SUSE-IU-2022:158-1 SUSE Image security@suse.de SUSE Security Team SUSE Image SUSE-IU-2022:158-1 Interim 1 1 2022-09-11T06:58:52Z current 2022-01-26T01:00:00Z 2022-01-26T01:00:00Z cve-database/bin/generate-cvrf-publiccloud.pl 2021-02-18T01:00:00Z Image update for SUSE-IU-2022:158-1 / google/sles-12-sp3-byos-v20220126 This image update for google/sles-12-sp3-byos-v20220126 contains the following changes: Package SUSEConnect was updated: - Update to 0.3.32- Allow --regcode and --instance-data attributes at the same time (jsc#PCT-164) - Document that 'debug' can also get set in the config file - --status will also print the subscription name - Update to 0.3.31 - Disallow registering via SUSEConnect if the system is managed by SUSE Manager. - Add subscription name to output of 'SUSEConnect --status' - Update to 0.3.30 - send payload of GET requests as part of the url, not in the body (see bsc#1185611) Package apparmor was updated: - apparmor-profiles-add-sssd-to-nameservice.patch: Enable access to sssd fast cache for nameservice users (bsc#1183599) - add-ld.so.preload-to-abstraction_base.patch: Add ld.so.preload to abstraction/base (bsc#1181728) Package at was updated: - Increase TasksMax limit from 512 (systemd default) to 4915, fix bsc#1058557 Package avahi was updated: - Add avahi-CVE-2021-3468.patch: avoid infinite loop by handling HUP event in client_work (boo#1184521 CVE-2021-3468). https://github.com/lathiat/avahi/pull/330 - Update avahi-daemon-check-dns-suse.patch: needed rebase against the updated avahi-daemon-check-dns.sh. Package bash was updated: - Add patch bash-4.3-boo1192785.patch * setuid causing permission denied on popen (bsc#1192785) - Add patch bsc1177369.patch to fix bsc#1177369 * tailf command does destroy terminal/console settings Package bind was updated: - Fixed CVE-2021-25219: The lame-ttl option controls how long named caches certain types of broken responses from authoritative servers (see the security advisory for details). This caching mechanism could be abused by an attacker to significantly degrade resolver performance. The vulnerability has been mitigated by changing the default value of lame-ttl to 0 and overriding any explicitly set value with 0, effectively disabling this mechanism altogether. ISC's testing has determined that doing that has a negligible impact on resolver performance while also preventing abuse. Administrators may observe more traffic towards servers issuing certain types of broken responses than in previous BIND 9 releases. [bsc#1192146, CVE-2021-25219, bind-CVE-2021-25219.patch] - In BIND 9.0.0 -&gt; 9.11.21, 9.12.0 -&gt; 9.16.5, 9.17.0 -&gt; 9.17.3, also affects 9.9.3-S1 -&gt; 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit. [bsc#1188888, bind-CVE-2020-8622.patch, CVE-2020-8622] - When FIPS mode is enabled, the named tools will complain that MD5 is enabled. This is now checked, MD5 is ignored and a warning is shown. [bsc#1181495, bind-bsc1181495-disable-md5-when-in-fips-mode.patch] - * A broken inbound incremental zone update (IXFR) can cause named to terminate unexpectedly [CVE-2021-25214, bind-CVE-2021-25214.patch] * An assertion check can fail while answering queries for DNAME records that require the DNAME to be processed to resolve itself [CVE-2021-25215, bind-CVE-2021-25215.patch] * A second vulnerability in BIND's GSSAPI security policy negotiation can be targeted by a buffer overflow attack This is fixed by switching from ISC's implementation to the use of gssapi. [CVE-2021-25216, bind.spec] [bsc#1185345] Package binutils was updated: - Add binutils-revert-hlasm-insns.diff for compatibility on old code stream that expect 'brcl 0,label' to not be disassembled as 'jgnop label' on s390x. [bsc#1192267] - Rebase binutils-2.37-branch.diff: fixes PR28523 aka boo#1188941. - Fix empty man-pages from broken release tarball [PR28144]. - Update binutils-skip-rpaths.patch with contained a memory corruption (boo#1191473). - Configure with --disable-x86-used-note on old code streams. - Disable libalternatives temporarily for build cycle reasons. - make TARGET-bfd=headers again, we patch bfd-in.h - This state submitted to SLE12 and SLE15 code streams for annual toolchain update. [jsc#PM-2767, jsc#SLE-21561, jsc#SLE-19618] - Bump binutils-2.37-branch.diff to 66d5c7003, to include fixes for PR28422, PR28192, PR28391. Also adds some s390x arch14 instructions [jsc#SLE-18637]. - Using libalternatives instead of update-alternatives. - Adjust for testsuite fails on older products that configure binutils in different ways, adds binutils-compat-old-behaviour.diff and adjusts binutils-revert-nm-symversion.diff and binutils-revert-plt32-in-branches.diff. - Bump binutils-2.37-branch.diff: fixes PR28138. - Use LTO &amp; PGO build. - Update to binutils 2.37: * The GNU Binutils sources now requires a C99 compiler and library to build. * Support for the arm-symbianelf format has been removed. * Support for Realm Management Extension (RME) for AArch64 has been added. * A new linker option '-z report-relative-reloc' for x86 ELF targets has been added to report dynamic relative relocations. * A new linker option '-z start-stop-gc' has been added to disable special treatment of __start_*/__stop_* references when - -gc-sections. * A new linker options '-Bno-symbolic' has been added which will cancel the '-Bsymbolic' and '-Bsymbolic-functions' options. * The readelf tool has a new command line option which can be used to specify how the numeric values of symbols are reported. - -sym-base=0|8|10|16 tells readelf to display the values in base 8, base 10 or base 16. A sym base of 0 represents the default action of displaying values under 10000 in base 10 and values above that in base 16. * A new format has been added to the nm program. Specifying '--format=just-symbols' (or just using -j) will tell the program to only display symbol names and nothing else. * A new command line option '--keep-section-symbols' has been added to objcopy and strip. This stops the removal of unused section symbols when the file is copied. Removing these symbols saves space, but sometimes they are needed by other tools. * The '--weaken', '--weaken-symbol' and '--weaken-symbols' options supported by objcopy now make undefined symbols weak on targets that support weak symbols. * Readelf and objdump can now display and use the contents of .debug_sup sections. * Readelf and objdump will now follow links to separate debug info files by default. This behaviour can be stopped via the use of the new '-wN' or '--debug-dump=no-follow-links' options for readelf and the '-WN' or '--dwarf=no-follow-links' options for objdump. Also the old behaviour can be restored by the use of the '--enable-follow-debug-links=no' configure time option. The semantics of the =follow-links option have also been slightly changed. When enabled, the option allows for the loading of symbol tables and string tables from the separate files which can be used to enhance the information displayed when dumping other sections, but it does not automatically imply that information from the separate files should be displayed. If other debug section display options are also enabled (eg '--debug-dump=info') then the contents of matching sections in both the main file and the separate debuginfo file *will* be displayed. This is because in most cases the debug section will only be present in one of the files. If however non-debug section display options are enabled (eg '--sections') then the contents of matching parts of the separate debuginfo file will *not* be displayed. This is because in most cases the user probably only wanted to load the symbol information from the separate debuginfo file. In order to change this behaviour a new command line option --process-links can be used. This will allow di0pslay options to applied to both the main file and any separate debuginfo files. * Nm has a new command line option: '--quiet'. This suppresses &quot;/no symbols&quot;/ diagnostic. - Includes fixes for these CVEs: bnc#1181452 aka CVE-2021-20197 aka PR26945 bnc#1183511 aka CVE-2021-20284 aka PR26931 bnc#1184519 aka CVE-2021-20294 aka PR26929 bnc#1184620 aka CVE-2021-3487 aka PR26946 bnc#1184794 aka CVE-2020-35448 aka PR26574 - Also fixes: bsc#1183909 - slow performance of stripping some binaries - Rebased patches: binutils-build-as-needed.diff, binutils-fix-abierrormsg.diff, binutils-fix-invalid-op-errata.diff, binutils-fix-relax.diff, binutils-revert-nm-symversion.diff, binutils-revert-plt32-in-branches.diff - Removed patches (are in upstream): ppc-ensure-undef-dynamic-weak-undefined.patch and ppc-use-local-plt.patch. - Add binutils-2.37-branch.diff.gz. - ppc-ensure-undef-dynamic-weak-undefined.patch: PPC: ensure_undef_dynamic on weak undef only in plt - ppc-use-local-plt.patch: PowerPC use_local_plt (prerequisite for above patch) - Update 2.36 branch diff which fixes PR27587. - Do not run make TARGET-bfd=headers separately. - Bump 2.36 branch diff (includes fix for PR27441 aka bsc#1182252). - Bump 2.36 branch diff. - Update 2.36 branch diff which should fix PR27311 completely. It fixes also PR27284. - Remove temporary fix 0001-PR27311-ld.bfd-symbol-from-plugin-undefined-referenc.patch. - Add temporary upstream fix for PR27311 0001-PR27311-ld.bfd-symbol-from-plugin-undefined-referenc.patch. - Update to binutils 2.36: New features in the Assembler: General: * When setting the link order attribute of ELF sections, it is now possible to use a numeric section index instead of symbol name. * Added a .nop directive to generate a single no-op instruction in a target neutral manner. This instruction does have an effect on DWARF line number generation, if that is active. * Removed --reduce-memory-overheads and --hash-size as gas now uses hash tables that can be expand and shrink automatically. X86/x86_64: * Add support for AVX VNNI, HRESET, UINTR, TDX, AMX and Key Locker instructions. * Support non-absolute segment values for lcall and ljmp. * Add {disp16} pseudo prefix to x86 assembler. * Configure with --enable-x86-used-note by default for Linux/x86. ARM/AArch64: * Add support for Cortex-A78, Cortex-A78AE and Cortex-X1, Cortex-R82, Neoverse V1, and Neoverse N2 cores. * Add support for ETMv4 (Embedded Trace Macrocell), ETE (Embedded Trace Extension), TRBE (Trace Buffer Extension), CSRE (Call Stack Recorder Extension) and BRBE (Branch Record Buffer Extension) system registers. * Add support for Armv8-R and Armv8.7-A ISA extensions. * Add support for DSB memory nXS barrier, WFET and WFIT instruction for Armv8.7. * Add support for +csre feature for -march. Add CSR PDEC instruction for CSRE feature in AArch64. * Add support for +flagm feature for -march in Armv8.4 AArch64. * Add support for +ls64 feature for -march in Armv8.7 AArch64. Add atomic 64-byte load/store instructions for this feature. * Add support for +pauth (Pointer Authentication) feature for - march in AArch64. New features in the Linker: * Add --error-handling-script=&lt;NAME&gt; command line option to allow a helper script to be invoked when an undefined symbol or a missing library is encountered. This option can be suppressed via the configure time switch: --enable-error-handling-script=no. * Add -z x86-64-{baseline|v[234]} to the x86 ELF linker to mark x86-64-{baseline|v[234]} ISA level as needed. * Add -z unique-symbol to avoid duplicated local symbol names. * The creation of PE format DLLs now defaults to using a more secure set of DLL characteristics. * The linker now deduplicates the types in .ctf sections. The new command-line option --ctf-share-types describes how to do this: its default value, share-unconflicted, produces the most compact output. * The linker now omits the &quot;/variable section&quot;/ from .ctf sections by default, saving space. This is almost certainly what you want unless you are working on a project that has its own analogue of symbol tables that are not reflected in the ELF symtabs. New features in other binary tools: * The ar tool's previously unused l modifier is now used for specifying dependencies of a static library. The arguments of this option (or --record-libdeps long form option) will be stored verbatim in the __.LIBDEP member of the archive, which the linker may read at link time. * Readelf can now display the contents of LTO symbol table sections when asked to do so via the --lto-syms command line option. * Readelf now accepts the -C command line option to enable the demangling of symbol names. In addition the --demangle=&lt;style&gt;, - -no-demangle, --recurse-limit and --no-recurse-limit options are also now availale. - Includes fixes for these CVEs: bnc#1179898 aka CVE-2020-16590 aka PR25821 bnc#1179899 aka CVE-2020-16591 aka PR25822 bnc#1179900 aka CVE-2020-16592 aka PR25823 bnc#1179901 aka CVE-2020-16593 aka PR25827 bnc#1179902 aka CVE-2020-16598 aka PR25840 bnc#1179903 aka CVE-2020-16599 aka PR25842 bnc#1180451 aka CVE-2020-35493 aka PR25307 bnc#1180454 aka CVE-2020-35496 aka PR25308 bnc#1180461 aka CVE-2020-35507 aka PR25308 - Rebase the following patches: * binutils-fix-relax.diff * binutils-revert-nm-symversion.diff * binutils-revert-plt32-in-branches.diff - Add missing dependency on bc (ld.gold testsuite uses it). - Use --enable-obsolete for cross builds as ia64 is deprecated now. - Add binutils-2.36-branch.diff.gz. - Add binutils-fix-relax.diff to fix linking relaxation problems with old object files hitting some enterprise software. [bsc#1179341] - Update binutils-2.35-branch.diff.gz to commit 1c5243df: * Fixes PR26520, aka [bsc#1179036], a problem in addr2line with certain DWARF variable descriptions. * Also fixes PR26711, PR26656, PR26655, PR26929, PR26808, PR25878, PR26740, PR26778, PR26763, PR26685, PR26699, PR26902, PR26869, PR26711 * The above includes fixes for dwo files produced by modern dwp, fixing several problems in the DWARF reader. - Reapply spec file cleanup from format_spec_file - Remove a SLE10 version check - Update to 2.35.1 and rebased branch diff: * This is a point release over the previous 2.35 version, containing bug fixes, and as an exception to the usual rule, one new feature. The new feature is the support for a new directive in the assembler: &quot;/.nop&quot;/. This directive creates a single no-op instruction in whatever encoding is correct for the target architecture. Unlike the .space or .fill this is a real instruction, and it does affect the generation of DWARF line number tables, should they be enabled. - Update binutils-2.35-branch.diff.gz to commit 23f268a0: * Add xBPF target * Fix various problems with DWARF 5 support in gas - Toolchain module update for SLE15 [jsc#ECO-2373] - Includes changes that were SLE-only in binutils-add-z15-name.diff for [bsc#1160590, jsc#SLE-7903 aka jsc#SLE-7464] - Amend binutils-revert-plt32-in-branches.diff to adjust also new testcases. - Add binutils-2.35-branch.diff.gz: it includes fix for nm -B for objects compiled with -flto and -fcommon. - Add binutils-revert-nm-symversion.diff to be compatible with old output of nm relied on in scripts. - Add binutils-fix-abierrormsg.diff to work around an eager (new) error message occuring without inputs and as-needed (affects nvme-cli build). - Update to binutils 2.35: * The asseembler can now produce DWARF-5 format line number tables. * Readelf now has a &quot;/lint&quot;/ mode to enable extra checks of the files it is processing. * Readelf will now display &quot;/[...]