD client performance improvements (bsc#1212726) 389-ds-2.0.17~git71.35ef59e-150400.3.28.1.src.rpm 389-ds-2.0.17~git71.35ef59e-150400.3.28.1.x86_64.rpm 389-ds-devel-2.0.17~git71.35ef59e-150400.3.28.1.x86_64.rpm lib389-2.0.17~git71.35ef59e-150400.3.28.1.x86_64.rpm libsvrcore0-2.0.17~git71.35ef59e-150400.3.28.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-3372 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for rsyslog fixes the following issues: - Fix removal of imfile state files (bsc#1213212) - Fix segfaults in modExit() of imklog.c (bsc#1211757) rsyslog-8.2306.0-150400.5.18.1.src.rpm rsyslog-module-gssapi-8.2306.0-150400.5.18.1.x86_64.rpm rsyslog-module-gtls-8.2306.0-150400.5.18.1.x86_64.rpm rsyslog-module-mmnormalize-8.2306.0-150400.5.18.1.x86_64.rpm rsyslog-module-mysql-8.2306.0-150400.5.18.1.x86_64.rpm rsyslog-module-pgsql-8.2306.0-150400.5.18.1.x86_64.rpm rsyslog-module-relp-8.2306.0-150400.5.18.1.x86_64.rpm rsyslog-module-snmp-8.2306.0-150400.5.18.1.x86_64.rpm rsyslog-module-udpspoof-8.2306.0-150400.5.18.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-2924 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for redis fixes the following issues: - CVE-2022-24834: Fixed heap overflow in the cjson and cmsgpack libraries (bsc#1213193). redis-6.2.6-150400.3.22.1.src.rpm redis-6.2.6-150400.3.22.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-3230 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for cjose fixes the following issues: - CVE-2023-37464: Fixed AES GCM decryption uses the Tag length from the actual Authentication Tag (bsc#1213385). cjose-0.6.1-150100.4.6.1.src.rpm libcjose-devel-0.6.1-150100.4.6.1.x86_64.rpm libcjose0-0.6.1-150100.4.6.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-3340 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for tcmu-runner fixes the following issues: - Adjust handler path to RPM macros (bsc#1212636) libtcmu2-1.5.4-150400.3.3.1.x86_64.rpm tcmu-runner-1.5.4-150400.3.3.1.src.rpm tcmu-runner-1.5.4-150400.3.3.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-3231 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update ships grpc to the Basesystem module, as dependency for open-vm-tools container info plugin. (jsc#PED-4509) grpc-1.25.0-150200.3.7.1.src.rpm libgrpc++1-1.25.0-150200.3.7.1.x86_64.rpm libgrpc8-1.25.0-150200.3.7.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-3101 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for rmt-server fixes the following issues: - Version 2.14 - Add command 'rmt-cli clean packages', which removes dangling packages no longer referenced in the available metadata files and their database entries. (gh#662) - Fix the SUSE Liberty registration script to allow registering with RMT servers that self-sign certificates and enable both old and new singing keys for SLL8 (bsc#1209825) - Fix a regression in the local import of packages with special characters (bsc#1213002) rmt-server-2.14-150400.3.15.1.src.rpm rmt-server-2.14-150400.3.15.1.x86_64.rpm rmt-server-config-2.14-150400.3.15.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-3275 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for apparmor fixes the following issues: - Add pam_apparmor README (bsc#1213472) apache2-mod_apparmor-3.0.4-150400.5.6.1.x86_64.rpm apparmor-3.0.4-150400.5.6.1.src.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-3335 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for ipmitool fixes the following issues: - ipmitool duplicates the timestamp (bsc#1213390) ipmitool-1.8.18.238.gb7adc1d-150400.3.3.1.src.rpm ipmitool-bmc-snmp-proxy-1.8.18.238.gb7adc1d-150400.3.3.1.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-3234 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for qemu fixes the following issues: - CVE-2023-2861: Fixed improper access control on special files in 9pfs (bsc#1212968). - CVE-2023-3301: Fixed NULL pointer dereference in vhost_vdpa_get_vhost_net() (bsc#1213414). - CVE-2023-3255: Fixed infinite loop in inflate_buffer() leads to denial of service (bsc#1213001). qemu-6.2.0-150400.37.20.1.src.rpm qemu-6.2.0-150400.37.20.1.x86_64.rpm qemu-accel-tcg-x86-6.2.0-150400.37.20.1.x86_64.rpm qemu-audio-alsa-6.2.0-150400.37.20.1.x86_64.rpm qemu-audio-pa-6.2.0-150400.37.20.1.x86_64.rpm qemu-audio-spice-6.2.0-150400.37.20.1.x86_64.rpm qemu-block-curl-6.2.0-150400.37.20.1.x86_64.rpm qemu-block-iscsi-6.2.0-150400.37.20.1.x86_64.rpm qemu-block-rbd-6.2.0-150400.37.20.1.x86_64.rpm qemu-block-ssh-6.2.0-150400.37.20.1.x86_64.rpm qemu-chardev-baum-6.2.0-150400.37.20.1.x86_64.rpm qemu-chardev-spice-6.2.0-150400.37.20.1.x86_64.rpm qemu-guest-agent-6.2.0-150400.37.20.1.x86_64.rpm qemu-hw-display-qxl-6.2.0-150400.37.20.1.x86_64.rpm qemu-hw-display-virtio-gpu-6.2.0-150400.37.20.1.x86_64.rpm qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.20.1.x86_64.rpm qemu-hw-display-virtio-vga-6.2.0-150400.37.20.1.x86_64.rpm qemu-hw-usb-host-6.2.0-150400.37.20.1.x86_64.rpm qemu-hw-usb-redirect-6.2.0-150400.37.20.1.x86_64.rpm qemu-ipxe-1.0.0+-150400.37.20.1.noarch.rpm qemu-ksm-6.2.0-150400.37.20.1.x86_64.rpm qemu-kvm-6.2.0-150400.37.20.1.x86_64.rpm qemu-lang-6.2.0-150400.37.20.1.x86_64.rpm qemu-ui-curses-6.2.0-150400.37.20.1.x86_64.rpm qemu-ui-gtk-6.2.0-150400.37.20.1.x86_64.rpm qemu-ui-opengl-6.2.0-150400.37.20.1.x86_64.rpm qemu-ui-spice-app-6.2.0-150400.37.20.1.x86_64.rpm qemu-ui-spice-core-6.2.0-150400.37.20.1.x86_64.rpm qemu-x86-6.2.0-150400.37.20.1.x86_64.rpm qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.20.1.noarch.rpm qemu-sgabios-8-150400.37.20.1.noarch.rpm qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.20.1.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-3363 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for krb5 fixes the following issues: - CVE-2023-36054: Fixed a DoS that could be triggered by an authenticated remote user. (bsc#1214054) krb5-1.19.2-150400.3.6.1.src.rpm krb5-plugin-kdb-ldap-1.19.2-150400.3.6.1.x86_64.rpm krb5-server-1.19.2-150400.3.6.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-3347 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for postgresql15 fixes the following issues: - Update to 15.4 - CVE-2023-39417: Fixed potential SQL injection for trusted extensions. (bsc#1214059) - CVE-2023-39418: Fix MERGE to enforce row security. (bsc#1214061) libecpg6-15.4-150200.5.12.1.x86_64.rpm postgresql15-15.4-150200.5.12.1.src.rpm postgresql15-contrib-15.4-150200.5.12.1.x86_64.rpm postgresql15-devel-15.4-150200.5.12.1.x86_64.rpm postgresql15-docs-15.4-150200.5.12.1.noarch.rpm postgresql15-plperl-15.4-150200.5.12.1.x86_64.rpm postgresql15-plpython-15.4-150200.5.12.1.x86_64.rpm postgresql15-pltcl-15.4-150200.5.12.1.x86_64.rpm postgresql15-server-15.4-150200.5.12.1.x86_64.rpm postgresql15-server-devel-15.4-150200.5.12.