&quot;/ when it has to truncate a symbol name. The old behaviour - of displaying as many characters as possible, up to the 80 column limit - can be restored by the use of the --silent-truncation option. * The linker can now produce a dependency file listing the inputs that it has processed, much like the -M -MP option supported by the compiler. - Regenerate add-ulp-section.diff with -p1 due to a fuzzing issue. - Remove binutils-2.34-branch.diff.gz. - Regenerate binutils-build-as-needed.diff due to a fuzzing issue. - Regenerate binutils-fix-invalid-op-errata.diff as one hunk was upstreamed. - Remove upstreamed patch binutils-pr25593.diff. - Regenerate unit-at-a-time.patch due to a fuzzing issue. - Regenerate binutils-revert-plt32-in-branches.diff. - Update binutils-2.34-branch.diff.gz. - Remove fix-try_load_plugin.patch as it is part of the updated binutils-2.34-branch.diff.gz patch. - Add binutils-pr25593.diff to fix DT_NEEDED order with -flto [bsc#1163744] - Update fix-try_load_plugin.patch to latest version. - Add fix-try_load_plugin.patch in order to fix fallback caused by backport for PR25355. - Update to binutils 2.34: * The disassembler (objdump --disassemble) now has an option to generate ascii art thats show the arcs between that start and end points of control flow instructions. * The binutils tools now have support for debuginfod. Debuginfod is a HTTP service for distributing ELF/DWARF debugging information as well as source code. The tools can now connect to debuginfod servers in order to download debug information about the files that they are processing. * The assembler and linker now support the generation of ELF format files for the Z80 architecture. - Rename and get binutils-2.34-branch.diff.gz (boo#1160254). - Rebase add-ulp-section.diff, binutils-revert-plt32-in-branches.diff, cross-avr-size.patch and binutils-skip-rpaths.patch. - Add new subpackages for libctf and libctf-nobfd. - Disable LTO due to boo#1163333. - Includes fixes for these CVEs: bnc#1153768 aka CVE-2019-17451 aka PR25070 bnc#1153770 aka CVE-2019-17450 aka PR25078 - Disable LTO during testsuite run - Add binutils-fix-invalid-op-errata.diff to fix various build fails on aarch64 (PR25210, bsc#1157755). - Add add-ulp-section.diff for user space live patching. - Update to binutils 2.33.1: * Adds support for the Arm Scalable Vector Extension version 2 (SVE2) instructions, the Arm Transactional Memory Extension (TME) instructions and the Armv8.1-M Mainline and M-profile Vector Extension (MVE) instructions. * Adds support for the Arm Cortex-A76AE, Cortex-A77 and Cortex-M35P processors and the AArch64 Cortex-A34, Cortex-A65, Cortex-A65AE, Cortex-A76AE, and Cortex-A77 processors. * Adds a .float16 directive for both Arm and AArch64 to allow encoding of 16-bit floating point literals. * For MIPS, Add -m[no-]fix-loongson3-llsc option to fix (or not) Loongson3 LLSC Errata. Add a --enable-mips-fix-loongson3-llsc=[yes|no] configure time option to set the default behavior. Set the default if the configure option is not used to &quot;/no&quot;/. * The Cortex-A53 Erratum 843419 workaround now supports a choice of which workaround to use. The option --fix-cortex-a53-843419 now takes an optional argument --fix-cortex-a53-843419[=full|adr|adrp] which can be used to force a particular workaround to be used. See --help for AArch64 for more details. * Add support for GNU_PROPERTY_AARCH64_FEATURE_1_BTI and GNU_PROPERTY_AARCH64_FEATURE_1_PAC in ELF GNU program properties in the AArch64 ELF linker. * Add -z force-bti for AArch64 to enable GNU_PROPERTY_AARCH64_FEATURE_1_BTI on output while warning about missing GNU_PROPERTY_AARCH64_FEATURE_1_BTI on inputs and use PLTs protected with BTI. * Add -z pac-plt for AArch64 to pick PAC enabled PLTs. * Add --source-comment[=&lt;txt&gt;] option to objdump which if present, provides a prefix to source code lines displayed in a disassembly. * Add --set-section-alignment &lt;section-name&gt;=&lt;power-of-2-align&gt; option to objcopy to allow the changing of section alignments. * Add --verilog-data-width option to objcopy for verilog targets to control width of data elements in verilog hex format. * The separate debug info file options of readelf (--debug-dump=links and --debug-dump=follow) and objdump (--dwarf=links and - -dwarf=follow-links) will now display and/or follow multiple links if more than one are present in a file. (This usually happens when gcc's -gsplit-dwarf option is used). In addition objdump's --dwarf=follow-links now also affects its other display options, so that for example, when combined with - -syms it will cause the symbol tables in any linked debug info files to also be displayed. In addition when combined with - -disassemble the --dwarf= follow-links option will ensure that any symbol tables in the linked files are read and used when disassembling code in the main file. * Add support for dumping types encoded in the Compact Type Format to objdump and readelf. - Includes fixes for these CVEs: bnc#1126826 aka CVE-2019-9077 aka PR1126826 bnc#1126829 aka CVE-2019-9075 aka PR1126829 bnc#1126831 aka CVE-2019-9074 aka PR24235 bnc#1140126 aka CVE-2019-12972 aka PR23405 bnc#1143609 aka CVE-2019-14444 aka PR24829 bnc#1142649 aka CVE-2019-14250 aka PR90924 - Remove patches that are now included in the release: binutils-2.32-branch.diff.gz, binutils-fix-ld-segv.diff, binutils-pr24486.patch, riscv-abi-check.patch, rx-gas-padding-pr24464.patch. - Add binutils-2.33-branch.diff.gz patch. - Rebase binutils-revert-plt32-in-branches.diff and cross-avr-size.patch patch. Package bzip2 was updated: - Implement %check, bsc#1191648- Remove bzip2-faster.patch, it causes a crash with libarchive and valgrind points out uninitialized memory. See https://github.com/libarchive/libarchive/issues/637#issuecomment-170612576 Required for bsc#1188891 - Fix basisms in bzgrep and bznew * bzip2-1.0.6-fix-bashisms.patch Package ca-certificates-mozilla was updated: - remove the DST_Root_CA_X3.pem trust, as it expires september 30th 2021. (bsc#1190858) Package cifs-utils was updated: - cifs.upcall: fix regression in kerberos mount; (bsc#1184815). * add 0015-cifs.upcall-fix-regression-in-kerberos-mount.patch - CVE-2021-20208: cifs-utils: cifs.upcall kerberos auth leak in container; (bsc#1183239); CVE-2021-20208. Package cloud-netconfig was updated: - Update to version 1.6: + Ignore proxy when accessing metadata (bsc#1187939) + Print warning in case metadata is not accessible + Documentation update Package cpio was updated: - Fix segmentation fault caused by a regression (bsc#1189465) * fix-CVE-2021-38185_4.patch - Add another patch to fix regression (bsc#1189465) * fix-CVE-2021-38185_3.patch - Fix regression in last update (bsc#1189465) * fix-CVE-2021-38185_2.patch - Fix CVE-2021-38185 Remote code execution caused by an integer overflow in ds_fgetstr (CVE-2021-38185, bsc#1189206) * fix-CVE-2021-38185.patch Package cracklib was updated: Package cronie was updated: - Increase limit of allowed entries in crontab files to fix bsc#1187508 * cronie-1.4.11-increase_crontab_limit.patch Package cups was updated: - When cupsd creates directories with specific owner group and permissions (usually owner is 'root' and group matches &quot;/configure --with-cups-group=lp&quot;/) specify same owner group and permissions in the RPM spec file to ensure those directories are installed by RPM with the right settings because if those directories were installed by RPM with different settings then cupsd would use them as is and not adjust its specific owner group and permissions which could lead to privilege escalation from 'lp' user to 'root' via symlink attacks e.g. if owner is falsely 'lp' instead of 'root' CVE-2021-25317 (bsc#1184161) Package curl was updated: - Security fix: [bsc#1190374, CVE-2021-22947] * STARTTLS protocol injection via MITM * Add curl-CVE-2021-22947.patch - Security fix: [bsc#1190373, CVE-2021-22946] * Protocol downgrade required TLS bypassed * Add curl-CVE-2021-22946.patch - Security fix: [bsc#1188220, CVE-2021-22925] * TELNET stack contents disclosure again * Add curl-CVE-2021-22925.patch - Security fix: [bsc#1188219, CVE-2021-22924] * Bad connection reuse due to flawed path name checks * Add curl-CVE-2021-22924.patch - Security fix: Disable the metalink feature: * Insufficiently Protected Credentials [bsc#1188218, CVE-2021-22923] * Wrong content via metalink not discarded [bsc#1188217, CVE-2021-22922] - Security fix: [bsc#1186114, CVE-2021-22898] * TELNET stack contents disclosure - Add curl-CVE-2021-22898.patch - Security fix: [bsc#1183933, CVE-2021-22876] * The automatic referer leaks credentials - Add curl-CVE-2021-22876-URL-API.patch curl-CVE-2021-22876.patch Package dbus-1 was updated: - Fix CVE-2020-35512 - shared UID's caused issues (CVE-2020-35512 bsc#1187105) * fix-upstream-userdb-constpointer.patch * fix-upstream-CVE-2020-35512.patch - Fix CVE-2020-12049 truncated messages lead to resource exhaustion (CVE-2020-12049, bsc#1172505) * fix-upstream-CVE-2020-12049_2.patch Package dbus-1-x11 was updated: - Fix CVE-2020-35512 - shared UID's caused issues (CVE-2020-35512 bsc#1187105) * fix-upstream-userdb-constpointer.patch * fix-upstream-CVE-2020-35512.patch - Fix CVE-2020-12049 truncated messages lead to resource exhaustion (CVE-2020-12049, bsc#1172505) * fix-upstream-CVE-2020-12049_2.patch Package dhcp was updated: - CVE-2021-25217, bsc#1186382, dhcp-CVE-2021-25217.patch: A buffer overrun in lease file parsing code can be used to exploit a common vulnerability shared by dhcpd and dhclient. Package expat was updated: - Security fix (CVE-2021-45960, bsc#1194251) * A left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior. * Added expat-CVE-2021-45960.patch - Security fix (CVE-2021-46143, bsc#1194362) * Integer overflow exists for m_groupSize in doProlog * Added expat-CVE-2021-46143.patch - Security fix (CVE-2022-22822, bsc#1194474) * Integer overflow in addBinding in xmlparse.c * Added expat-CVE-2022-22822.patch - Security fix (CVE-2022-22823, bsc#1194476) * Integer overflow in build_model in xmlparse.c * Added expat-CVE-2022-22823.patch - Security fix (CVE-2022-22824, bsc#1194477) * Integer overflow in defineAttribute in xmlparse.c * Added expat-CVE-2022-22824.patch - Security fix (CVE-2022-22825, bsc#1194478) * Integer overflow in lookup in xmlparse.c * Added expat-CVE-2022-22825.patch - Security fix (CVE-2022-22826, bsc#1194479) * Integer overflow in nextScaffoldPart in xmlparse.c * Added expat-CVE-2022-22826.patch - Security fix (CVE-2022-22827, bsc#1194480) * Integer overflow in storeAtts in xmlparse.c * Added expat-CVE-2022-22826.patch Package file was updated: - Add temporary patch CVE-2019-18218-46a8443f.patch from upstream to fix bsc#1154661 -- heap-based buffer overflow in cdf_read_property_info in cdf.c as well as bsc#1189093 Package gettext-runtime was updated: - Added msgfmt-double-free.patch to fix a double free error (CVE-2018-18751 bsc#1113719) Package glib2 was updated: - Add glib2-CVE-2021-27218.patch: g_byte_array_new_take takes a gsize as length but stores in a guint, this patch will refuse if the length is larger than guint. (bsc#1182328, glgo#GNOME/glib!1944) - Add glib2-CVE-2021-27219-add-g_memdup2.patch: g_memdup takes a guint as parameter and sometimes leads into an integer overflow, so add a g_memdup2 function which uses gsize to replace it. (bsc#1182362, glgo#GNOME/glib!1927, glgo#GNOME/glib!1933, glgo#GNOME/glib!1943) Package glibc was updated: - wordexp-param-overflow.patch: wordexp: handle overflow in positional parameter number (CVE-2021-35942, bsc#1187911, BZ #28011) - mq-notify-use-after-free.patch: Use __pthread_attr_copy in mq_notify (CVE-2021-33574, bsc#1186489, BZ #27896) - ldconfig-concurrency.patch: Avoid concurrency problem in ldconfig (bsc#1117993, BZ #23973) Package gmp was updated: - Add gmp-6.2.1-CVE-2021-43618.patch to fix buffer overflow on malformed input to mpz_inp_raw. [bsc#1192717, CVE-2021-43618] Package google-guest-agent was updated: - Update to version 20210414.00 (bsc#1185848, bsc#1185849) * start sshd (#106) * Add systemd-networkd.service restart dependency. (#104) * Update error message for handleHealthCheckRequest. (#105) - Update to version 20210223.01 (bsc#1183414, bsc#1183415) * add a match block to sshd_config for SAs (#99) * add ipv6 forwarded ip support (#101) * call restorecon on ssh host keys (#98) * Include startup and shutdown in preset (#96) * set metadata URL earlier (#94) - Fix activation logic of systemd services (bsc#1182793) - Update to version 20201211.00 * Require snapshot scripts to live under /etc/google/snapshots (#90) * Adding support for Windows user account password lengths between 15 and 255 characters. (#91) * Adding bkatyl to OWNERS (#92) Package google-guest-configs was updated: - Update to version 20210317.00 (bsc#1183414, bsc#1183415) * dracut.conf wants spaces around values (#19) * make the same change for debian (#18) * change path back for google_nvme_id (#17) * move google_nvme_id to /usr/bin (#16) * correct udev rule syntax (#15) * prune el6 spec (#13) * Updated udev rules (#11) - Remove empty %{_sbindir} from %install and %files section - Remove service files (bsc#1180304) + google-optimize-local-ssd.service, google-set-multiqueue.service scripts are called from within the guest agent Package google-guest-oslogin was updated: - Update to version 20210728.00 (bsc#1188992, bsc#1189041) * JSON object cleanup (#65) - Update to version 20210707.00 * throw exceptions in cache_refresh (#64) - from version 20210702.00 * Use IP address for calling the metadata server. (#63) - Update to version 20210618.00 * flush each group member write (#62) - Update to version 20210429.00 (bsc#1185848, bsc#1185849) * correct pagetoken in groupsforuser (#59) * resolve self groups last (#58) * support empty groups (#57) * no paginating to find groups (#56) * clear users vector (#55) * correct usage of pagetoken (#54) - Update to version 20210316.00 (bsc#1183414, bsc#1183415) * call correct function in pwenthelper (#53) - Update to version 20210108.00 * Update logic in the cache_refresh binary (#52) * remove old unused workflow files (#49) Package google-osconfig-agent was updated: - Update to version 20210506.00 (bsc#1185848, bsc#1185849) * Add more os policy assignment examples (#348) * e2e_tests: enable stable tests for OSPolicies (#347) * Align start and end task logs (#346) * ConfigTask: add additional info logs (#345) * e2e_tests: add validation tests (#344) * Config Task: make sure agent respects policy mode (#343) * update * e2e_tests: readd retries to OSPolicies * Set minWaitDuration as a string instead of object (#341) * e2e_tests: Fix a few SUSE tests (#339) * Remove pre-release flag from config (#340) * e2e_tests: fixup OSPolicy tests (#338) * e2e_tests: unlock mutex for CreatePolicies as soon as create finishes (#337) * e2e_tests: Don't retry failed OSPolicy tests, fix msi test (#336) * Examples for os policy assignments (#334) * e2e_tests: increase the deadline for OSPolicy tests and only start after a zone has been secured (#335) * Fix panic when installing MSI (#332) * e2e_tests: Add test cases of installing dbe, rpm and msi packages (#333) * e2e_tests: add more logging * e2e_tests: (#330) * e2e_test: Add timouts to OSPolicy tests so we don't wait forever (#329) * Create top level directories for gcloud and console for os policy assignment examples (#328) * e2e_tests: Move api from an internal directory (#327) * Make sure we use the same test name for reruns (#326) * Add CONFIG_V1 capability (#325) * e2e_tests: reduce size of instances, use pd-balanced, rerun failed tests once (#324) * Only report installed packages for dpkg (#322) * e2e_tests: fix windows package and repository tests (#323) * Add top level directories for os policy examples (#321) * e2e_tests: move to using inventory api for inventory reporting (#320) * e2e_tests: add ExecResource tests (#319) * ExecResource: make sure we set permissions correctly for downloaded files (#318) * Config task: only run post check on resources that have already been evaluated (#317) * e2e_test: reorganize OSPolicy tests to be per Resource type (#316) * Set custom user agent (#299) * e2e_tests: check InstanceOSPoliciesCompliance for each test case, add LocalPath FileResource test (#314) * PackageResource: make sure to run AptUpdate prior to package install (#315) * Fix bugs/add more logging for OSPolicies (#313) * Change metadata http client to ignore http proxies (#312) * e2e_test: add tests for FileResource (#311) * Add task_type context logging (#310) * Fix e2e_test typo (#309) * Fix e2e_tests (#308) * Disable OSPolicies by default since it is an unreleased feature (#307) * e2e_tests: Add more OSPolicies package and repo tests (#306) * Do not enforce repo_gpgcheck in guestpolicies (#305) * Gather inventory 3-5min after agent start (#303) * e2e_tests: add OSPolicies tests for package install (#302) * Add helpful error log if a service account is missing (#304) * OSPolicies: correct apt repo extension, remove yum/zypper gpgcheck override (#301) * Update cos library to parse new version of packages file (#300) * config_task: Rework config step logic (#296) * e2e_test: enable serial logs in cos to support ReportInventory test (#297) - Update to version 20210316.00 (bsc#1183414, bsc#1183415) * ExecResource: fix bug in return code handling (#295) * Fix ExecResource permissions, add logs to fetcher (#294) * e2e_tests: Fix ubuntu proposed family (#293) * e2e_tests: add proposed debian images to head tests (#292) * Fix exec_resource for config task, add minimal unit test (#291) * Change util.WriteFile to AtomicWriteFileStream (#289) * Merge development branch into master (#288) * Create util.TempFile to work nicely with Windows (#287) * Fix copy step write (#286) * Fix error on linux lock (#285) * Ensure we cleanup on error in AtomicWrite (#284) * Make writes atomic, add unused &quot;/allowDowngrades&quot;/ option to apt, fix a few recipe issues (#283) * update reviewers (#282) * update apt package lists before running installs (#281) * Simplify build tags for COS package (#280) - Update to version 20210112.00 * Fix builds for ppc and s390x (#274) * Minor updates to tests and additional debug logging (#272) * Add Ubuntu 2004 to tests (#271) * Make sure we stop tickers (#270) * Drop Windows 1903 and CentOS 6 from tests (#269) * Pin el6 tests to last published image as it is EOL (#267) * support cos (#266) - Update to version 20201117.00 (bsc#1179031, bsc#1179032) * Ignore Unavailable erros on stream receive (#260) * Update test Windows images (#259) * update ReportInventory e2e test regexes (#255) * Don't return on a windows update error (#254) * use retryutil for ReportInventory calls (#253) * add additional debug logging for ReportInventory request payload for e2e tests (#252) * stop logging instance identity token as part of ReportInventory request and remove feature-flag setting in OSInventoryReporting e2e tests (#251) * complete ExecTask as no-op when the ExecStepConfig doesn't match the OS (#250) * Add software recipe tests for COS (#249) * remove feature flag for inventory reporting (#243) * Force yum to never colorize output (#247) * Add sleep after Unavailable errors for agentendpoint (#241) * Ensure we record epoch for rpm packages (#242) * Make inventory WUAUpdates call spawn a new process, retry on metadata unmarshal error (#239) * add debug logging for report inventory response (#240) * add initial e2e tests for inventory reporting (#237) * Report installed packages on COS (#236) Package grub2 was updated: - Fix disappeared snapshot menu entry (bsc#1078481)- Fix incorrect check preventing the script from running (bsc#1078481) - Fix error not a btrfs filesystem on s390x (bsc#1187645) * 80_suse_btrfs_snapshot - Add support for simplefb (boo#1193532). * grub2-simplefb.patch - Fix powerpc-ieee1275 lpar takes long time to boot with increasing number of nvme namespace (bsc#1177751) * 0001-ieee1275-Avoiding-many-unecessary-open-close.patch - Fix error lvmid disk cannot be found after second disk added to the root volume group (bsc#1189874) (bsc#1071559) * 0001-ieee1275-implement-FCP-methods-for-WWPN-and-LUNs.patch - Fix error /boot/grub2/locale/POSIX.gmo not found (bsc#1189769) * 0001-Filter-out-POSIX-locale-for-translation.patch - Patch added for (jsc#SLE-20909): Fix error grub_file_filters not found in Azure virtual machine (bsc#1182012) * 0001-Workaround-volatile-efi-boot-variable.patch - Patch refreshed * grub-install-force-journal-draining-to-ensure-data-i.patch - Fix error gfxterm isn't found with multiple terminals (bsc#1187565) - Patch refreshed * grub2-fix-error-terminal-gfxterm-isn-t-found.patch - Fix boot failure as journaled data not get drained due to abrupt power off after grub-install (bsc#1167756) - Fix boot failure after kdump due to the content of grub.cfg is not completed with pending modificaton in xfs journal (bsc#1186975) * grub-install-force-journal-draining-to-ensure-data-i.patch - Fix executable stack in grub-emu (bsc#1181696) * 0001-emu-fix-executable-stack-marking.patch Package irqbalance was updated: - Increase size of procinterrupts line readings by factor 32 (bsc#1184592) A procinterrupts_read_buffer_increase.patch - Use _fillupdir in spec file to also build against latest distros which could be useful for comparing versions in case we get yet another bug. - not balancing interrupts in Xen guests (bsc#1178477, bsc#1183405) A procinterrupts-check-xen-dyn-event-more-flexible.patch Package kdump was updated: - kdump-do-not-iterate-past-end-of-string.patch: URLParser::extractAuthority(): Do not iterate past end of string (bsc#1186037). - kdump-fix-incorrect-exit-code-checking.patch: Fix incorrect exit code checking after &quot;/local&quot;/ with assignment (bsc#1184616 LTC#192282). - kdump-Add-bootdev-to-dracut-command-line.patch: Add 'bootdev=' to dracut command line (bsc#1182309). - kdump-avoid-endless-loop-EAI_AGAIN.patch: Avoid an endless loop when resolving a hostname fails with EAI_AGAIN (bsc#1183070). - kdump-install-etc-resolv.conf-using-resolved-path.patch: Install /etc/resolv.conf using its resolved path (bsc#1183070). - kdump-query-systemd-network.service.patch: Query systemd network.service to find out if wicked is used (bsc#1182309). - kdump-check-explicit-ip-options.patch: Do not add network-related dracut options if ip= is set explicitly (bsc#1182309 bsc#1188090 LTC#193461). - kdump-ensure-initrd.target.wants-directory.patch: Make sure that initrd.target.wants directory exists (bsc#1172670). - kdump-activate-udev-rules-late-during-boot.patch: kdump: activate udev rules late during boot (bsc#1154837). - kdump-make-sure-that-the-udev-runtime-directory-exists.patch: Make sure that the udev runtime directory exists (bsc#1164713). Package kernel-default was updated: - bpf: Add kconfig knob for disabling unpriv bpf by default (jsc#SLE-22918) - Update config files: Add CONFIG_BPF_UNPRIV_DEFAULT_OFF is not set - commit 45c8b60 - config: disable unprivileged BPF by default (jsc#SLE-22918) Backport of mainline commit 8a03e56b253e (&quot;/bpf: Disallow unprivileged bpf by default&quot;/) only changes kconfig default, used e.g. for &quot;/make oldconfig&quot;/ when the config option is missing, but does not update our kernel configs used for build. Update also these to make sure unprivileged BPF is really disabled by default. - commit 1289b84 - bpf: Disallow unprivileged bpf by default (jsc#SLE-22918). - commit f60b26f - dm ioctl: fix out of bounds array access when no devices (CVE-2021-31916 bsc#1192781). - commit 918914d - ipv4: make exception cache less predictible (bsc#1191790, CVE-2021-20322). - ipv4: use siphash instead of Jenkins in fnhe_hashfun() (bsc#1191790, CVE-2021-20322). - commit 3410ffc - cpufreq: intel_pstate: Add Icelake servers support in no-HWP mode (bsc#1185758,bsc#1192400). - commit 96d5947 - x86/CPU: Add more Icelake model numbers (bsc#1185758,bsc#1192400). - commit 531b6d4 - Bluetooth: cmtp: fix file refcount when cmtp_attach_device fails (bsc#1191961 CVE-2021-34981). - commit dc6a99a - blacklist.conf: Drop a line that was added by mistake - commit 05edc23 - Refresh patches.suse/bpf-Fix-leakage-due-to-insufficient-speculative-stor.patch. - Refresh patches.suse/bpf-prevent-memory-disambiguation-attack.patch. Previous removal of unused variable caused build failure (mid-series), move variable removal to the correct patch, and ensure all unused variable is removed. - commit 21d40da - ftrace: Fix scripts/recordmcount.pl due to new binutils (bsc#1192267). - commit 1485d76 - xfs: add agf freeblocks verify in xfs_agf_verify (bsc#1192296 CVE-2020-12655). - commit 25b5716 - Update patches.suse/isdn-cpai-check-ctr-cnr-to-avoid-array-index-out-of-bound.patch (bsc#1191958 CVE-2021-43389). - commit 2a5ea35 - Refresh patches.suse/bpf-prevent-memory-disambiguation-attack.patch. Missed the actual dropping of variable in last commit - commit b097abb - usb: hso: fix error handling code of hso_create_net_device (bsc#1188601 CVE-2021-37159). - commit c29a96d - Refresh patches.suse/bpf-prevent-memory-disambiguation-attack.patch. Drop used variable that causes warning - commit 81a205c - blacklist.conf: blacklist pair of obsoleted patches (bsc#1188601 CVE-2021-37159) - commit 74d6ce4 - kABI: protect struct bpf_map (kabi). - commit 6c2222c - bpf: Fix leakage due to insufficient speculative store bypass mitigation (bsc#1188983, bsc#1188985, CVE-2021-34556, CVE-2021-35477). - commit ff6ef1e - bpf: Introduce BPF nospec instruction for mitigating Spectre v4 (bsc#1188983, bsc#1188985, CVE-2021-34556, CVE-2021-35477). - commit dc05895 - x86: Introduce barrier_nospec (CVE-2017-5753 bnc#1012382 