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-3348 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for postgresql15 fixes the following issues: - Update to 14.9 - CVE-2023-39417: Fixed potential SQL injection for trusted extensions. (bsc#1214059) postgresql14-14.9-150200.5.29.1.src.rpm postgresql14-contrib-14.9-150200.5.29.1.x86_64.rpm postgresql14-devel-14.9-150200.5.29.1.x86_64.rpm postgresql14-docs-14.9-150200.5.29.1.noarch.rpm postgresql14-plperl-14.9-150200.5.29.1.x86_64.rpm postgresql14-plpython-14.9-150200.5.29.1.x86_64.rpm postgresql14-pltcl-14.9-150200.5.29.1.x86_64.rpm postgresql14-server-14.9-150200.5.29.1.x86_64.rpm postgresql14-server-devel-14.9-150200.5.29.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-3401 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for erlang fixes the following issues: - Replaced the CVE-2022-37026 patch with the one released by the upstream to fix a regression in the previous one. (bsc#1205318) erlang-22.3-150300.3.8.1.src.rpm erlang-22.3-150300.3.8.1.x86_64.rpm erlang-epmd-22.3-150300.3.8.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-3395 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for xen fixes the following issues: - CVE-2023-20569: Fixed side channel attack Inception or RAS Poisoning. (bsc#1214082, XSA-434) - CVE-2022-40982: Fixed transient execution attack called "Gather Data Sampling". (bsc#1214083, XSA-435) - CVE-2023-20593: Fixed a ZenBleed issue in "Zen 2" CPUs that could allow an attacker to potentially access sensitive information. (bsc#1213616, XSA-433) xen-4.16.5_02-150400.4.31.1.src.rpm xen-4.16.5_02-150400.4.31.1.x86_64.rpm xen-devel-4.16.5_02-150400.4.31.1.x86_64.rpm xen-tools-4.16.5_02-150400.4.31.1.x86_64.rpm xen-tools-xendomains-wait-disk-4.16.5_02-150400.4.31.1.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-3412 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for 389-ds fixes the following issues: - SSSD client performance improvements (bsc#1212726) - Update to version 2.0.17~git81.849cc42 389-ds-2.0.17~git81.849cc42-150400.3.31.1.src.rpm 389-ds-2.0.17~git81.849cc42-150400.3.31.1.x86_64.rpm 389-ds-devel-2.0.17~git81.849cc42-150400.3.31.1.x86_64.rpm lib389-2.0.17~git81.849cc42-150400.3.31.1.x86_64.rpm libsvrcore0-2.0.17~git81.849cc42-150400.3.31.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-3979 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for mariadb fixes the following issues: - Update mariadb to 10.6.15: https://mariadb.com/kb/en/mariadb-10-6-15-release-notes/ https://mariadb.com/kb/en/mariadb-10-6-15-changelog/ libmariadbd-devel-10.6.15-150400.3.29.3.x86_64.rpm libmariadbd19-10.6.15-150400.3.29.3.x86_64.rpm mariadb-10.6.15-150400.3.29.3.src.rpm mariadb-10.6.15-150400.3.29.3.x86_64.rpm mariadb-client-10.6.15-150400.3.29.3.x86_64.rpm mariadb-errormessages-10.6.15-150400.3.29.3.noarch.rpm mariadb-tools-10.6.15-150400.3.29.3.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-3863 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for salt fixes the following issues: Security issues fixed: - CVE-2023-20897: Fixed DOS in minion return. (bsc#1214796, bsc#1213441) - CVE-2023-20898: Fixed Git Providers can read from the wrong environment because they get the same cache directory base name. (bsc#1214797, bsc#1193948) Bugs fixed: - Create minion_id with reproducible mtime - Fix broken tests to make them running in the testsuite - Fix detection of Salt codename by "salt_version" execution module - Fix inconsistency in reported version by egg-info metadata (bsc#1215489) - Fix regression: multiple values for keyword argument 'saltenv' (bsc#1212844) - Fix the regression of user.present state when group is unset (bsc#1212855) - Fix utf8 handling in 'pass' renderer and make it more robust - Fix zypper repositories always being reconfigured - Make sure configured user is properly set by Salt (bsc#1210994) - Prevent possible exceptions on salt.utils.user.get_group_dict (bsc#1212794) - Revert usage of long running REQ channel to prevent possible missing responses on requests and duplicated responses (bsc#1213960, bsc#1213630, bsc#1213257) salt-3006.0-150400.8.44.1.src.rpm True salt-api-3006.0-150400.8.44.1.x86_64.rpm True salt-cloud-3006.0-150400.8.44.1.x86_64.rpm True salt-fish-completion-3006.0-150400.8.44.1.noarch.rpm True salt-master-3006.0-150400.8.44.1.x86_64.rpm True salt-proxy-3006.0-150400.8.44.1.x86_64.rpm True salt-ssh-3006.0-150400.8.44.1.x86_64.rpm True salt-standalone-formulas-configuration-3006.0-150400.8.44.1.x86_64.rpm True salt-syndic-3006.0-150400.8.44.1.x86_64.rpm True SUSE-SLE-Module-Server-Applications-15-SP4-2023-3762 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for frr fixes the following issues: - CVE-2023-38802: Fixed bad length handling when processing BGP attributes. (bsc#1213284) - CVE-2023-41358: Fixed a possible crash when processing NLRIs with an attribute length of zero. (bsc#1214735) - CVE-2023-41909: Fixed NULL pointer dereference due to processing in bgp_nlri_parse_flowspec (bsc#1215065). frr-7.4-150300.4.17.1.src.rpm frr-7.4-150300.4.17.1.x86_64.rpm frr-devel-7.4-150300.4.17.1.x86_64.rpm libfrr0-7.4-150300.4.17.1.x86_64.rpm libfrr_pb0-7.4-150300.4.17.1.x86_64.rpm libfrrcares0-7.4-150300.4.17.1.x86_64.rpm libfrrfpm_pb0-7.4-150300.4.17.1.x86_64.rpm libfrrgrpc_pb0-7.4-150300.4.17.1.x86_64.rpm libfrrospfapiclient0-7.4-150300.4.17.1.x86_64.rpm libfrrsnmp0-7.4-150300.4.17.1.x86_64.rpm libfrrzmq0-7.4-150300.4.17.1.x86_64.rpm libmlag_pb0-7.4-150300.4.17.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-3856 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for apparmor fixes the following issues: - Update zgrep profile to allow egrep helper use (bsc#1214458) apache2-mod_apparmor-3.0.4-150400.5.9.1.x86_64.rpm apparmor-3.0.4-150400.5.9.1.src.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-4195 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for mariadb-connector-c fixes the following issues: - Update to release 3.1.21: * https://mariadb.com/kb/en/mariadb-connector-c-3-1-21-release-notes/ * https://mariadb.com/kb/en/mariadb-connector-c-3-1-20-release-notes/ * https://mariadb.com/kb/en/mariadb-connector-c-3-1-19-release-notes/ * https://mariadb.com/kb/en/mariadb-connectorc-3-1-18-release-notes/ * https://mariadb.com/kb/en/mariadb-connector-c-3117-release-notes/ * https://mariadb.com/kb/en/mariadb-connector-c-3116-release-notes/ * https://mariadb.com/kb/en/mariadb-connector-c-3115-release-notes/ * https://mariadb.com/kb/en/mariadb-connector-c-3114-release-notes/ libmariadb-devel-3.1.21-150000.3.33.3.x86_64.rpm libmariadb_plugins-3.1.21-150000.3.33.3.x86_64.rpm mariadb-connector-c-3.1.21-150000.3.33.3.src.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-3737 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for bind fixes the following issues: Update to release 9.16.44: - CVE-2023-3341: Fixed stack exhaustion flaw in control channel code may cause named to terminate unexpectedly (bsc#1215472). bind-9.16.44-150400.5.37.2.src.rpm bind-9.16.44-150400.5.37.2.x86_64.rpm bind-doc-9.16.44-150400.5.37.2.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-3945 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for postfix fixes the following issues: Security fixes: - CVE-2023-32182: Fixed config_postfix SUSE specific script using potentially bad /tmp file (bsc#1211196). Other fixes: - postfix: config.postfix causes too tight permission on main.cf (bsc#1215372). postfix-3.5.9-150300.5.12.2.src.rpm postfix-mysql-3.5.9-150300.5.12.2.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-3832 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for xen fixes the following issues: - CVE-2023-20588: Fixed AMD CPU transitional execution leak via division by zero (XSA-439) (bsc#1215474). - CVE-2023-34322: Fixed top-level shadow reference dropped too early for 64-bit PV guests (XSA-438) (bsc#1215145). xen-4.16.5_04-150400.4.34.1.src.rpm True xen-4.16.5_04-150400.4.34.1.x86_64.rpm True xen-devel-4.16.5_04-150400.4.34.1.x86_64.rpm True xen-tools-4.16.5_04-150400.4.34.1.x86_64.rpm True xen-tools-xendomains-wait-disk-4.16.5_04-150400.4.34.1.noarch.rpm True SUSE-SLE-Module-Server-Applications-15-SP4-2023-4140 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for grub2 fixes the following issues: Security fixes: - CVE-2023-4692: Fixed an out-of-bounds write at fs/ntfs.c which may lead to unsigned code execution. (bsc#1215935) - CVE-2023-4693: Fixed an out-of-bounds read at fs/ntfs.c which may lead to leak sensitive information. (bsc#1215936) Other fixes: - Fix a boot delay issue in PowerPC PXE boot (bsc#1201300) grub2-2.06-150400.11.38.1.src.rpm grub2-x86_64-xen-2.06-150400.11.38.1.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-3839 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for quagga fixes the following issues: - CVE-2023-38802: Fixed bad length handling in BGP attribute handling (bsc#1213284). - CVE-2023-41358: Fixed possible crash when processing NLRIs if the attribute length is zero (bsc#1214735). libfpm_pb0-1.1.1-150400.12.5.1.x86_64.rpm libospf0-1.1.1-150400.12.5.1.x86_64.rpm libospfapiclient0-1.1.1-150400.12.5.1.x86_64.rpm libquagga_pb0-1.1.1-150400.12.5.1.x86_64.rpm libzebra1-1.1.1-150400.12.5.1.x86_64.rpm quagga-1.1.1-150400.12.5.1.src.rpm quagga-1.1.1-150400.12.5.1.x86_64.rpm quagga-devel-1.1.1-150400.12.5.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-4128 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for sca-patterns-base, sca-patterns-sle11, sca-patterns-sle12, sca-patterns-sle15, sca-server-report fixes the following issues: sca-patterns-base was updated to version 1.5.2: + Fixed scatool email failure with python3 (bsc#1192315) + Allow batch mode that does not have progress bar issue#13 (pr#14) + Added quiet and debug modes issue#11 sca-patterns-sle11 was updated to version 1.5.2 + Fixed SUSE.getRpmInfo to find the correct rpm.txt section (bsc#1210908) + Changes to python/SUSE.py version 1.0.1 - Changed name from getScInfo to getSCInfo - Fixed getSCInfo error on basic-environment.txt (bsc#1205826) - Updated SLES version constants Changes to version 1.5.1 + Fixed UnicodeDecodeError when reading files (bsc#1204723) Changes in version 1.5.5 - New patterns (2) (bsc#1214837): + sle15sp4/kabi-000021148.py: Pattern for TID000021148 + sle15sp5/vmwgfx-000021151.py: Pattern for TID000021151 - New security announcement patterns as of Aug 2023 (140). - New security announcement patterns as of May 2023 (881). Changes in version 1.5.3 - New regular patterns (3) + sle15sp2/freeused-000020894.py: Pattern for TID000020894 + sle15sp3/freeused-000020894.py: Pattern for TID000020894 + sle15sp4/freeused-000020894.py: Pattern for TID000020894 Changes in version 1.5.3 - Updated category in btrfsmaster-000018779.py (bsc#1188138) - sle15all/bhc-kernelload-00001.py fixed divison by zero (bsc#1204721) - sle15all/lvmsnapshot-000019858.py KeyError (bsc#1204724) - New regular patterns (7) + sle15all/vimerr-000020735.py: Pattern for TID000020735 + sle15all/nmiconfig-000020754.py: Pattern for TID000020754 + sle15sp2/kmpdracut-000020799.py: Pattern for TID000020799 + sle15sp3/kmpdracut-000020799.py: Pattern for TID000020799 + sle15sp3/sssdad-000020793.py: Pattern for TID000020793 + sle15sp4/drbdresdir-000020749.py: Pattern for TID000020749 + sle15sp4/sssdad-000020793.py: Pattern for TID000020793 - New security announcement patterns (1426) Additional patterns in version 1.5.2 + sle15all/azurenetaccel-000020694.py: Azure Accelerated Networking fails (bsc#1201522) + sle15all/traceprintk-000020680.py: trace_printk() Messages in System Logs (bsc#1201523) Changes in version 1.5.2 + Check setup-sca php version mismatch (bsc#1201011) + SCA schema pattern check (tid#000020689) + kernel crashes at nfs4_get_valid_delegation (tid#000020688) Changes in version 1.5.1 + IRQ vectory affinity issue + TID000020653 NFS mount attempt with vers=n returns invalid argument or incorrect mount option Changes in version 1.5.5 - New security announcement patterns as of Aug 2023 (159) (bsc#1214837): - New security announcement patterns as of May 2023 (543). Changes in version 1.5.3 - Updated category in btrfsmaster-000018779.py (bsc#1188138) - Fixed invalid link in lvm-00003.pl (bsc#1186148) - Removed invalid pattern dst-00001.pl (bsc#1188137) - Removed or fixed patterns with no valid solution links (bsc#1204772) - New regular patterns (1) + sle12all/nmiconfig-000020754.py: Pattern for TID000020754 - New security announcement patterns (831) Additional patterns in version 1.5.2 + sle12all/azurenetaccel-000020694.py: Azure Accelerated Networking fails (bsc#1201522) + sle12all/traceprintk-000020680.py: trace_printk() Messages in System Logs (bsc#1201523) Changes in version 1.5.2 + SCA schema pattern check Changes in version 1.5.3 - New security announcement patterns as of Aug 2023 (12) (bsc#1214837) Changes in version 1.5.2 - New security announcement patterns (14) Changes in version 1.5.2 - Fixed sca-patterns-sle11 invalid solution links (bsc#1204776) sca-patterns-base-1.5.2-150400.3.3.1.noarch.rpm sca-patterns-base-1.5.2-150400.3.3.1.src.rpm sca-patterns-sle11-1.5.3-150400.3.3.1.noarch.rpm sca-patterns-sle11-1.5.3-150400.3.3.1.src.rpm sca-patterns-sle12-1.5.5-150400.3.3.1.noarch.rpm sca-patterns-sle12-1.5.5-150400.3.3.1.src.rpm sca-patterns-sle15-1.5.5-150400.3.3.1.noarch.rpm sca-patterns-sle15-1.5.5-150400.3.3.1.src.rpm sca-server-report-1.5.2-150400.3.3.1.noarch.rpm sca-server-report-1.5.2-150400.3.3.1.src.