bsc#1068032). - commit 347afb0 - bpf: properly enforce index mask to prevent out-of-bounds speculation (bsc#1098425). - commit d97a4cc - bpf: prevent memory disambiguation attack (bsc#1087082 CVE-2018-3639). - commit 67bf14e - bpf: fix branch pruning logic (CVE-2017-17862 CVE-2017-17864 bsc#1073928). - Refresh patches.suse/bpf-prevent-out-of-bounds-speculation.patch - Refresh patches.fixes/bpf-don-t-let-ldimm64-leak-map-addresses-on-unprivil.patch - commit d19a62f - bpf, array: fix overflow in max_entries and undefined behavior in index_mask (bsc#1068032 CVE-2017-5753). - commit 82640b4 - bpf: prevent out-of-bounds speculation (bsc#1068032 CVE-2017-5753). - commit 24aa2da - bpf: adjust insn_aux_data when patching insns (bsc#1068032 CVE-2017-5753). - commit cec855b - bpf: refactor fixup_bpf_calls() (bsc#1068032 CVE-2017-5753). - commit c880a78 - bpf: move fixup_bpf_calls() function (bsc#1068032 CVE-2017-5753). - commit dd9f281 - bpf: don't (ab)use instructions to store state (bsc#1068032 CVE-2017-5753). - commit 77da822 - bpf: add bpf_patch_insn_single helper (bsc#1068032 CVE-2017-5753). - commit b929767 - Update patches.kernel.org/patch-4.4.3-4 references (add CVE-2021-20265 bsc#1183089). - commit bae5769 - sctp: add vtag check in sctp_sf_ootb (CVE-2021-3772 bsc#1190351). - sctp: add vtag check in sctp_sf_do_8_5_1_E_sa (CVE-2021-3772 bsc#1190351). - sctp: add vtag check in sctp_sf_violation (CVE-2021-3772 bsc#1190351). - sctp: fix the processing for COOKIE_ECHO chunk (CVE-2021-3772 bsc#1190351). - sctp: fix the processing for INIT_ACK chunk (CVE-2021-3772 bsc#1190351). - sctp: fix the processing for INIT chunk (CVE-2021-3772 bsc#1190351). - sctp: use init_tag from inithdr for ABORT chunk (CVE-2021-3772 bsc#1190351). - sctp: check asoc peer.asconf_capable before processing asconf (bsc#1190351). - commit b4e86be - sctp: add param size validation for SCTP_PARAM_SET_PRIMARY (CVE-2021-3655 bsc#1188563). - sctp: validate chunk size in __rcv_asconf_lookup (CVE-2021-3655 bsc#1188563). - sctp: add size validation when walking chunks (CVE-2021-3655 bsc#1188563). - commit e541dd9 - xfs: fix up non-directory creation in SGID directories (bsc#1190006 CVE-2018-13405). - commit 755ccf4 - net/mlx4_en: Handle TX error CQE (bsc#1181854 bsc#1181855). - net/mlx4_en: Avoid scheduling restart task if it is already running (bsc#1181854 bsc#1181855). - commit 8b82539 - nfc: nci: fix the UAF of rf_conn_info object (CVE-2021-3760 bsc#1190067). - commit 9627eda - Update patch reference for firewire fix (CVE-2021-42739 CVE-2021-3542 bsc#1184673) - commit 29edae6 - cipso,calipso: resolve a number of problems with the DOI refcounts (CVE-2021-33033 bsc#1186109). - commit 08ec772 - kabi: hide return value type change of sctp_af::from_addr_param (CVE-2021-3655 bsc#1188563). - sctp: fix return value check in __sctp_rcv_asconf_lookup (CVE-2021-3655 bsc#1188563). - sctp: validate from_addr_param return (CVE-2021-3655 bsc#1188563). - sctp: fully initialize v4 addr in some functions (bsc#1188563). - sctp: simplify addr copy (bsc#1188563). - commit 566d229 - netfilter: nf_conntrack_h323: lost .data_len definition for Q.931/ipv6 (CVE-2020-14305 bsc#1173346). - commit 9d07e3d - net_sched: cls_route: remove the right filter from hashtable (CVE-2021-3715 bsc#1190349). - commit 1e212d4 - isdn: cpai: check ctr-&gt;cnr to avoid array index out of bound (bsc#1191958 CVE-2021-3896). - commit ef09121 - net: mana: Fix error handling in mana_create_rxq() (git-fixes, bsc#1191801). - commit 030262b - media: firewire: firedtv-avc: fix a buffer overflow in avc_ca_pmt() (CVE-2021-3542 bsc#1184673). - commit 629d851 - net: 6pack: fix slab-out-of-bounds in decode_data (CVE-2021-42008 bsc#1191315). - commit ede4274 - kABI compatibility for ath_key_delete() changes (CVE-2020-3702 bsc#1191193). - commit 470c448 - ath9k: Postpone key cache entry deletion for TXQ frames reference it (CVE-2020-3702 bsc#1191193). - ath: Modify ath_key_delete() to not need full key entry (CVE-2020-3702 bsc#1191193). - ath: Export ath_hw_keysetmac() (CVE-2020-3702 bsc#1191193). - ath9k: Clear key cache explicitly on disabling hardware (CVE-2020-3702 bsc#1191193). - ath: Use safer key clearing with key cache entries (CVE-2020-3702 bsc#1191193). - commit f4306c2 - kabi/severities: skip kABI check for ath9k-local symbols (CVE-2020-3702 bsc#1191193) ath9k modules have some exported symbols for the common helpers and the recent fixes broke kABI of those. They are specific to ath9k's own usages, so safe to ignore. - commit 67a4ab0 - net: mana: Add WARN_ON_ONCE in case of CQE read overflow (jsc#SLE-18779, bsc#1185727). - net: mana: Add support for EQ sharing (jsc#SLE-18779, bsc#1185727). - net: mana: Move NAPI from EQ to CQ (jsc#SLE-18779, bsc#1185727). - net: mana: Fix a memory leak in an error handling path in (jsc#SLE-18779, bsc#1185727). - net: mana: Use int to check the return value of mana_gd_poll_cq() (jsc#SLE-18779, bsc#1185727). - net: mana: fix PCI_HYPERV dependency (jsc#SLE-18779, bsc#1185727). - net: mana: remove redundant initialization of variable err (jsc#SLE-18779, bsc#1185727). - hv: mana: declare vzalloc (jsc#SLE-18779, bsc#1185726). - hv: mana: remove netdev_lockdep_set_classes usage (jsc#SLE-18779, bsc#1185727). - hv: mana: adjust mana_select_queue to old API (jsc#SLE-18779, bsc#1185727). - hv: mana: fake bitmap API (jsc#SLE-18779, bsc#1185726). - net: mana: Add a driver for Microsoft Azure Network Adapter (MANA) (jsc#SLE-18779, bsc#1185727). - mm: replace open coded page to virt conversion with page_to_virt() (jsc#SLE-18779, bsc#1185727). - commit dcd02a2 - Bluetooth: check for zapped sk before connecting (CVE-2021-3752 bsc#1190023). - commit 1e8e3c3 - net: sched: sch_teql: fix null-pointer dereference (bsc#1190717). - commit 765d2f8 - s390/bpf: Fix optimizing out zero-extensions (bsc#1190601). - s390/bpf: Fix 64-bit subtraction of the -0x80000000 constant (bsc#1190601). - s390/bpf: Fix branch shortening during codegen pass (bsc#1190601). - s390/bpf: Wrap JIT macro parameter usages in parentheses (bsc#1190601). - s390: bpf: implement jitting of BPF_ALU | BPF_ARSH | BPF_* (bsc#1190601). - commit 3d1b37f - ext4: fix race writing to an inline_data file while its xattrs are changing (bsc#1190159 CVE-2021-40490). - commit b86c399 - x86/tlb: Flush global mappings when KAISER is disabled (bsc#1190194). - commit 4f166f1 - SUNRPC: improve error response to over-size gss credential (bsc#1190022). - commit 8a98f3a - scsi: sg: add sg_remove_request in sg_write (bsc#1171420 CVE2020-12770). - commit 1a21af1 - Bluetooth: schedule SCO timeouts with delayed_work (CVE-2021-3640 bsc#1188172). - Refresh patches.suse/Bluetooth-switch-to-lock_sock-in-SCO.patch. - commit 1527ca1 - virtio_console: Assure used length from device is limited (CVE-2021-38160 bsc#1190117). - commit a2f9927 - Bluetooth: sco: Fix lock_sock() blockage by memcpy_from_msg() (CVE-2021-3640 bsc#1188172). - commit 7f7f308 - vt_kdsetmode: extend console locking (bsc#1190025 CVE-2021-3753). - commit 8e66f30 - ovl: prevent private clone if bind mount is not allowed (bsc#1189706, CVE-2021-3732). - commit 07cac18 - [PATCH 4.4.y] KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl (bsc#1189399, CVE-2021-3653). - KVM: X86: MMU: Use the correct inherited permissions to get shadow page (CVE-2021-38198 bsc#1189262). - commit 0f83408 - PCI: hv: Use expected affinity when unmasking IRQ (bsc#1185973). - commit a3d3bcc - Bluetooth: switch to lock_sock in SCO (CVE-2021-3640 bsc#1188172). - Bluetooth: avoid circular locks in sco_sock_connect (CVE-2021-3640 bsc#1188172). - commit a63cffe - Bluetooth: defer cleanup of resources in hci_unregister_dev() (CVE-2021-3640 bsc#1188172). - commit b3dcc45 - usb: max-3421: Prevent corruption of freed memory (CVE-2021-38204 bsc#1189291). - commit 3d3a79f - tracing: Fix bug in rb_per_cpu_empty() that might cause deadloop (CVE-2021-3679 bsc#1189057). - commit fcd167b - KVM: Fix UAF in nested posted interrupt processing (CVE-2018-16882 bsc#1119934). - commit 6411b52 - kabi: preserve struct l2tp_session layout after adding dead member (CVE-2020-0429 bsc#1176724). - kabi: preserve struct l2tp_tunnel layout after adding acpt_newsess (CVE-2020-0429 bsc#1176724). - kabi: restore l2tp_session_find_by_ifname (CVE-2020-0429 bsc#1176724). - l2tp: Allow duplicate session creation with UDP (CVE-2020-0429 bsc#1176724). - l2tp: don't close sessions in l2tp_tunnel_destruct() (CVE-2020-0429 bsc#1176724). - l2tp: fix race between l2tp_session_delete() and l2tp_tunnel_closeall() (CVE-2020-0429 bsc#1176724). - l2tp: ensure sessions are freed after their PPPOL2TP socket (CVE-2020-0429 bsc#1176724). - l2tp: prevent creation of sessions on terminated tunnels (CVE-2020-0429 bsc#1176724). - l2tp: initialise session's refcount before making it reachable (CVE-2020-0429 bsc#1176724). - l2tp: take a reference on sessions used in genetlink handlers (CVE-2020-0429 bsc#1176724). - l2tp: hold session while sending creation notifications (CVE-2020-0429 bsc#1176724). - l2tp: fix duplicate session creation (CVE-2020-0429 bsc#1176724). - l2tp: ensure session can't get removed during pppol2tp_session_ioctl() (CVE-2020-0429 bsc#1176724). - l2tp: Refactor the codes with existing macros instead of literal number (CVE-2020-0429 bsc#1176724). - l2tp: Correctly return -EBADF from pppol2tp_getname (CVE-2020-0429 bsc#1176724). - commit d95bc23 - powerpc/pesries: Get STF barrier requirement from H_GET_CPU_CHARACTERISTICS (CVE-2018-3639 bsc#1087082 git-fixes bsc#1188885 ltc#193722). - powerpc/security: Add a security feature for STF barrier (CVE-2018-3639 bsc#1087082 git-fixes bsc#1188885 ltc#193722). - powerpc/pseries: Get entry and uaccess flush required bits from H_GET_CPU_CHARACTERISTICS (CVE-2020-4788 bsc#1177666 git-fixes bsc#1188885 ltc#193722). - powerpc/64s: rename pnv|pseries_setup_rfi_flush to _setup_security_mitigations (CVE-2018-3639, bsc#1087082, bsc#1188885 ltc#193722). - commit fc3927c - net: mac802154: Fix general protection fault (CVE-2021-3659 bsc#1188876). - commit 41ce3cc - use 3.0 SPDX identifier in rpm License tags As requested by Maintenance, change rpm License tags from &quot;/GPL-2.0&quot;/ (SPDX 2.0) to &quot;/GPL-2.0-only&quot;/ (SPDX 3.0) so that their scripts do not have to adjust the tags with each maintenance update submission. - commit c24e8b8 - KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow (bsc#1188838 CVE-2021-37576). - commit 3d81131 - netfilter: x_tables: fix compat match/target pad out-of-bound write (CVE-2021-22555 bsc#1188116). - commit 96e51be - seq_file: Disallow extremely large seq buffer allocations (bsc#1188062, CVE-2021-33909). - commit 7769711 - can: bcm: delay release of struct bcm_op after synchronize_rcu() (CVE-2021-3609 bsc#1187215). - commit cf3fef8 - mm: consider __HW_POISON pages when allocating from pcp lists (bsc#1187388). - commit 8479654 - hv_netvsc: Fix unwanted wakeup in netvsc_attach() (bsc#1175462). - hv_netvsc: Fix tx_table init in rndis_set_subchannel() (bsc#1175462). - hv_netvsc: flag software created hash value (bsc#1175462). - hv_netvsc: Fix error handling in netvsc_attach() (bsc#1175462). - hv_netvsc: Fix extra rcu_read_unlock in netvsc_recv_callback() (bsc#1175462). - hv_netvsc: fix race that may miss tx queue wakeup (bsc#1175462). - hv_netvsc: Fix unwanted wakeup after tx_disable (bsc#1175462). - hv_netvsc: Fix IP header checksum for coalesced packets (bsc#1175462). - hv_netvsc: Fix hash key value reset after other ops (bsc#1175462). - hv_netvsc: Refactor assignments of struct netvsc_device_info (bsc#1175462). - hv_netvsc: fix schedule in RCU context (bsc#1175462). - hv_netvsc: Fix a deadlock by getting rtnl lock earlier in netvsc_probe() (bsc#1175462). - hv/netvsc: Fix NULL dereference at single queue mode fallback (bsc#1175462). - hv/netvsc: fix handling of fallback to single queue mode (bsc#1175462). - hv_netvsc: split sub-channel setup into async and sync (bsc#1175462). - hv_netvsc: Fix the variable sizes in ipsecv2 and rsc offload (bsc#1175462). - hv_netvsc: fix network namespace issues with VF support (bsc#1175462). - hv_netvsc: Fix a network regression after ifdown/ifup (bsc#1175462). - hv_netvsc: Add handlers for ethtool get/set msg level (bsc#1175462). - hv_netvsc: typo in NDIS RSS parameters structure (bsc#1175462). - hv_netvsc: set master device (bsc#1175462). - hv_netvsc: Fix net device attach on older Windows hosts (bsc#1175462). - hv_netvsc: Ensure correct teardown message sequence order (bsc#1175462). - hv_netvsc: Split netvsc_revoke_buf() and netvsc_teardown_gpadl() (bsc#1175462). - hv_netvsc: Use Windows version instead of NVSP version on GPAD teardown (bsc#1175462). - commit c5c3097 - hv_netvsc: common detach logic (bsc#1175462). - commit 0f53ecd - hv_netvsc: pass netvsc_device to rndis halt (bsc#1175462). - hv_netvsc: change GPAD teardown order on older versions (bsc#1175462). - hv_netvsc: use RCU to fix concurrent rx and queue changes (bsc#1175462). - hv_netvsc: disable NAPI before channel close (bsc#1175462). - hv_netvsc: cancel subchannel setup before halting device (bsc#1175462). - hv_netvsc: fix error unwind handling if vmbus_open fails (bsc#1175462). - hv_netvsc: only wake transmit queue if link is up (bsc#1175462). - hv_netvsc: avoid retry on send during shutdown (bsc#1175462). - hv_netvsc: use reciprocal divide to speed up percent calculation (bsc#1175462). - hv_netvsc: preserve hw_features on mtu/channels/ringparam changes (bsc#1175462). - hv_netvsc: netvsc_teardown_gpadl() split (bsc#1175462). - hv_netvsc: Set tx_table to equal weight after subchannels open (bsc#1175462). - hv_netvsc: avoid unnecessary wakeups on subchannel creation (bsc#1175462). - commit d0f2711 - hv_netvsc: fix deadlock on hotplug (bsc#1175462). - commit 34afd59 - hv_netvsc: Simplify num_chn checking in rndis_filter_device_add() (bsc#1175462). - commit 247cfe2 - netvsc: delay setup of VF device (bsc#1175462). - commit 854e6c5 - netvsc: fix race on sub channel creation (bsc#1175462). - commit 5301206 - netvsc: fix race during initialization (bsc#1175462). - commit 58b9cfc - af_key: pfkey_dump needs parameter validation (CVE-2021-0605 bsc#1187601). - commit 237f852 - HID: make arrays usage and value to be the same (CVE-2021-0512 bsc#1187595). - commit 7eba6bd - scsi: storvsc: Enable scatterlist entry lengths &gt; 4Kbytes (bsc#1187193). - commit c316c7f - can: bcm: fix infoleak in struct bcm_msg_head (CVE-2021-34693 bsc#1187452). - commit adc6046 - RDMA/ucma: Rework ucma_migrate_id() to avoid races with destroy (bsc#1187050, CVE-2020-36385) - commit a9ceda8 - Update patches.suse/Bluetooth-SMP-Fail-if-remote-and-local-public-keys-a.patch (bsc#1186463 CVE-2021-0129 CVE-2020-26558). - commit 286bcbb - Bluetooth: Fix slab-out-of-bounds read in hci_extended_inquiry_result_evt() (CVE-2020-36386 bsc#1187038). - commit bc6a7b3 - cfg80211: mitigate A-MSDU aggregation attacks (CVE-2020-24588 bsc#1185861). - commit ea2af47 - Bluetooth: SMP: Fail if remote and local public keys are identical (git-fixes). - commit d6a09bf - kgraft: truncate the output from state_show() sysfs attr (bsc#1186235). - commit 8ae6170 - powerpc/64s: Fix crashes when toggling entry flush barrier (CVE-2020-4788 bsc#1177666 git-fixes). - commit 340e962 - powerpc/64s: Fix crashes when toggling stf barrier (CVE-2018-3639 bsc#1087082 git-fixes). - commit 940a4ed - Update patches.suse/bluetooth-eliminate-the-potential-race-condition-whe.patch (bsc#1184611 CVE-2021-32399). - commit cc66d51 - video: hyperv_fb: Add ratelimit on error message (bsc#1185724). - Drivers: hv: vmbus: Increase wait time for VMbus unload (bsc#1185724). - Drivers: hv: vmbus: Initialize unload_event statically (bsc#1185724). - commit ed6d3b2 - kABI workaround for hci_chan amp field addition (CVE-2021-33034 bsc#1186111). - commit fd0206d - Bluetooth: verify AMP hci_chan before amp_destroy (CVE-2021-33034 bsc#1186111). - commit e24f222 - Correct CVE number for a mac80211 fix (CVE-2020-26139 bsc#1186062) - commit 01ead6e - net/nfc: fix use-after-free llcp_sock_bind/connect (CVE-2021-23134 bsc#1186060). - commit 8490bfc - kABI workaround for cfg80211 changes (CVE-2020-24586 bsc#1185859). - ath10k: Validate first subframe of A-MSDU before processing the list (CVE-2020-26141 bsc#1185863 bsc#1185987). - ath10k: Fix TKIP Michael MIC verification for PCIe (CVE-2020-26141 bsc#1185863 bsc#1185987). - ath10k: drop fragments with multicast DA for PCIe (CVE-2020-26145 bsc#1185860). - mac80211: extend protection against mixed key and fragment cache attacks (CVE-2020-24586 bsc#1185859). - mac80211: do not accept/forward invalid EAPOL frames (CVE-2020-24587 CVE-2020-24586 bsc#1185863 bsc#1185862 bsc#1185859). - mac80211: prevent attacks on TKIP/WEP as well (CVE-2020-24586 bsc#1185859). - mac80211: check defrag PN against current frame (CVE-2020-24587 CVE-2020-24586 bsc#1185863 bsc#1185862 bsc#1185859). - mac80211: add fragment cache to sta_info (CVE-2020-24587 CVE-2020-24586 bsc#1185863 bsc#1185859). - mac80211: drop A-MSDUs on old ciphers (CVE-2020-24587 CVE-2020-24586 bsc#1185863 bsc#1185862 bsc#1185859). - mac80211: properly handle A-MSDUs that start with an RFC 1042 header (CVE-2020-24587 CVE-2020-24586 bsc#1185863 bsc#1185862 bsc#1185859). - mac80211: prevent mixed key and fragment cache attacks (CVE-2020-24587 CVE-2020-24586 bsc#1185863 bsc#1185862 bsc#1185859). - mac80211: assure all fragments are encrypted (CVE-2020-26147 bsc#1185863 bsc#1185859). - commit 3300524 - blacklist.conf: blacklist d120198bd5ff (&quot;/xen/evtchn: Change irq_info lock to raw_spinlock_t&quot;/) no PREEMPT_RT kernel is pulling from this cve branch and this is a follow up fix for a CVE fix. - commit 449a07b - Fix compile error Refreshed: patches.suse/usbip-fix-stub_dev-usbip_sockfd_store-races-leading-.patch - commit 7dca118 - KVM: Add proper lockdep assertion in I/O bus unregister (bsc#1185555). - KVM: Stop looking for coalesced MMIO zones if the bus is destroyed (bsc#1185557). - KVM: Destroy I/O bus devices on unregister failure _after_ sync'ing SRCU (bsc#1185556). - commit 9c7b370 - KVM: fix memory leak in kvm_io_bus_unregister_dev() (CVE-2020-36312 bsc#1184509). - commit 69dc2b9 - bluetooth: eliminate the potential race condition when removing the HCI controller (bsc#1184611). - commit 12d067d - netfilter: x_tables: Use correct memory barriers (bsc#1184208 CVE-2021-29650). - commit 9bdf87e - hv_netvsc: remove ndo_poll_controller (bsc#1185248). - commit cd1da8b - Refresh patches.suse/btrfs-fix-qgroup-data-rsv-leak-caused-by-falloc-fail.patch. Fix uninitialized variable caused by a backport error. - commit 73ac9e9 - btrfs: fix qgroup data rsv leak caused by falloc failure (bsc#1182261). - commit 41b28a4 - Refresh patches.suse/btrfs-don-t-flush-from-btrfs_delayed_inode_reserve_metadata.patch. Moved to sorted section. - commit eb45fd3 - xen/events: fix setting irq affinity (bsc#1184583 XSA-332 CVE-2020-27673). - commit fc05c5b - bpf, x86: Validate computation of branch displacements for x86-64 (bsc#1184391 CVE-2021-29154). - commit d4aa467 - nfc: Avoid endless loops caused by repeated llcp_sock_connect() (CVE-2020-25673 bsc#1178181). - nfc: fix memory leak in llcp_sock_connect() (CVE-2020-25672 bsc#1178181). - nfc: fix refcount leak in llcp_sock_connect() (CVE-2020-25671 bsc#1178181). - nfc: fix refcount leak in llcp_sock_bind() (CVE-2020-25670 bsc#1178181). - nfc: fix memory leak in llcp_sock_bind() (CVE-2020-25670 bsc#1178181). - commit 2b122d6 - fuse: fix live lock in fuse_iget() (bsc#1184211 CVE-2021-28950). - fuse: fix bad inode (bsc#1184211 CVE-2020-36322). - commit 98e06ce - media: v4l: ioctl: Fix memory leak in video_usercopy (bsc#1184120 CVE-2021-30002). - commit 4b54793 - firewire: nosy: Fix a use-after-free bug in nosy_ioctl() (CVE-2021-3483 bsc#1184393). - commit 126037f - n_tty: Fix stall at n_tty_receive_char_special() (CVE-2021-20219 bsc#1184397). - commit 0c9fa44 - usbip: fix stub_dev usbip_sockfd_store() races leading to gpf (CVE-2021-29265 bsc#1184167). - commit f2ca2a0 - gianfar: fix jumbo packets+napi+rx overrun crash (CVE-2021-29264 bsc#1184168). - commit 8d361ee - PCI: rpadlpar: Fix potential drc_name corruption in store functions (CVE-2021-28972 bsc#1184198). - commit 4cbce48 - staging: rtl8188eu: prevent -&gt;ssid overflow in rtw_wx_set_scan() (CVE-2021-28660 bsc#1183593). - commit fabc8f6 - blk-mq: Allow blocking queue tag iter callbacks (CVE-2020-0433 bsc#1176720 bsc#1167316). - blk-mq: sync the update nr_hw_queues with blk_mq_queue_tag_busy_iter (CVE-2020-0433 bsc#1176720). - commit 7c68d9d - xen/events: avoid handling the same event on two cpus at the same time (bsc#1183638 XSA-332 CVE-2020-27673). - commit 11e2c61 - xen/events: don't unmask an event channel when an eoi is pending (bsc#1183638 XSA-332 CVE-2020-27673). - commit 37de3be - xen/events: reset affinity of 2-level event when tearing it down (bsc#1183638 XSA-332 CVE-2020-27673). - commit 6777f4f - Update patches.suse/Xen-gnttab-handle-p2m-update-errors-on-a-per-slot-ba.patch (bsc#1183022 XSA-367 CVE-2021-28038): added CVE number - Update patches.suse/xen-netback-respect-gnttab_map_refs-s-return-value.patch (bsc#1183022 XSA-367 CVE-2021-28038): added CVE number - commit 70823bb - scsi: iscsi: Verify lengths on passthrough PDUs (CVE-2021-27365 bsc#1182715). - scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE (CVE-2021-27365 bsc#1182715). - scsi: iscsi: Restrict sessions and handles to admin capabilities (CVE-2021-27363 CVE-2021-27364 bsc#1182716 bsc#1182717). - commit 903ccb3 - btrfs: fix qgroup_free wrong num_bytes in btrfs_subvolume_reserve_metadata (bsc#1182261). - Refresh patches.suse/btrfs-qgroup-fix-qgroup-meta-rsv-leak-for-subvolume-.patch. - commit 78ec07a - btrfs: Cleanup try_flush_qgroup (bsc#1182047). - commit 926f592 - btrfs: Don't flush from btrfs_delayed_inode_reserve_metadata (bsc#1182047). - commit c92e90d - btrfs: Free correct amount of space in btrfs_delayed_inode_reserve_metadata (bsc#1182047). - commit c3fc3b5 - btrfs: qgroup: don't try to wait flushing if we're already holding a transaction (bsc#1179575). - commit 1d7f556 - btrfs: qgroup: don't commit transaction when we already hold the handle (bsc#1178634). - commit 7c8ca22 - btrfs: qgroup: fix qgroup meta rsv leak for subvolume operations (bsc#1177856). - commit 27d228c - btrfs: drop unused parameter qgroup_reserved (bsc#1182261). - Refresh patches.suse/btrfs-qgroup-Always-free-PREALLOC-META-reserve-in-bt.patch. - commit 5901c46 - btrfs: remove unused parameter from btrfs_subvolume_release_metadata (bsc#1182261). - Refresh patches.suse/0007-btrfs-qgroup-Introduce-extent-changeset-for-qgroup-r.patch. - Refresh patches.suse/0017-Btrfs-rework-outstanding_extents.patch. - Refresh patches.suse/0023-btrfs-qgroup-Use-separate-meta-reservation-type-for-.patch. - Refresh patches.suse/btrfs-qgroup-Always-free-PREALLOC-META-reserve-in-bt.patch. - commit 59b5536 - btrfs: qgroup: fix wrong qgroup metadata reserve for delayed inode (bsc#1177855). - commit 2a452f6 - btrfs: qgroup: remove ASYNC_COMMIT mechanism in favor of reserve retry-after-EDQUOT (bsc#1120163). - commit 7a6a65b - btrfs: qgroup: try to flush qgroup space when we get -EDQUOT (bsc#1120163). - commit 34d1a07 - btrfs: qgroup: allow to unreserve range without releasing other ranges (bsc#1120163). - commit d3d0651 - btrfs: qgroup: fix data leak caused by race between writeback and truncate (bsc#1172247). - commit c54b534 - btrfs: change timing for qgroup reserved space for ordered extents to fix reserved space leak (bsc#1172247). - commit 6f53911 - xen-netback: respect gnttab_map_refs()'s return value (bsc#1183022 XSA-367). - commit a5b0cfe - Xen/gnttab: handle p2m update errors on a per-slot basis (bsc#1183022 XSA-367). - commit 65935ad - btrfs: inode: move qgroup reserved space release to the callers of insert_reserved_file_extent() (bsc#1172247). - commit 4b19017 - btrfs: inode: refactor the parameters of insert_reserved_file_extent() (bsc#1172247). - commit 94c5865 - btrfs: make btrfs_ordered_extent naming consistent with btrfs_file_extent_item (bsc#1172247). - commit 36c7127 - btrfs: qgroup: Fix a bug that prevents qgroup to be re-enabled after disable (bsc#1172247). - commit 035ebc4 - btrfs: qgroup: mark qgroup inconsistent if we're inherting snapshot to a new qgroup (bsc#1165823). - commit f84426b - btrfs: qgroup: Don't hold qgroup_ioctl_lock in btrfs_qgroup_inherit() (bsc#1165823). - commit a42bb5f - Btrfs: add missing extents release on file extent cluster relocation error (bsc#1159483). - Refresh patches.suse/btrfs-qgroup-Always-free-PREALLOC-META-reserve-in-bt.patch. - commit f86a57d - btrfs: tracepoints: Fix bad entry members of qgroup events (bsc#1155186). - commit d1b6145 - btrfs: tracepoints: Fix wrong parameter order for qgroup events (bsc#1155184). - commit bf2d301 - btrfs: qgroup: Always free PREALLOC META reserve in btrfs_delalloc_release_extents() (bsc#1155179). - commit 08d6f89 - btrfs: qgroup: Fix reserved data space leak if we have multiple reserve calls (bsc#1152975). - commit 0e53d82 - btrfs: qgroup: Fix the wrong target io_tree when freeing reserved data space (bsc#1152974). - commit e38cd4a - kabi: mask changes to struct ipv6_stub (CVE-2020-1749 bsc#1165629). - kabi: hide new parameter of ip6_dst_lookup_flow() (CVE-2020-1749 bsc#1165629). - net: ipv6_stub: use ip6_dst_lookup_flow instead of ip6_dst_lookup (CVE-2020-1749 bsc#1165629). - net: ipv6: add net argument to ip6_dst_lookup_flow (CVE-2020-1749 bsc#1165629). - commit b290360 - cifs: report error instead of invalid when revalidating a dentry fails (bsc#1177440). - commit 7f491c1 - Delete patches.suse/0001-cifs-ignore-revalidate-failures-in-case-of-process-g.patch. - commit 10e49a7 - Delete patches.suse/cifs-do-not-revalidate-mountpoint-dentries.patch. - commit 29ff2ce - Refresh patches.fixes/bonding-fix-active-backup-failover-for-current-ARP-s.patch. - commit 82c82a6 - xen-blkback: fix error handling in xen_blkbk_map() (XSA-365 CVE-2021-26930 bsc#1181843). - commit 3332ae0 - xen-scsiback: don't &quot;/handle&quot;/ error by BUG() (XSA-362 CVE-2021-26931 bsc#1181753). - commit dea8fbd - xen-netback: don't &quot;/handle&quot;/ error by BUG() (XSA-362 CVE-2021-26931 bsc#1181753). - commit 09948fd - xen-blkback: don't &quot;/handle&quot;/ error by BUG() (XSA-362 CVE-2021-26931 bsc#1181753). - commit a894675 - xen/arm: don't ignore return errors from set_phys_to_machine (XSA-361 CVE-2021-26932 bsc#1181747). - commit 5d66e33 - Xen/gntdev: correct error checking in gntdev_map_grant_pages() (XSA-361 CVE-2021-26932 bsc#1181747). - commit 018094f - Xen/gntdev: correct dev_bus_addr handling in gntdev_map_grant_pages() (XSA-361 CVE-2021-26932 bsc#1181747). - commit 22a3fbe - Xen/x86: also check kernel mapping in set_foreign_p2m_mapping() (XSA-361 CVE-2021-26932 bsc#1181747). - commit 51b7694 - Xen/x86: don't bail early from clear_foreign_p2m_mapping() (XSA-361 CVE-2021-26932 bsc#1181747). - commit 696d20a - xen/netback: fix spurious event detection for common event case (bsc#1182175). - commit 1a8c5fa - Fix a bug in rawmidi UAF fix patch (bsc#1179601, CVE-2020-27786) Refresh patches.suse/ALSA-rawmidi-Fix-racy-buffer-resize-under-concurrent.patch - commit 32875b8 - target: fix XCOPY NAA identifier lookup (CVE-2020-28374, bsc#1178372). - commit 18cb7d2 - ext4: check journal inode extents more carefully (bsc#1173485). - commit 3245bb6 - ext4: don't allow overlapping system zones (bsc#1173485). - commit 