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-4552 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for libteam fixes the following issues: - Document ARP Ping link_watch.vlanid option in teamd.conf man page (bsc#1215527) libteam-1.27-150000.4.12.1.src.rpm libteam-tools-1.27-150000.4.12.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-4109 critical SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for erlang fixes the following issues: - Updated to version 23.3.4.19 (jsc#PED-6209): - CVE-2022-37026: Complete a previous insufficient fix for an authentication bypass (bsc#1205318). erlang-23.3.4.19-150300.3.11.1.src.rpm erlang-23.3.4.19-150300.3.11.1.x86_64.rpm erlang-epmd-23.3.4.19-150300.3.11.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-4056 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for qemu fixes the following issues: - CVE-2023-3180: Fixed a buffer overflow in the virtio-crypto device (bsc#1213925). - CVE-2021-3750: Fixed a DMA reentrancy in the USB EHCI device that could lead to use-after-free (bsc#1190011). - CVE-2021-3638: Fixed a buffer overflow in the ati-vga device (bsc#1188609). - CVE-2023-3354: Fixed an issue when performing a TLS handshake that could lead to remote denial of service via VNC connection (bsc#1212850). - CVE-2023-0330: Fixed a DMA reentrancy issue in the lsi53c895a device that could lead to a stack overflow (bsc#1207205). Non-security fixes: - Fixed a potential build issue in the librm subcomponent (bsc#1215311). - Fixed a potential crash during VM migration (bsc#1213663). - Fixed potential issues during installation on a Xen host (bsc#1179993, bsc#1181740). qemu-6.2.0-150400.37.23.1.src.rpm qemu-6.2.0-150400.37.23.1.x86_64.rpm qemu-accel-tcg-x86-6.2.0-150400.37.23.1.x86_64.rpm qemu-audio-alsa-6.2.0-150400.37.23.1.x86_64.rpm qemu-audio-pa-6.2.0-150400.37.23.1.x86_64.rpm qemu-audio-spice-6.2.0-150400.37.23.1.x86_64.rpm qemu-block-curl-6.2.0-150400.37.23.1.x86_64.rpm qemu-block-iscsi-6.2.0-150400.37.23.1.x86_64.rpm qemu-block-rbd-6.2.0-150400.37.23.1.x86_64.rpm qemu-block-ssh-6.2.0-150400.37.23.1.x86_64.rpm qemu-chardev-baum-6.2.0-150400.37.23.1.x86_64.rpm qemu-chardev-spice-6.2.0-150400.37.23.1.x86_64.rpm qemu-guest-agent-6.2.0-150400.37.23.1.x86_64.rpm qemu-hw-display-qxl-6.2.0-150400.37.23.1.x86_64.rpm qemu-hw-display-virtio-gpu-6.2.0-150400.37.23.1.x86_64.rpm qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.23.1.x86_64.rpm qemu-hw-display-virtio-vga-6.2.0-150400.37.23.1.x86_64.rpm qemu-hw-usb-host-6.2.0-150400.37.23.1.x86_64.rpm qemu-hw-usb-redirect-6.2.0-150400.37.23.1.x86_64.rpm qemu-ipxe-1.0.0+-150400.37.23.1.noarch.rpm qemu-ksm-6.2.0-150400.37.23.1.x86_64.rpm qemu-kvm-6.2.0-150400.37.23.1.x86_64.rpm qemu-lang-6.2.0-150400.37.23.1.x86_64.rpm qemu-ui-curses-6.2.0-150400.37.23.1.x86_64.rpm qemu-ui-gtk-6.2.0-150400.37.23.1.x86_64.rpm qemu-ui-opengl-6.2.0-150400.37.23.1.x86_64.rpm qemu-ui-spice-app-6.2.0-150400.37.23.1.x86_64.rpm qemu-ui-spice-core-6.2.0-150400.37.23.1.x86_64.rpm qemu-x86-6.2.0-150400.37.23.1.x86_64.rpm qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.23.1.noarch.rpm qemu-sgabios-8-150400.37.23.1.noarch.rpm qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.23.1.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-4055 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for xen fixes the following issues: - CVE-2023-34323: A transaction conflict can crash C Xenstored (XSA-440, bsc#1215744) - CVE-2023-34326: Missing IOMMU TLB flushing (XSA-442, bsc#1215746) - CVE-2023-34325: Multiple vulnerabilities in libfsimage disk handling (XSA-443, bsc#1215747) - CVE-2023-34327: Debug Mask handling (XSA-444, bsc#1215748) - CVE-2023-34328: Debug Mask handling (XSA-444, bsc#1215748) xen-4.16.5_06-150400.4.37.1.src.rpm xen-4.16.5_06-150400.4.37.1.x86_64.rpm xen-devel-4.16.5_06-150400.4.37.1.x86_64.rpm xen-tools-4.16.5_06-150400.4.37.1.x86_64.rpm xen-tools-xendomains-wait-disk-4.16.5_06-150400.4.37.1.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-4460 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for rsyslog fixes the following issue: - fix rsyslog crash in imrelp (bsc#1210286) rsyslog-8.2306.0-150400.5.21.1.src.rpm rsyslog-module-gssapi-8.2306.0-150400.5.21.1.x86_64.rpm rsyslog-module-gtls-8.2306.0-150400.5.21.1.x86_64.rpm rsyslog-module-mmnormalize-8.2306.0-150400.5.21.1.x86_64.rpm rsyslog-module-mysql-8.2306.0-150400.5.21.1.x86_64.rpm rsyslog-module-pgsql-8.2306.0-150400.5.21.1.x86_64.rpm rsyslog-module-relp-8.2306.0-150400.5.21.1.x86_64.rpm rsyslog-module-snmp-8.2306.0-150400.5.21.1.x86_64.rpm rsyslog-module-udpspoof-8.2306.0-150400.5.21.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-4387 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for salt fixes the following issues: Security issues fixed: - CVE-2023-34049: arbitrary code execution via symlink attack (bsc#1215157) Bugs fixed: - Fix optimization_order opt to prevent testsuite fails - Improve salt.utils.json.find_json to avoid fails (bsc#1213293) - Use salt-call from salt bundle with transactional_update - Only call native_str on curl_debug message in tornado when needed - Implement the calling for batch async from the salt CLI - Fix calculation of SLS context vars when trailing dots on targetted sls/state (bsc#1213518) - Rename salt-tests to python3-salt-testsuite - Allow all primitive grain types for autosign_grains (bsc#1214477) salt-3006.0-150400.8.49.2.src.rpm True salt-api-3006.0-150400.8.49.2.x86_64.rpm True salt-cloud-3006.0-150400.8.49.2.x86_64.rpm True salt-fish-completion-3006.0-150400.8.49.2.noarch.rpm True salt-master-3006.0-150400.8.49.2.x86_64.rpm True salt-proxy-3006.0-150400.8.49.2.x86_64.rpm True salt-ssh-3006.0-150400.8.49.2.x86_64.rpm True salt-standalone-formulas-configuration-3006.0-150400.8.49.2.x86_64.rpm True salt-syndic-3006.0-150400.8.49.2.x86_64.rpm True SUSE-SLE-Module-Server-Applications-15-SP4-2023-4897 low SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for openslp bumps the version number to ensure a clean upgrade path from SLE-12 to SLE-15. This is a no-change rebuild of the packages already available in SLE-15. openslp-2.0.0-150000.6.17.1.src.rpm openslp-server-2.0.0-150000.6.17.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-4673 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for patterns-server-enterprise fixes the following issue: - [aarch64] install system with all patterns, nothing provides 'sapconf' when installing 'sap_server'. (bsc#1214811) patterns-server-enterprise-20171206-150100.12.9.1.src.rpm patterns-server-enterprise-oracle_server-20171206-150100.12.9.1.x86_64.rpm patterns-server-enterprise-oracle_server-32bit-20171206-150100.12.9.1.x86_64.rpm patterns-server-enterprise-sap_server-20230902-150100.12.9.1.x86_64.rpm patterns-server-enterprise-sap_server-32bit-20171206-150100.12.9.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-4290 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for redis fixes the following issues: - CVE-2023-45145: Fixed a potential permission bypass due to a race condition during UNIX socket creation (bsc#1216376). redis-6.2.6-150400.3.25.1.src.rpm redis-6.2.6-150400.3.25.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2024-106 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for postgresql, postgresql15, postgresql16 fixes the following issues: This update ships postgresql 16. Security issues fixed: * CVE-2023-5868: Fix handling of unknown-type arguments in DISTINCT "any" aggregate functions. This error led to a text-type value being interpreted as an unknown-type value (that is, a zero-terminated string) at runtime. This could result in disclosure of server memory following the text value. (bsc#1216962) * CVE-2023-5869: Detect integer overflow while computing new array dimensions. When assigning new elements to array subscripts that are outside the current array bounds, an undetected integer overflow could occur in edge cases. Memory stomps that are potentially exploitable for arbitrary code execution are possible, and so is disclosure of server memory. (bsc#1216961) * CVE-2023-5870: Prevent the pg_signal_backend role from signalling background workers and autovacuum processes. The documentation says that pg_signal_backend cannot issue signals to superuser-owned processes. It was able to signal these background processes, though, because they advertise a role OID of zero. Treat that as indicating superuser ownership. The security implications of cancelling one of these process types are fairly small so far as the core code goes (we'll just start another one), but extensions might add background workers that are more vulnerable. Also ensure that the is_superuser parameter is set correctly in such processes. No specific security consequences are known for that oversight, but it might be significant for some extensions. (bsc#1216960) Changes in postgresql16: - Upgrade to 16.1: * https://www.postgresql.org/about/news/2715 * https://www.postgresql.org/docs/16/release-16.html * https://www.postgresql.org/docs/16/release-16-1.html - Overhaul postgresql-README.SUSE and move it from the binary package to the noarch wrapper package. - Change the unix domain socket location from /var/run to /run. Changes in postgresql15: - Update to 15.5 https://www.postgresql.org/docs/15/release-15-5.html - The libs and mini package are now provided by postgresql16. - Overhaul postgresql-README.SUSE and move it from the binary package to the noarch wrapper package. - Change the unix domain socket location from /var/run to /run. Changes in postgresql: - Interlock version and release of all noarch packages except for the postgresql-docs. - bsc#1122892: Add a sysconfig variable for initdb. - Overhaul postgresql-README.SUSE and move it from the binary package to the noarch wrapper package. - bsc#1179231: Add an explanation for the /tmp -> /run/postgresql move and permission change. - Add postgresql-README as a separate source file. - bsc#1209208: Drop hard dependency on systemd - bsc#1206796: Refine the distinction of where to use sysusers and use bcond to have the expression only in one place. libecpg6-16.1-150200.5.7.1.x86_64.rpm postgresql-16-150400.4.9.2.src.rpm postgresql-contrib-16-150400.4.9.2.noarch.rpm postgresql-devel-16-150400.4.9.2.noarch.rpm postgresql-docs-16-150400.4.9.2.noarch.rpm postgresql-plperl-16-150400.4.9.2.noarch.rpm postgresql-plpython-16-150400.4.9.2.noarch.rpm postgresql-pltcl-16-150400.4.9.2.noarch.rpm postgresql-server-16-150400.4.9.2.noarch.rpm postgresql-server-devel-16-150400.4.9.2.noarch.rpm postgresql15-15.5-150200.5.19.1.src.rpm postgresql15-contrib-15.5-150200.5.19.1.x86_64.rpm postgresql15-devel-15.5-150200.5.19.1.x86_64.rpm postgresql15-docs-15.5-150200.5.19.1.noarch.rpm postgresql15-plperl-15.5-150200.5.19.1.x86_64.rpm postgresql15-plpython-15.5-150200.5.19.1.x86_64.rpm postgresql15-pltcl-15.5-150200.5.19.1.x86_64.rpm postgresql15-server-15.5-150200.5.19.1.x86_64.rpm postgresql15-server-devel-15.5-150200.5.19.1.x86_64.rpm postgresql16-16.1-150200.5.7.1.src.rpm postgresql16-contrib-16.1-150200.5.7.1.x86_64.rpm postgresql16-devel-16.1-150200.5.7.1.x86_64.rpm postgresql16-docs-16.1-150200.5.7.1.noarch.rpm postgresql16-plperl-16.1-150200.5.7.1.x86_64.rpm postgresql16-plpython-16.1-150200.5.7.1.x86_64.rpm postgresql16-pltcl-16.1-150200.5.7.1.x86_64.rpm postgresql16-server-16.1-150200.5.7.1.x86_64.rpm postgresql16-server-devel-16.1-150200.5.7.