0759ec3 - ext4: handle error of ext4_setup_system_zone() on remount (bsc#1173485). - commit a559c95 - mm, memory_hotplug: do not clear numa_node association after hot_remove (bnc#1115026). - commit de1f3c2 Package less was updated: - Add missing runtime dependency on which, which is used by lessopen.sh. Fix bsc#1190552. Package libX11 was updated: - redone U_CVE-2021-31535.patch due to regressions (boo#1186643) * fixes segfaults for xforms applications like fdesign - U_CVE-2021-31535.patch * adds missing request length checks in libX11 (CVE-2021-31535, bsc#1182506) Package libcap was updated: - Add explicit dependency on libcap2 with version to libcap-progs (bsc#1184690, bsc#1184434) - Update to libcap 2.26 for supporting the ambient capabilities (jsc#SLE-17092, jsc#ECO-3460) - Drop obsoleted patch: libcap-missing-capabilities.patch - Use &quot;/or&quot;/ in the license tag to avoid confusion (bsc#1180073) Package libesmtp was updated: - Add libesmtp-fix-cve-2019-19977.patch: Fix stack-based buffer over-read in ntlm/ntlmstruct.c (bsc#1160462 bsc#1189097). Package libgcrypt was updated: - FIPS: Fix gcry_mpi_sub_ui subtraction [bsc#1193480] * gcry_mpi_sub_ui: fix subtracting from negative value * Add libgcrypt-FIPS-fix-gcry_mpi_sub_ui.patch - Security fix: [bsc#1187212, CVE-2021-33560] * Libgcrypt mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm - Add patches: * libgcrypt-CVE-2021-33560-ElGamal-exponent-blinding.patch * libgcrypt-CVE-2021-33560-fix-ElGamal-enc.patch Package libnettle was updated: - Security fix: [CVE-2021-3580, bsc#1187060] * Remote crash in RSA decryption via manipulated ciphertext * Add libnettle-CVE-2021-3580.patch - Security fix: [bsc#1184401, bsc#1183835, CVE-2021-20305] * multiply function being called with out-of-range scalars * Affects ecc-ecdsa-sign(), ecc_ecdsa_verify() and _eddsa_hash(). - Add libnettle-CVE-2021-20305.patch Package libsolv was updated: - Turn on rich dependency handling needed for ptf support [jsc#SLE-17973] [jsc#SLE-17974] [bnc#1190530] - bump version to 0.6.38 - fix heap-buffer-overflow in repodata_schema2id [CVE-2019-20387] [bnc#1161510] - backport support for blacklisted packages to support ptf packages and retracted patches [jsc#SLE-17973] - fix ruleinfo of complex dependencies returning the wrong origin - fix SOLVER_FLAG_FOCUS_BEST updateing packages without reason - fix add_complex_recommends() selecting conflicted packages in rare cases - testcase_read: error out if repos are added or the system is changed too late [CVE-2021-3200] [bnc#1186229] - fix potential segfault in resolve_jobrules - fix solv_zchunk decoding error if large chunks are used - bump version to 0.6.37 Package libxml2 was updated: - Security fix: [bsc#1186015, CVE-2021-3541] * Exponential entity expansion attack bypasses all existing protection mechanisms. - Add libxml2-CVE-2021-3541.patch - Security fix: [bsc#1185698, CVE-2021-3537] * NULL pointer dereference in valid.c:xmlValidBuildAContentModel * Add libxml2-CVE-2021-3537.patch - Security fix: [bsc#1185408, CVE-2021-3518] * Fix use-after-free in xinclude.c:xmlXIncludeDoProcess() * Add libxml2-CVE-2021-3518.patch - Security fix: [bsc#1185410, CVE-2021-3517] * Fix heap-based buffer overflow in entities.c:xmlEncodeEntitiesInternal() * Add libxml2-CVE-2021-3517.patch - Security fix: [bsc#1185409, CVE-2021-3516] * Fix use-after-free in entities.c:xmlEncodeEntitiesInternal() * Add libxml2-CVE-2021-3516.patch Package libzypp was updated: - Rephrase vendor conflict message in case 2 packages are involved (bsc#1187760) This covers the case where not the packages itself would change its vendor, but replaces a package from a different vendor. - RepoManager: Don't probe for plaindir repo if URL schema is plugin: (bsc#1191286) - version 16.22.3 (0) - BuildRequires: libsolv-devel &gt;= 0.6.38 Must rebuild all caches to make sure rich dependency handling is turned on. Needed for PTF support. (jsc#SLE-17974, bsc#1190530) - version 16.22.2 (0) - Fix solver jobs for PTFs (bsc#1186503) - version 16.22.1 (0) - Add support for PTFs (jsc#SLE-17974) - version 16.22.0 (0) - Patch: Identify well-known category names (bsc#1179847) This allows to use the RH and SUSE patch categrory names synonymously: (recommendedi = bugfix) and (optional = feature = enhancement). - version 16.21.5 (0) Package mozilla-nspr was updated: - update to version 4.32: * implement new socket option PR_SockOpt_DontFrag * support larger DNS records by increasing the default buffer size for DNS queries - update to version 4.31: * Lock access to PRCallOnceType members in PR_CallOnce* for thread safety bmo#1686138 - update to version 4.30 * support longer thread names on macOS * fix a build failure on OpenBSD - update to version 4.29 * Remove macOS Code Fragment Manager support code * Remove XP_MACOSX and OS_TARGET=MacOSX * Refresh config.guess and config.sub * Remove NSPR's patch to config.sub * Add support for e2k target (64-bit Elbrus 2000) - update to version 4.28 * Fix a compiler warning * Add rule for cross-compiling with cygwin - update to version 4.27 * the macOS platform code for shared library loading was changed to support macOS 11. If the absolute path parameter given to PR_LoadLibrary begins with either /System/ or /usr/lib/ then no test is performed if the library exists at a file. * An include statement for a Windows system library header was added - update to version 4.26 * PR_GetSystemInfo supports a new flag PR_SI_RELEASE_BUILD to get information about the operating system build version. * Better support parallel building on Windows. * The internal release automatic script requires python 3. Package mozilla-nss was updated: - Mozilla NSS 3.68.2 (bsc#1193845) * mozilla::pkix: support SHA-2 hashes in CertIDs in OCSP responses (bmo#966856) - Mozilla NSS 3.68.1 MFSA 2021-51 (bsc#1193170) * CVE-2021-43527 (bmo#1737470) Memory corruption via DER-encoded DSA and RSA-PSS signatures - Remove now obsolete patch nss-bsc1193170.patch - Add patch to fix CVE-2021-43527 (bsc#1193170): nss-bsc1193170.patch - Removed nss-fips-kdf-self-tests.patch. This was made obsolete by upstream changes. (bmo#1660304) - Rebase nss-fips-stricter-dh.patch needed due to upstream changes. - Update nss-fips-constructor-self-tests.patch to fix crashes reported by upstream. This was likely affecting WebRTC calls. - update to NSS 3.68 * bmo#1713562 - Fix test leak. * bmo#1717452 - NSS 3.68 should depend on NSPR 4.32. * bmo#1693206 - Implement PKCS8 export of ECDSA keys. * bmo#1712883 - DTLS 1.3 draft-43. * bmo#1655493 - Support SHA2 HW acceleration using Intel SHA Extension. * bmo#1713562 - Validate ECH public names. * bmo#1717610 - Add function to get seconds from epoch from pkix::Time. - update to NSS 3.67 * bmo#1683710 - Add a means to disable ALPN. * bmo#1715720 - Fix nssckbi version number in NSS 3.67 (was supposed to be incremented in 3.66). * bmo#1714719 - Set NSS_USE_64 on riscv64 target when using GYP/Ninja. * bmo#1566124 - Fix counter increase in ppc-gcm-wrap.c. * bmo#1566124 - Fix AES_GCM mode on ppc64le for messages of length more than 255-byte. - update to NSS 3.66 * bmo#1710716 - Remove Expired Sonera Class2 CA from NSS. * bmo#1710716 - Remove Expired Root Certificates from NSS - QuoVadis Root Certification Authority. * bmo#1708307 - Remove Trustis FPS Root CA from NSS. * bmo#1707097 - Add Certum Trusted Root CA to NSS. * bmo#1707097 - Add Certum EC-384 CA to NSS. * bmo#1703942 - Add ANF Secure Server Root CA to NSS. * bmo#1697071 - Add GLOBALTRUST 2020 root cert to NSS. * bmo#1712184 - NSS tools manpages need to be updated to reflect that sqlite is the default database. * bmo#1712230 - Don't build ppc-gcm.s with clang integrated assembler. * bmo#1712211 - Strict prototype error when trying to compile nss code that includes blapi.h. * bmo#1710773 - NSS needs FIPS 180-3 FIPS indicators. * bmo#1709291 - Add VerifyCodeSigningCertificateChain. * Use GNU tar for the release helper script. - update to NSS 3.65 * bmo#1709654 - Update for NetBSD configuration. * bmo#1709750 - Disable HPKE test when fuzzing. * bmo#1566124 - Optimize AES-GCM for ppc64le. * bmo#1699021 - Add AES-256-GCM to HPKE. * bmo#1698419 - ECH -10 updates. * bmo#1692930 - Update HPKE to final version. * bmo#1707130 - NSS should use modern algorithms in PKCS#12 files by default. * bmo#1703936 - New coverity/cpp scanner errors. * bmo#1697303 - NSS needs to update it's csp clearing to FIPS 180-3 standards. * bmo#1702663 - Need to support RSA PSS with Hashing PKCS #11 Mechanisms. * bmo#1705119 - Deadlock when using GCM and non-thread safe tokens. - refreshed patches - Firefox 90.0 requires NSS 3.66 - update to NSS 3.64 * bmo#1705286 - Properly detect mips64. * bmo#1687164 - Introduce NSS_DISABLE_CRYPTO_VSX and disable_crypto_vsx. * bmo#1698320 - replace __builtin_cpu_supports(&quot;/vsx&quot;/) with ppc_crypto_support() for clang. * bmo#1613235 - Add POWER ChaCha20 stream cipher vector acceleration. - update to NSS 3.63.1 * no upstream release notes for 3.63.1 (yet) Fixed in 3.63 * bmo#1697380 - Make a clang-format run on top of helpful contributions. * bmo#1683520 - ECCKiila P384, change syntax of nested structs initialization to prevent build isses with GCC 4.8. * bmo#1683520 - [lib/freebl/ecl] P-384: allow zero scalars in dual scalar multiplication. * bmo#1683520 - ECCKiila P521, change syntax of nested structs initialization to prevent build isses with GCC 4.8. * bmo#1683520 - [lib/freebl/ecl] P-521: allow zero scalars in dual scalar multiplication. * bmo#1696800 - HACL* update March 2021 - c95ab70fcb2bc21025d8845281bc4bc8987ca683. * bmo#1694214 - tstclnt can't enable middlebox compat mode. * bmo#1694392 - NSS does not work with PKCS #11 modules not supporting profiles. * bmo#1685880 - Minor fix to prevent unused variable on early return. * bmo#1685880 - Fix for the gcc compiler version 7 to support setenv with nss build. * bmo#1693217 - Increase nssckbi.h version number for March 2021 batch of root CA changes, CA list version 2.48. * bmo#1692094 - Set email distrust after to 21-03-01 for Camerfirma's 'Chambers of Commerce' and 'Global Chambersign' roots. * bmo#1618407 - Symantec root certs - Set CKA_NSS_EMAIL_DISTRUST_AFTER. * bmo#1693173 - Add GlobalSign R45, E45, R46, and E46 root certs to NSS. * bmo#1683738 - Add AC RAIZ FNMT-RCM SERVIDORES SEGUROS root cert to NSS. * bmo#1686854 - Remove GeoTrust PCA-G2 and VeriSign Universal root certs from NSS. * bmo#1687822 - Turn off Websites trust bit for the “Staat der Nederlanden Root CA - G3” root cert in NSS. * bmo#1692094 - Turn off Websites Trust Bit for 'Chambers of Commerce Root - 2008' and 'Global Chambersign Root - 2008’. * bmo#1694291 - Tracing fixes for ECH. - required for Firefox 88 - update to NSS 3.62 * bmo#1688374 - Fix parallel build NSS-3.61 with make * bmo#1682044 - pkix_Build_GatherCerts() + pkix_CacheCert_Add() can corrupt &quot;/cachedCertTable&quot;/ * bmo#1690583 - Fix CH padding extension size calculation * bmo#1690421 - Adjust 3.62 ABI report formatting for new libabigail * bmo#1690421 - Install packaged libabigail in docker-builds image * bmo#1689228 - Minor ECH -09 fixes for interop testing, fuzzing * bmo#1674819 - Fixup a51fae403328, enum type may be signed * bmo#1681585 - Add ECH support to selfserv * bmo#1681585 - Update ECH to Draft-09 * bmo#1678398 - Add Export/Import functions for HPKE context * bmo#1678398 - Update HPKE to draft-07 - required for Firefox 87 - Add nss-btrfs-sqlite.patch to address bmo#1690232 - update to NSS 3.61 * required for Firefox 86 * bmo#1682071 - Fix issue with IKE Quick mode deriving incorrect key values under certain conditions. * bmo#1684300 - Fix default PBE iteration count when NSS is compiled with NSS_DISABLE_DBM. * bmo#1651411 - Improve constant-timeness in RSA operations. * bmo#1677207 - Upgrade Google Test version to latest release. * bmo#1654332 - Add aarch64-make target to nss-try. - update to NSS 3.60.1 Notable changes in NSS 3.60: * TLS 1.3 Encrypted Client Hello (draft-ietf-tls-esni-08) support has been added, replacing the previous ESNI (draft-ietf-tls-esni-01) implementation. See bmo#1654332 for more information. * December 2020 batch of Root CA changes, builtins library updated to version 2.46. See bmo#1678189, bmo#1678166, and bmo#1670769 for more information. - removed obsolete ppc-old-abi-v3.patch - update to NSS 3.59.1 * bmo#1679290 - Fix potential deadlock with certain third-party PKCS11 modules - update to NSS 3.59 Notable changes * Exported two existing functions from libnss: CERT_AddCertToListHeadWithData and CERT_AddCertToListTailWithData Bugfixes * bmo#1607449 - Lock cert-&gt;nssCertificate to prevent a potential data race * bmo#1672823 - Add Wycheproof test cases for HMAC, HKDF, and DSA * bmo#1663661 - Guard against NULL token in nssSlot_IsTokenPresent * bmo#1670835 - Support enabling and disabling signatures via Crypto Policy * bmo#1672291 - Resolve libpkix OCSP failures on SHA1 self-signed root certs when SHA1 signatures are disabled. * bmo#1644209 - Fix broken SelectedCipherSuiteReplacer filter to solve some test intermittents * bmo#1672703 - Tolerate the first CCS in TLS 1.3 to fix a regression in our CVE-2020-25648 fix that broke purple-discord (boo#1179382) * bmo#1666891 - Support key wrap/unwrap with RSA-OAEP * bmo#1667989 - Fix gyp linking on Solaris * bmo#1668123 - Export CERT_AddCertToListHeadWithData and CERT_AddCertToListTailWithData from libnss * bmo#1634584 - Set CKA_NSS_SERVER_DISTRUST_AFTER for Trustis FPS Root CA * bmo#1663091 - Remove unnecessary assertions in the streaming ASN.1 decoder that affected decoding certain PKCS8 private keys when using NSS debug builds * bmo#670839 - Use ARM crypto extension for AES, SHA1 and SHA2 on MacOS. - update to NSS 3.58 Bugs fixed: * bmo#1641480 (CVE-2020-25648) Tighten CCS handling for middlebox compatibility mode. * bmo#1631890 - Add support for Hybrid Public Key Encryption (draft-irtf-cfrg-hpke) support for TLS Encrypted Client Hello (draft-ietf-tls-esni). * bmo#1657255 - Add CI tests that disable SHA1/SHA2 ARM crypto extensions. * bmo#1668328 - Handle spaces in the Python path name when using gyp on Windows. * bmo#1667153 - Add PK11_ImportDataKey for data object import. * bmo#1665715 - Pass the embedded SCT list extension (if present) to TrustDomain::CheckRevocation instead of the notBefore value. - install libraries in %{_libdir} (boo#1029961) - Fix build with RPM 4.16: error: bare words are no longer supported, please use &quot;/...