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-4479 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for postgresql14 fixes the following issues: Security issues fixed: * CVE-2023-5868: Fix handling of unknown-type arguments in DISTINCT "any" aggregate functions. This error led to a text-type value being interpreted as an unknown-type value (that is, a zero-terminated string) at runtime. This could result in disclosure of server memory following the text value. (bsc#1216962) * CVE-2023-5869: Detect integer overflow while computing new array dimensions. When assigning new elements to array subscripts that are outside the current array bounds, an undetected integer overflow could occur in edge cases. Memory stomps that are potentially exploitable for arbitrary code execution are possible, and so is disclosure of server memory. (bsc#1216961) * CVE-2023-5870: Prevent the pg_signal_backend role from signalling background workers and autovacuum processes. The documentation says that pg_signal_backend cannot issue signals to superuser-owned processes. It was able to signal these background processes, though, because they advertise a role OID of zero. Treat that as indicating superuser ownership. The security implications of cancelling one of these process types are fairly small so far as the core code goes (we'll just start another one), but extensions might add background workers that are more vulnerable. Also ensure that the is_superuser parameter is set correctly in such processes. No specific security consequences are known for that oversight, but it might be significant for some extensions. (bsc#1216960) - update to 14.10: https://www.postgresql.org/docs/14/release-14-10.html - Overhaul postgresql-README.SUSE and move it from the binary package to the noarch wrapper package. - Change the unix domain socket location from /var/run to /run. postgresql14-14.10-150200.5.36.1.src.rpm postgresql14-contrib-14.10-150200.5.36.1.x86_64.rpm postgresql14-devel-14.10-150200.5.36.1.x86_64.rpm postgresql14-docs-14.10-150200.5.36.1.noarch.rpm postgresql14-plperl-14.10-150200.5.36.1.x86_64.rpm postgresql14-plpython-14.10-150200.5.36.1.x86_64.rpm postgresql14-pltcl-14.10-150200.5.36.1.x86_64.rpm postgresql14-server-14.10-150200.5.36.1.x86_64.rpm postgresql14-server-devel-14.10-150200.5.36.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-4430 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for apache2 fixes the following issues: - CVE-2023-31122: Fixed an out of bounds read in mod_macro (bsc#1216424). Non-security fixes: - Fixed the content type handling in mod_proxy_http2 (bsc#1214357). - Fixed a floating point exception crash (bsc#1207399). apache2-2.4.51-150400.6.14.1.src.rpm apache2-devel-2.4.51-150400.6.14.1.x86_64.rpm apache2-doc-2.4.51-150400.6.14.1.noarch.rpm apache2-worker-2.4.51-150400.6.14.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-4483 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for frr fixes the following issues: - CVE-2023-46752: Fixed denial of service caused by mishandling malformed MP_REACH_NLRI data (bsc#1216627). - CVE-2023-46753: Fixed denial of service caused by crafted BGP UPDATE messages (bsc#1216626). frr-7.4-150300.4.20.1.src.rpm frr-7.4-150300.4.20.1.x86_64.rpm frr-devel-7.4-150300.4.20.1.x86_64.rpm libfrr0-7.4-150300.4.20.1.x86_64.rpm libfrr_pb0-7.4-150300.4.20.1.x86_64.rpm libfrrcares0-7.4-150300.4.20.1.x86_64.rpm libfrrfpm_pb0-7.4-150300.4.20.1.x86_64.rpm libfrrgrpc_pb0-7.4-150300.4.20.1.x86_64.rpm libfrrospfapiclient0-7.4-150300.4.20.1.x86_64.rpm libfrrsnmp0-7.4-150300.4.20.1.x86_64.rpm libfrrzmq0-7.4-150300.4.20.1.x86_64.rpm libmlag_pb0-7.4-150300.4.20.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-4380 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for squid fixes the following issues: - CVE-2023-46846: Request/Response smuggling in HTTP/1.1 and ICAP (bsc#1216500). - CVE-2023-46847: Denial of Service in HTTP Digest Authentication (bsc#1216495). - CVE-2023-46724: Fix validation of certificates with CN=* (bsc#1216803). - CVE-2023-46848: Denial of Service in FTP (bsc#1216498). squid-5.7-150400.3.12.1.src.rpm squid-5.7-150400.3.12.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-4618 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for orarun fixes the following issues: - Fixed 'grep: oracle: No such file or directory' error during oracle user login with csh/tcsh (/etc/profile.d/oracle.csh) (bsc#1216566) orarun-2.1-150400.22.3.1.src.rpm orarun-2.1-150400.22.3.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-4477 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for grub2 fixes the following issues: - Fix failure to identify recent ext4 filesystem (bsc#1216010) - Fix reading files from btrfs with "implicit" holes - Fix fadump not working with 1GB/2GB/4GB LMB[P10] (bsc#1216253) - Fix detection of encrypted disk's uuid in powerpc (bsc#1216075) grub2-2.06-150400.11.41.1.src.rpm grub2-x86_64-xen-2.06-150400.11.41.1.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-4476 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for xen fixes the following issues: - CVE-2023-20588: AMD CPU transitional execution leak via division by zero (XSA-439) (bsc#1215474). - CVE-2023-34322: top-level shadow reference dropped too early for 64-bit PV guests (XSA-438) (bsc#1215145). - CVE-2023-34325: Multiple vulnerabilities in libfsimage disk handling (XSA-443) (bsc#1215747). - CVE-2023-34326: x86/AMD: missing IOMMU TLB flushing (XSA-442) (bsc#1215746). - CVE-2023-34327,CVE-2023-34328: x86/AMD: Debug Mask handling (XSA-444) (bsc#1215748). - CVE-2023-46835: x86/AMD: mismatch in IOMMU quarantine page table levels (XSA-445) (bsc#1216654). - CVE-2023-46836: x86: BTC/SRSO fixes not fully effective (XSA-446) (bsc#1216807). - Upstream bug fixes (bsc#1027519) xen-4.16.5_08-150400.4.40.1.src.rpm True xen-4.16.5_08-150400.4.40.1.x86_64.rpm True xen-devel-4.16.5_08-150400.4.40.1.x86_64.rpm True xen-tools-4.16.5_08-150400.4.40.1.x86_64.rpm True xen-tools-xendomains-wait-disk-4.16.5_08-150400.4.40.1.noarch.rpm True SUSE-SLE-Module-Server-Applications-15-SP4-2023-4513 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for apache2-mod_jk fixes the following issues: Update to version 1.2.49: Apache * Retrieve default request id from mod_unique_id. It can also be taken from an arbitrary environment variable by configuring "JkRequestIdIndicator". * Don't delegate the generatation of the response body to httpd when the status code represents an error if the request used the HEAD method. * Only export the main module symbol. Visibility of module internal symbols led to crashes when conflicting with library symbols. Based on a patch provided by Josef Čejka. * Remove support for implicit mapping of requests to workers. All mappings must now be explicit. IIS * Set default request id as a GUID. It can also be taken from an arbitrary request header by configuring "request_id_header". * Fix non-empty check for the Translate header. Common * Fix compiler warning when initializing and copying fixed length strings. * Add a request id to mod_jk log lines. * Enable configure to find the correct sizes for pid_t and pthread_t when building on MacOS. * Fix Clang 15/16 compatability. Pull request #6 provided by Sam James. * Improve XSS hardening in status worker. * Add additional bounds and error checking when reading AJP messages. Docs * Remove support for the Netscape / Sun ONE / Oracle iPlanet Web Server as the product has been retired. * Remove links to the old JK2 documentation. The JK2 documentation is still available, it is just no longer linked from the current JK documentation. * Restructure subsections in changelog starting with version 1.2.45. Changes for 1.2.47 and 1.2.48 updates: * Add: Apache: Extend trace level logging of method entry/exit to aid debugging of request mapping issues. * Fix: Apache: Fix a bug in the normalization checks that prevented file based requests, such as SSI file includes, from being processed. * Fix: Apache: When using JkAutoAlias, ensure that files that include spaces in their name are accessible. * Update: Common: Update the documentation to reflect that the source code for the Apache Tomcat Connectors has moved from Subversion to Git. * Fix: Common: When using set_session_cookie, ensure that an updated session cookie is issued if the load-balancer has to failover to a different worker. * Update: Common: Update config.guess and config.sub from https://git.savannah.gnu.org/git/config.git. * Update: Common: Update release script for migration to git. Update to version 1.2.46 Fixes: * Apache: Fix regression in 1.2.44 which resulted in socket_connect_timeout to be interpreted in units of seconds instead of milliseconds on platforms that provide poll(). (rjung) * Security: CVE-2018-11759 Connector path traversal [bsc#1114612] Update to version 1.2.45 Fixes: * Correct regression in 1.2.44 that broke request handling for OPTIONS * requests. (rjung) * Improve path parameter parsing so that the session ID specified by the session_path worker property for load-balanced workers can be extracted from a path parameter in any segment of the URI, rather than only from the final segment. (markt) * Apache: Improve path parameter handling so that JkStripSession can remove session IDs that are specified on path parameters in any segment of the URI rather than only the final segment. (markt) * IIS: Improve path parameter handling so that strip_session can remove session IDs that are specified on path parameters in any segment of the URI rather than only the final segment. (markt) Updates: * Apache: Update the documentation to note additional limitations of the JkAutoAlias directive. (markt) Code: * Common: Optimize path parameter handling. (rjung) Update to version 1.2.44 Updates: * Remove the Novell Netware make files and Netware specific source code since there has not been a supported version of Netware available for over five years. (markt) * Apache: Update the documentation to use httpd 2.4.x style access control directives. (markt) * Update PCRE bundled with the ISAPI redirector to 8.42. (rjung) * Update config.guess and config.sub from https://git.savannah.gnu.org/git/config.git. (rjung) Fixes: * Common: Use Local, rather than Global, mutexs on Windows to better support multi-user environments. (markt) * Apache: Use poll rather than select to avoid the limitations of select triggering an httpd crash. Patch provided by Koen Wilde. (markt) * ISAPI: Remove the check that rejects requests that contain path segments that match WEB-INF or META-INF as it duplicates a check that Tomcat performs and, because ISAPI does not have visibility of the current context path, it is impossible to implement this check without valid requests being rejected. (markt) * Refactor normalisation of request URIs to a common location and align the normalisation implementation for mod_jk with that implemented by Tomcat. (markt) Add: * Clarify the behvaiour of lb workers when all ajp13 workers fail with particular reference to the role of the retries attribute. (markt) * Add the new load-balancer worker property lb_retries to improve the control over the number of retries. Based on a patch provided by Frederik Nosi. (markt) * Add a note to the documentation that the CollapseSlashes options are now effectively hard-coded to CollpaseSlashesAll due to the changes made to align normalization with that implemented in Tomcat. (markt) apache2-mod_jk-1.2.49-150100.6.6.1.src.rpm apache2-mod_jk-1.2.49-150100.6.6.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-4881 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for ipmitool fixes the following issues: - Fix unsupported LAN parameter lookup error (bsc#1216556) ipmitool-1.8.18.238.gb7adc1d-150400.3.6.1.src.rpm ipmitool-bmc-snmp-proxy-1.8.18.238.gb7adc1d-150400.3.6.1.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-4607 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for python3-Twisted fixes the following issues: - CVE-2023-46137: Fixed issue inside serializing pipelined HTTP requests. (bsc#1216588) python3-Twisted-22.2.0-150400.15.1.src.rpm python3-Twisted-22.2.0-150400.15.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-4606 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for python-apache-libcloud fixes the following issues: - list_nodes() function in the Azure ARM driver does not handle pagination and does not return all the VMs for a subscription (bsc#1214808) python-apache-libcloud-3.3.1-150300.3.3.1.src.rpm python3-apache-libcloud-3.3.1-150300.3.3.1.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-4573 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for openvswitch fixes the following issues: - CVE-2023-5366: Fixed missing masks on a final stage with ports trie (bsc#1216002). libopenvswitch-2_14-0-2.14.2-150400.24.14.2.x86_64.rpm libovn-20_06-0-20.06.2-150400.24.14.2.x86_64.rpm openvswitch-2.14.2-150400.24.14.2.src.rpm openvswitch-2.14.2-150400.24.14.2.x86_64.rpm openvswitch-devel-2.14.2-150400.24.14.2.x86_64.rpm openvswitch-ipsec-2.14.2-150400.24.14.2.x86_64.rpm openvswitch-pki-2.14.2-150400.24.14.2.x86_64.rpm openvswitch-test-2.14.2-150400.24.14.2.x86_64.rpm openvswitch-vtep-2.14.2-150400.24.14.2.x86_64.rpm ovn-20.06.2-150400.24.14.2.x86_64.rpm ovn-central-20.06.2-150400.24.14.2.x86_64.rpm ovn-devel-20.06.2-150400.24.14.2.x86_64.rpm ovn-docker-20.06.2-150400.24.14.2.x86_64.rpm ovn-host-20.06.2-150400.24.14.2.x86_64.rpm ovn-vtep-20.06.2-150400.24.14.2.x86_64.rpm python3-ovs-2.14.2-150400.24.14.2.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-4544 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for squid fixes the following issues: - CVE-2023-46728: Remove gopher support (bsc#1216926). - Fixed overread in HTTP request header parsing (bsc#1217274). squid-5.7-150400.3.15.1.src.rpm squid-5.7-150400.3.15.