&quot;/: lib64 == lib64. - update to NSS 3.57 * The following CA certificates were Added: bmo#1663049 - CN=Trustwave Global Certification Authority SHA-256 Fingerprint: 97552015F5DDFC3C8788C006944555408894450084F100867086BC1A2BB58DC8 bmo#1663049 - CN=Trustwave Global ECC P256 Certification Authority SHA-256 Fingerprint: 945BBC825EA554F489D1FD51A73DDF2EA624AC7019A05205225C22A78CCFA8B4 bmo#1663049 - CN=Trustwave Global ECC P384 Certification Authority SHA-256 Fingerprint: 55903859C8C0C3EBB8759ECE4E2557225FF5758BBD38EBD48276601E1BD58097 * The following CA certificates were Removed: bmo#1651211 - CN=EE Certification Centre Root CA SHA-256 Fingerprint: 3E84BA4342908516E77573C0992F0979CA084E4685681FF195CCBA8A229B8A76 bmo#1656077 - O=Government Root Certification Authority; C=TW SHA-256 Fingerprint: 7600295EEFE85B9E1FD624DB76062AAAAE59818A54D2774CD4C0B2C01131E1B3 * Trust settings for the following CA certificates were Modified: bmo#1653092 - CN=OISTE WISeKey Global Root GA CA Websites (server authentication) trust bit removed. * https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.57_release_notes - requires NSPR 4.29 - removed obsolete nss-freebl-fix-aarch64.patch (bmo#1659256) - introduced _constraints due to high memory requirements especially for LTO on Tumbleweed - Add patch to fix build on aarch64 - boo#1176934: * nss-freebl-fix-aarch64.patch - Update nss-fips-approved-crypto-non-ec.patch to match RC2 code being moved to deprecated/. - Remove nss-fix-dh-pkcs-derive-inverted-logic.patch. This was made obsolete by upstream changes. - Modifications for NIST SP 800-56Ar3 compliance. This adds checks and restricts Diffie-Hellman parameters in FIPS mode (bsc#1176173). New patches: * nss-fips-stricter-dh.patch * nss-fips-kdf-self-tests.patch - update to NSS 3.56 Notable changes * bmo#1650702 - Support SHA-1 HW acceleration on ARMv8 * bmo#1656981 - Use MPI comba and mulq optimizations on x86-64 MacOS. * bmo#1654142 - Add CPU feature detection for Intel SHA extension. * bmo#1648822 - Add stricter validation of DH keys in FIPS mode. * bmo#1656986 - Properly detect arm64 during GYP build architecture detection. * bmo#1652729 - Add build flag to disable RC2 and relocate to lib/freebl/deprecated. * bmo#1656429 - Correct RTT estimate used in 0-RTT anti-replay. * bmo#1588941 - Send empty certificate message when scheme selection fails. * bmo#1652032 - Fix failure to build in Windows arm64 makefile cross-compilation. * bmo#1625791 - Fix deadlock issue in nssSlot_IsTokenPresent. * bmo#1653975 - Fix 3.53 regression by setting &quot;/all&quot;/ as the default makefile target. * bmo#1659792 - Fix broken libpkix tests with unexpired PayPal cert. * bmo#1659814 - Fix interop.sh failures with newer tls-interop commit and dependencies. * bmo#1656519 - NSPR dependency updated to 4.28 - do not hard require mozilla-nss-certs-32bit via baselibs (boo#1176206) - update to NSS 3.55 Notable changes * P384 and P521 elliptic curve implementations are replaced with verifiable implementations from Fiat-Crypto [0] and ECCKiila [1]. * PK11_FindCertInSlot is added. With this function, a given slot can be queried with a DER-Encoded certificate, providing performance and usability improvements over other mechanisms. (bmo#1649633) * DTLS 1.3 implementation is updated to draft-38. (bmo#1647752) Relevant Bugfixes * bmo#1631583 (CVE-2020-6829, CVE-2020-12400) - Replace P384 and P521 with new, verifiable implementations from Fiat-Crypto and ECCKiila. * bmo#1649487 - Move overzealous assertion in VFY_EndWithSignature. * bmo#1631573 (CVE-2020-12401) - Remove unnecessary scalar padding. * bmo#1636771 (CVE-2020-12403) - Explicitly disable multi-part ChaCha20 (which was not functioning correctly) and more strictly enforce tag length. * bmo#1649648 - Don't memcpy zero bytes (sanitizer fix). * bmo#1649316 - Don't memcpy zero bytes (sanitizer fix). * bmo#1649322 - Don't memcpy zero bytes (sanitizer fix). * bmo#1653202 - Fix initialization bug in blapitest when compiled with NSS_DISABLE_DEPRECATED_SEED. * bmo#1646594 - Fix AVX2 detection in makefile builds. * bmo#1649633 - Add PK11_FindCertInSlot to search a given slot for a DER-encoded certificate. * bmo#1651520 - Fix slotLock race in NSC_GetTokenInfo. * bmo#1647752 - Update DTLS 1.3 implementation to draft-38. * bmo#1649190 - Run cipher, sdr, and ocsp tests under standard test cycle in CI. * bmo#1649226 - Add Wycheproof ECDSA tests. * bmo#1637222 - Consistently enforce IV requirements for DES and 3DES. * bmo#1067214 - Enforce minimum PKCS#1 v1.5 padding length in RSA_CheckSignRecover. * bmo#1646324 - Advertise PKCS#1 schemes for certificates in the signature_algorithms extension. nss-fips-constructor-self-tests.patch - update to NSS 3.54 Notable changes * Support for TLS 1.3 external pre-shared keys (bmo#1603042). * Use ARM Cryptography Extension for SHA256, when available (bmo#1528113) * The following CA certificates were Added: bmo#1645186 - certSIGN Root CA G2. bmo#1645174 - e-Szigno Root CA 2017. bmo#1641716 - Microsoft ECC Root Certificate Authority 2017. bmo#1641716 - Microsoft RSA Root Certificate Authority 2017. * The following CA certificates were Removed: bmo#1645199 - AddTrust Class 1 CA Root. bmo#1645199 - AddTrust External CA Root. bmo#1641718 - LuxTrust Global Root 2. bmo#1639987 - Staat der Nederlanden Root CA - G2. bmo#1618402 - Symantec Class 2 Public Primary Certification Authority - G4. bmo#1618402 - Symantec Class 1 Public Primary Certification Authority - G4. bmo#1618402 - VeriSign Class 3 Public Primary Certification Authority - G3. * A number of certificates had their Email trust bit disabled. See bmo#1618402 for a complete list. Bugs fixed * bmo#1528113 - Use ARM Cryptography Extension for SHA256. * bmo#1603042 - Add TLS 1.3 external PSK support. * bmo#1642802 - Add uint128 support for HACL* curve25519 on Windows. * bmo#1645186 - Add &quot;/certSIGN Root CA G2&quot;/ root certificate. * bmo#1645174 - Add Microsec's &quot;/e-Szigno Root CA 2017&quot;/ root certificate. * bmo#1641716 - Add Microsoft's non-EV root certificates. * bmo1621151 - Disable email trust bit for &quot;/O=Government Root Certification Authority; C=TW&quot;/ root. * bmo#1645199 - Remove AddTrust root certificates. * bmo#1641718 - Remove &quot;/LuxTrust Global Root 2&quot;/ root certificate. * bmo#1639987 - Remove &quot;/Staat der Nederlanden Root CA - G2&quot;/ root certificate. * bmo#1618402 - Remove Symantec root certificates and disable email trust bit. * bmo#1640516 - NSS 3.54 should depend on NSPR 4.26. * bmo#1642146 - Fix undefined reference to `PORT_ZAlloc_stub' in seed.c. * bmo#1642153 - Fix infinite recursion building NSS. * bmo#1642638 - Fix fuzzing assertion crash. * bmo#1642871 - Enable SSL_SendSessionTicket after resumption. * bmo#1643123 - Support SSL_ExportEarlyKeyingMaterial with External PSKs. * bmo#1643557 - Fix numerous compile warnings in NSS. * bmo#1644774 - SSL gtests to use ClearServerCache when resetting self-encrypt keys. * bmo#1645479 - Don't use SECITEM_MakeItem in secutil.c. * bmo#1646520 - Stricter enforcement of ASN.1 INTEGER encoding. Package ncurses was updated: - Add patch bsc1190793-63ca9e06.patch to fix bsc#1190793 for CVE-2021-39537: ncurses: heap-based buffer overflow in _nc_captoinfo in captoinfo.c Package nfs-utils was updated: - Add mountstats_0_3.py and man page. mountstats_0_3 is mountstats from more recent a nfs-utils release. It add more functionality, but as there are possible incompatible changes, the old mountstats is left unchanged, and the new is provided with the new name. (bsc#1183297) - 0190-manpage-Add-a-description-of-the-nconnect-mount-opti.patch Improve nfs.man (bsc#1181651) - 0181-mountd-reject-unknown-client-IP-when-use_ipaddr.patch 0182-mountd-Don-t-proactively-add-export-info-when-fh-inf.patch 0183-mountd-add-logging-for-authentication-results-for-ac.patch 0184-mountd-add-cache-use-ipaddr-option-to-force-use_ipad.patch 0185-mountd-make-default-ttl-settable-by-option.patch Improve logging of authentication (bsc#1181540) Package ntp was updated: - bsc#1186431: Fix a typo in %post .- jsc#SLE-15482, ntp-clarify-interface.patch: Adjust the documentation to clarify that &quot;/interface ignore all&quot;/ does not cover the wildcard and localhost addresses. - Refactor the key handling in %post so that it does not overwrite user settings (bsc#1036505, bsc#1183513). Package openldap2-client was updated: - bsc#1193296 - Resolve double free in sssvlv overlay * 0223-ITS-8592-Fix-double-free-in-sssvlv-overlay.patch - bsc#1182408 CVE-2020-36230 - an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service. * 0218-ITS-9423-ldap_X509dn2bv-check-for-invalid-BER-after-.patch - bsc#1182411 CVE-2020-36229 - ldap_X509dn2bv crash in the X.509 DN parsing in ad_keystring, resulting in denial of service. * 0220-ITS-9425-add-more-checks-to-ldap_X509dn2bv.patch - bsc#1182412 CVE-2020-36228 - integer underflow leading to crash in the Certificate List Exact Assertion processing, resulting in denial of service. * 0221-ITS-9427-fix-issuerAndThisUpdateCheck.patch - bsc#1182413 CVE-2020-36227 - infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service. * 0222-ITS-9428-fix-cancel-exop.patch - bsc#1182416 CVE-2020-36225 - double free and slapd crash in the saslAuthzTo processing, resulting in denial of service. * 0216-ITS-9412-fix-AVA_Sort-on-invalid-RDN.patch - bsc#1182417 CVE-2020-36224 - invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service. * 0215-ITS-9409-saslauthz-use-slap_sl_free-in-prev-commit.patch * 0214-ITS-9409-saslauthz-use-ch_free-on-normalized-DN.patch - bsc#1182415 CVE-2020-36226 - memch-&gt;bv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service. * 0217-ITS-9413-fix-slap_parse_user.patch - bsc#1182419 CVE-2020-36222 - assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service. * 0211-ITS-9406-9407-remove-saslauthz-asserts.patch * 0212-ITS-9406-fix-debug-msg.patch - bsc#1182420 CVE-2020-36221 - slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck). * 0210-ITS-9404-fix-serialNumberAndIssuerCheck.patch * 0219-ITS-9424-fix-serialNumberAndIssuerSerialCheck.patch - bsc#1182418 CVE-2020-36223 - slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read). * 0213-ITS-9408-fix-vrfilter-double-free.patch - bsc#1182279 CVE-2021-27212 - an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime. * patch: 0209-ITS-9454-fix-issuerAndThisUpdateCheck.patch Package openslp was updated: - Implement automatic active discovery retries so that DAs do not get dropped if they are not reachable for some time [bnc#1166637] [bnc#1184008] new patch: openslp.unicastactivediscovery.diff Package openssh was updated: - Add openssh-bsc1190975-CVE-2021-41617-authorizedkeyscommand.patch (bsc#1190975, CVE-2021-41617), backported from upstream by Ali Abdallah. Package openssl was updated: - Other OpenSSL functions that print ASN.1 data have been found to assume that the ASN1_STRING byte array will be NUL terminated, even though this is not guaranteed for strings that have been directly constructed. Where an application requests an ASN.1 structure to be printed, and where that ASN.1 structure contains ASN1_STRINGs that have been directly constructed by the application without NUL terminating the &quot;/data&quot;/ field, then a read buffer overrun can occur. * CVE-2021-3712 continued * bsc#1189521 * Add CVE-2021-3712-other-ASN1_STRING-issues.patch * Sourced from openssl-CVE-2021-3712.tar.bz2 posted on bsc-1189521 2021-08-24 00:47 PDT by Marcus Meissner - The function X509_CERT_AUX_print() has a bug which may cause a read buffer overrun when printing certificate details. A malicious actor could construct a certificate to deliberately hit this bug, which may result in a crash of the application (causing a Denial of Service attack). * CVE-2021-3712 * bsc#1189521 * Add CVE-2021-3712-Fix-read-buffer-overrun-in-X509_CERT_AUX_print.patch - Security fixes: * Integer overflow in CipherUpdate: Incorrect SSLv2 rollback protection [bsc#1182333, CVE-2021-23840] * Null pointer deref in X509_issuer_and_serial_hash() [bsc#1182331, CVE-2021-23841] - Add openssl-CVE-2021-23840.patch openssl-CVE-2021-23841.patch Package pam was updated: - pam_cracklib: backported code to check whether the password contains a substring of of the user's name of at least &lt;N&gt; characters length in some form from SLE-15. This is enabled by the new parameter &quot;/usersubstr=&lt;N&gt;&quot;/ See https://github.com/libpwquality/libpwquality/commit/bfef79dbe6aa525e9557bf4b0a61e6dde12749c4 [jsc#SLE-21741, pam-pam_cracklib-add-usersubstr.patch] - Added tmpfiles for pam to set up directory for pam_faillock. [pam.conf] - Added pam_faillock to the set of modules. [jsc#sle-20638, pam-sle20638-add-pam_faillock.patch] - In the 32-bit compatibility package for 64-bit architectures, require &quot;/systemd-32bit&quot;/ to be also installed as it contains pam_systemd.so for 32 bit applications. [bsc#1185562, baselibs.conf] - pam_limits: &quot;/unlimited&quot;/ is not a legitimate value for &quot;/nofile&quot;/ (see setrlimit(2)). So, when &quot;/nofile&quot;/ is set to one of the &quot;/unlimited&quot;/ values, it is set to the contents of &quot;//proc/sys/fs/nr_open&quot;/ instead. Also changed the manpage of pam_limits to express this. [bsc#1181443, pam-bsc1181443-make-nofile-unlimited-mean-nr_open.patch] Package pcre was updated: - pcre 8.45 (the final release) * Fixed a small (*MARK) bug in the interpreter (Bugzilla #2771). - pcre 8.44 * Small patch to pcreposix.c to set the erroroffset field to -1 immediately after a successful compile, instead of at the start of matching to avoid a sanitizer complaint (regexec is supposed to be thread safe). * Check the size of the number after (?C as it is read, in order to avoid integer overflow. (bsc#1172974, CVE-2020-14155) * Tidy up left shifts to avoid sanitize warnings; also fix one NULL deference in pcretest. - pcre 8.43 * In a pattern such as /[^x{100}-x{ffff}]*[x80-xff]/ which has a repeated negative class with no characters less than 0x100 followed by a positive class with only characters less than 0x100, the first class was incorrectly being auto-possessified, causing incorrect match failures. * If the only branch in a conditional subpattern was anchored, the whole subpattern was treated as anchored, when it should not have been, since the assumed empty second branch cannot be anchored. Demonstrated by test patterns such as /(?