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-4939 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for rabbitmq-server fixes the following issues: - CVE-2023-46118: Introduce HTTP request body limit for definition uploads (bsc#1216582). erlang-rabbitmq-client-3.8.11-150300.3.14.1.x86_64.rpm rabbitmq-server-3.8.11-150300.3.14.1.src.rpm rabbitmq-server-3.8.11-150300.3.14.1.x86_64.rpm rabbitmq-server-plugins-3.8.11-150300.3.14.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-4976 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for mariadb-connector-c fixes the following issue: - Update to release 3.1.22: libmariadb-devel-3.1.22-150000.3.36.1.x86_64.rpm libmariadb_plugins-3.1.22-150000.3.36.1.x86_64.rpm mariadb-connector-c-3.1.22-150000.3.36.1.src.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-4681 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for qemu fixes the following issues: - Fix migration issues by disabling transfer of acpi_index (bsc#1216985) - Fix qemu crash on starting dirty log twice with stopped VM (bsc#1214367) - Fix incorrect calls of log_global_start/stop (bsc#1214367) qemu-6.2.0-150400.37.26.1.src.rpm qemu-6.2.0-150400.37.26.1.x86_64.rpm qemu-accel-tcg-x86-6.2.0-150400.37.26.1.x86_64.rpm qemu-audio-alsa-6.2.0-150400.37.26.1.x86_64.rpm qemu-audio-pa-6.2.0-150400.37.26.1.x86_64.rpm qemu-audio-spice-6.2.0-150400.37.26.1.x86_64.rpm qemu-block-curl-6.2.0-150400.37.26.1.x86_64.rpm qemu-block-iscsi-6.2.0-150400.37.26.1.x86_64.rpm qemu-block-rbd-6.2.0-150400.37.26.1.x86_64.rpm qemu-block-ssh-6.2.0-150400.37.26.1.x86_64.rpm qemu-chardev-baum-6.2.0-150400.37.26.1.x86_64.rpm qemu-chardev-spice-6.2.0-150400.37.26.1.x86_64.rpm qemu-guest-agent-6.2.0-150400.37.26.1.x86_64.rpm qemu-hw-display-qxl-6.2.0-150400.37.26.1.x86_64.rpm qemu-hw-display-virtio-gpu-6.2.0-150400.37.26.1.x86_64.rpm qemu-hw-display-virtio-gpu-pci-6.2.0-150400.37.26.1.x86_64.rpm qemu-hw-display-virtio-vga-6.2.0-150400.37.26.1.x86_64.rpm qemu-hw-usb-host-6.2.0-150400.37.26.1.x86_64.rpm qemu-hw-usb-redirect-6.2.0-150400.37.26.1.x86_64.rpm qemu-ipxe-1.0.0+-150400.37.26.1.noarch.rpm qemu-ksm-6.2.0-150400.37.26.1.x86_64.rpm qemu-kvm-6.2.0-150400.37.26.1.x86_64.rpm qemu-lang-6.2.0-150400.37.26.1.x86_64.rpm qemu-ui-curses-6.2.0-150400.37.26.1.x86_64.rpm qemu-ui-gtk-6.2.0-150400.37.26.1.x86_64.rpm qemu-ui-opengl-6.2.0-150400.37.26.1.x86_64.rpm qemu-ui-spice-app-6.2.0-150400.37.26.1.x86_64.rpm qemu-ui-spice-core-6.2.0-150400.37.26.1.x86_64.rpm qemu-x86-6.2.0-150400.37.26.1.x86_64.rpm qemu-seabios-1.15.0_0_g2dd4b9b-150400.37.26.1.noarch.rpm qemu-sgabios-8-150400.37.26.1.noarch.rpm qemu-vgabios-1.15.0_0_g2dd4b9b-150400.37.26.1.noarch.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-4989 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for 389-ds fixes the following issues: - Fix 'Replica ID cannot be specified for consumer and hub roles' error when enabling replication (bsc#1217581) - Update to version 2.0.17~git91.37da5ec * Issue 5984 - Crash when paged result search are abandoned - fix2 (#5987) * Issue 5984 - Crash when paged result search are abandoned (#5985) * Issue 5971 - CLI - Fix password prompt for repl status (#5972) * Issue 3555 - UI - Fix audit issue with npm - babel/traverse (#5959) * Issue 5966 - CLI - Custom schema object is removed on a failed edit (#5967) * Issue 5956 - After an upgrade the server won't start - nsslapd-connta… …blesize (#5963) * Issue 5956 - After an upgrade the server won't start - nsslapd-conntablesize (#5957) * Issue 5848 - Fix condition and add a CI test (#5916) * Issue 5853 - Revert MSRV check (#5908) * Issue 5722 - improve testcase (#5904) 389-ds-2.0.17~git91.37da5ec-150400.3.34.1.src.rpm 389-ds-2.0.17~git91.37da5ec-150400.3.34.1.x86_64.rpm 389-ds-devel-2.0.17~git91.37da5ec-150400.3.34.1.x86_64.rpm lib389-2.0.17~git91.37da5ec-150400.3.34.1.x86_64.rpm libsvrcore0-2.0.17~git91.37da5ec-150400.3.34.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-4698 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for squid fixes the following issues: - CVE-2023-49285: Fixed buffer over read bug on HTTP Message processing flow (bsc#1217813) - CVE-2023-49286: Fixed Denial of Service vulnerability in helper process management (bsc#1217815) - Fix X-Forwarded-For Stack Overflow (bsc#1217654) squid-5.7-150400.3.20.1.src.rpm squid-5.7-150400.3.20.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-4661 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for openvswitch fixes the following issues: - CVE-2023-5366: Fixed missing masks on a final stage with ports trie (bsc#1216002). libopenvswitch-2_14-0-2.14.2-150400.24.17.1.x86_64.rpm libovn-20_06-0-20.06.2-150400.24.17.1.x86_64.rpm openvswitch-2.14.2-150400.24.17.1.src.rpm openvswitch-2.14.2-150400.24.17.1.x86_64.rpm openvswitch-devel-2.14.2-150400.24.17.1.x86_64.rpm openvswitch-ipsec-2.14.2-150400.24.17.1.x86_64.rpm openvswitch-pki-2.14.2-150400.24.17.1.x86_64.rpm openvswitch-test-2.14.2-150400.24.17.1.x86_64.rpm openvswitch-vtep-2.14.2-150400.24.17.1.x86_64.rpm ovn-20.06.2-150400.24.17.1.x86_64.rpm ovn-central-20.06.2-150400.24.17.1.x86_64.rpm ovn-devel-20.06.2-150400.24.17.1.x86_64.rpm ovn-docker-20.06.2-150400.24.17.1.x86_64.rpm ovn-host-20.06.2-150400.24.17.1.x86_64.rpm ovn-vtep-20.06.2-150400.24.17.1.x86_64.rpm python3-ovs-2.14.2-150400.24.17.1.x86_64.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-4671 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update of man fixes the following problem: - The "man" commands is delivered to SUSE Linux Enterprise Micro to allow browsing man pages. system-group-libvirt-20170617-150400.24.2.1.noarch.rpm system-user-ftp-20170617-150400.24.2.1.noarch.rpm system-user-qemu-20170617-150400.24.2.1.noarch.rpm system-user-upsd-20170617-150400.24.2.1.noarch.rpm system-user-uuidd-20170617-150400.24.2.1.noarch.rpm system-users-20170617-150400.24.2.1.src.rpm SUSE-SLE-Module-Server-Applications-15-SP4-2023-4880 moderate SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for xen fixes the following issues: - Upstream bug fixes (bsc#1027519) xen-4.16.5_10-150400.4.43.1.src.rpm True xen-4.16.5_10-150400.4.43.1.x86_64.rpm True xen-devel-4.16.5_10-150400.4.43.1.x86_64.rpm True xen-tools-4.16.5_10-150400.4.43.1.x86_64.rpm True xen-tools-xendomains-wait-disk-4.16.5_10-150400.4.43.1.noarch.rpm True SUSE-SLE-Module-Server-Applications-15-SP4-2024-12 important SUSE Updates SLE-Module-Server-Applications 15-SP4 x86 64 This update for postfix fixes the following issues: - CVE-2023-51764: Fixed SMTP smuggling attack (bsc#1218304). postfix-3.5.9-150300.5.15.1.src.rpm postfix-mysql-3.5.9-150300.5.15.1.x86_64.rpm