(1)^())b/ or /(?(?=^))b/. * Fix subject buffer overread in JIT when UTF is disabled and X or R has a greater than 1 fixed quantifier. This issue was found by Yunho Kim. (bsc#1172973 CVE-2019-20838) * If a pattern started with a subroutine call that had a quantifier with a minimum of zero, an incorrect &quot;/match must start with this character&quot;/ could be recorded. Example: /(?&amp;xxx)*ABC(?&lt;xxx&gt;XYZ)/ would (incorrectly) expect 'A' to be the first character of a match. - pcre 8.42 * If a backreference with a minimum repeat count of zero was first in a pattern, apart from assertions, an incorrect first matching character could be recorded. For example, for the pattern /(?=(a))1?b/, &quot;/b&quot;/ was incorrectly set as the first character of a match. * Fix out-of-bounds read for partial matching of /./ against an empty string when the newline type is CRLF. * When matching using the the REG_STARTEND feature of the POSIX API with a non-zero starting offset, unset capturing groups with lower numbers than a group that did capture something were not being correctly returned as &quot;/unset&quot;/ (that is, with offset values of -1). * Matching the pattern /(*UTF)C[^v]+x80/ against an 8-bit string containing multi-code-unit characters caused bad behaviour and possibly a crash. This issue was fixed for other kinds of repeat in release 8.37 by change 38, but repeating character classes were overlooked. - pcre 8.41 * Fix a missing else in the JIT compiler (bsc#1025709 CVE-2017-6004) * A (?# style comment is now ignored between a basic quantifier and a following '+' or '?' (example: /X+(?#comment)?Y/. * Avoid use of a potentially overflowing buffer in pcregrep (patch by Petr Pisar). * In the 32-bit library in non-UTF mode, an attempt to find a Unicode property for a character with a code point greater than 0x10ffff (the Unicode maximum) caused a crash. (bsc#1030807 CVE-2017-7244) * The alternative matching function, pcre_dfa_exec() misbehaved if it encountered a character class with a possessive repeat, for example [a-f]{3}+. (bsc#1030066 CVE-2017-7186) * When pcretest called pcre_copy_substring() in 32-bit mode, it set the buffer length incorrectly, which could result in buffer overflow. (bsc#1030805 CVE-2017-7245, bsc#1030803 CVE-2017-7246) * Fix returned offsets from regexec() when REG_STARTEND is used with a starting offset greater than zero. - pcre 8.40 * Fix register overwite in JIT when SSE2 acceleration is enabled. * Ignore &quot;/show all captures&quot;/ (/=) for DFA matching. * Fix JIT unaligned accesses on x86. Patch by Marc Mutz. * In any wide-character mode (8-bit UTF or any 16-bit or 32-bit mode), without PCRE_UCP set, a negative character type such as D in a positive class should cause all characters greater than 255 to match, whatever else is in the class. There was a bug that caused this not to happen if a Unicode property item was added to such a class, for example [DP{Nd}] or [WpL]. * A pattern such as (?&lt;RA&gt;abc)(?(R)xyz) was incorrectly compiled such that the conditional was interpreted as a reference to capturing group 1 instead of a test for recursion. Any group whose name began with R was misinterpreted in this way. (The reference interpretation should only happen if the group's name is precisely &quot;/R&quot;/.) * A number of bugs have been mended relating to match start-up optimizations when the first thing in a pattern is a positive lookahead. These all applied only when PCRE_NO_START_OPTIMIZE was *not* set: (a) A pattern such as (?=.*X)X$ was incorrectly optimized as if it needed both an initial 'X' and a following 'X'. (b) Some patterns starting with an assertion that started with .* were incorrectly optimized as having to match at the start of the subject or after a newline. There are cases where this is not true, for example, (?=.*[A-Z])(?=.{8,16})(?!.*[s]) matches after the start in lines that start with spaces. Starting .* in an assertion is no longer taken as an indication of matching at the start (or after a newline). Package polkit was updated: - CVE-2021-4034: fixed a local privilege escalation in pkexec (bsc#1194568) added CVE-2021-4034-pkexec-fix.patch - CVE-2021-3560: fixed a local privilege escalation using polkit_system_bus_name_get_creds_sync() (bsc#1186497) CVE-2021-3560.patch Package psmisc was updated: - Change patch 0001-Use-mountinfo-to-be-able-to-use-the-mount-identity.patch * Fix bsc#1185208 to make private mount namespaces work as well as to distinguish NFS mounts from same remote device share. - Remove patch bsc1185208.patch as now solved in main patch/commit - Fix for SG#60627, bsc#1185208: * bsc1185208.patch: Don't list all processes from different private namespace when fuser is run on a NFS mount. - Change patch 0001-Use-mountinfo-to-be-able-to-use-the-mount-identity.patch * Fix bsc#1178407: fuser does not show open kvm storage image files such as qcow2 files. Patch from Ali Abdallah &lt;ali.abdallah@suse.com&gt; Package python was updated: - Set correct value of %python2_package_prefix to python (as expected on SLE-12). (bsc#1175619) - Add CVE-2019-20907_tarfile-inf-loop.patch fixing bsc#1174091 (CVE-2019-20907, bpo#39017) avoiding possible infinite loop in specifically crafted tarball. Add recursion.tar as a testing tarball for the patch. - Renamed patch for assigned CVE: * bpo44022-fix-http-client-infinite-line-reading-after-a-HTTP-100-Continue.patch -&gt; CVE-2021-3737-fix-HTTP-client-infinite-line-reading-after-a-HTTP-100-Continue.patch (boo#1189241, CVE-2021-3737) - Renamed patch for assigned CVE: * bpo43075-fix-ReDoS-in-request.patch -&gt; CVE-2021-3733-fix-ReDoS-in-request.patch (boo#1189287, CVE-2021-3733) - Fix python-doc build (bpo#35293): * sphinx-update-removed-function.patch - Update documentation formatting for Sphinx 3.0 (bpo#40204). - Add bpo43075-fix-ReDoS-in-request.patch which fixes ReDoS in request (bpo#43075, boo#1189287). - Add missing security announcement to bpo44022-fix-http-client-infinite-line-reading-after-a-HTTP-100-Continue.patch. - Add bpo44022-fix-http-client-infinite-line-reading-after-a-HTTP-100-Continue.patch which fixes http client infinite line reading (DoS) after a http 100 (bpo#44022, boo#1189241). - Modify Lib/ensurepip/__init__.py to contain the same version numbers as are in reality the ones in the bundled wheels (bsc#1187668). - Add CVE-2021-23336-only-amp-as-query-sep.patch which forbids use of semicolon as a query string separator (bpo#42967, bsc#1182379, CVE-2021-23336). - Add CVE-2021-3177-buf_ovrfl_PyCArg_repr.patch fixing bsc#1181126 (CVE-2021-3177) buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution. - (bsc#1180125) We really don't Require python-rpm-macros package. Unnecessary dependency. - Add patch configure_PYTHON_FOR_REGEN.patch which makes configure.ac to consider the correct version of PYTHON_FO_REGEN (bsc#1078326). - Use python3-Sphinx on anything more recent than SLE-15 (inclusive). - Update to 2.7.18, final release of Python 2. Ever.: - Newline characters have been escaped when performing uu encoding to prevent them from overflowing into to content section of the encoded file. This prevents malicious or accidental modification of data during the decoding process. - Fixes a ReDoS vulnerability in `http.cookiejar`. Patch by Ben Caller. - Fixed line numbers and column offsets for AST nodes for calls without arguments in decorators. - bsc#1155094 (CVE-2019-18348) Disallow control characters in hostnames in http.client. Such potentially malicious header injection URLs now cause a InvalidURL to be raised. - Fix urllib.urlretrieve failing on subsequent ftp transfers from the same host. - Fix problems identified by GCC's -Wstringop-truncation warning. - AddRefActCtx() was needlessly being checked for failure in PC/dl_nt.c. - Prevent failure of test_relative_path in test_py_compile on macOS Catalina. - Fixed possible leak in `PyArg_Parse` and similar functions for format units &quot;/es#&quot;/ and &quot;/et#&quot;/ when the macro `PY_SSIZE_T_CLEAN` is not defined. - Remove upstreamed patches: - CVE-2019-18348-CRLF_injection_via_host_part.patch - python-2.7.14-CVE-2017-1000158.patch - CVE-2018-14647_XML_SetHashSalt-in_elementtree.patch - CVE-2018-1061-DOS-via-regexp-difflib.patch - CVE-2019-10160-netloc-port-regression.patch - CVE-2019-16056-email-parse-addr.patch - Add CVE-2019-9674-zip-bomb.patch to improve documentation warning about dangers of zip-bombs and other security problems with zipfile library. (bsc#1162825 CVE-2019-9674) - Change to Requires: libpython%{so_version} == %{version}-%{release} to python-base to keep both packages always synchronized (add %{so_version}) (bsc#1162224). - Add CVE-2020-8492-urllib-ReDoS.patch fixing the security bug &quot;/Python urrlib allowed an HTTP server to conduct Regular Expression Denial of Service (ReDoS)&quot;/ (bsc#1162367) - Provide python-testsuite from devel subkg to ease py2-&gt;py3 dependencies - bsc#1109847 (CVE-2018-14647): add CVE-2018-14647_XML_SetHashSalt-in_elementtree.patch fixing bpo-34623. fixing bpo-35746 (CVE-2019-5010). Package python-base was updated: - Add CVE-2019-20907_tarfile-inf-loop.patch fixing bsc#1174091 (CVE-2019-20907, bpo#39017) avoiding possible infinite loop in specifically crafted tarball. Add recursion.tar as a testing tarball for the patch. - Renamed patch for assigned CVE: * bpo44022-fix-http-client-infinite-line-reading-after-a-HTTP-100-Continue.patch -&gt; CVE-2021-3737-fix-HTTP-client-infinite-line-reading-after-a-HTTP-100-Continue.patch (boo#1189241, CVE-2021-3737) - Renamed patch for assigned CVE: * bpo43075-fix-ReDoS-in-request.patch -&gt; CVE-2021-3733-fix-ReDoS-in-request.patch (boo#1189287, CVE-2021-3733) - Fix python-doc build (bpo#35293): * sphinx-update-removed-function.patch - Update documentation formatting for Sphinx 3.0 (bpo#40204). - Add bpo43075-fix-ReDoS-in-request.patch which fixes ReDoS in request (bpo#43075, boo#1189287). - Add missing security announcement to bpo44022-fix-http-client-infinite-line-reading-after-a-HTTP-100-Continue.patch. - Add bpo44022-fix-http-client-infinite-line-reading-after-a-HTTP-100-Continue.patch which fixes http client infinite line reading (DoS) after a http 100 (bpo#44022, boo#1189241). - Modify Lib/ensurepip/__init__.py to contain the same version numbers as are in reality the ones in the bundled wheels (bsc#1187668). - Add CVE-2021-23336-only-amp-as-query-sep.patch which forbids use of semicolon as a query string separator (bpo#42967, bsc#1182379, CVE-2021-23336). - Add CVE-2021-3177-buf_ovrfl_PyCArg_repr.patch fixing bsc#1181126 (CVE-2021-3177) buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution. - (bsc#1180125) We really don't Require python-rpm-macros package. Unnecessary dependency. - Add patch configure_PYTHON_FOR_REGEN.patch which makes configure.ac to consider the correct version of PYTHON_FO_REGEN (bsc#1078326). - Use python3-Sphinx on anything more recent than SLE-15 (inclusive). - Update to 2.7.18, final release of Python 2. Ever.: - Newline characters have been escaped when performing uu encoding to prevent them from overflowing into to content section of the encoded file. This prevents malicious or accidental modification of data during the decoding process. - Fixes a ReDoS vulnerability in `http.cookiejar`. Patch by Ben Caller. - Fixed line numbers and column offsets for AST nodes for calls without arguments in decorators. - bsc#1155094 (CVE-2019-18348) Disallow control characters in hostnames in http.client. Such potentially malicious header injection URLs now cause a InvalidURL to be raised. - Fix urllib.urlretrieve failing on subsequent ftp transfers from the same host. - Fix problems identified by GCC's -Wstringop-truncation warning. - AddRefActCtx() was needlessly being checked for failure in PC/dl_nt.c. - Prevent failure of test_relative_path in test_py_compile on macOS Catalina. - Fixed possible leak in `PyArg_Parse` and similar functions for format units &quot;/es#&quot;/ and &quot;/et#&quot;/ when the macro `PY_SSIZE_T_CLEAN` is not defined. - Remove upstreamed patches: - CVE-2019-18348-CRLF_injection_via_host_part.patch - python-2.7.14-CVE-2017-1000158.patch - CVE-2018-14647_XML_SetHashSalt-in_elementtree.patch - CVE-2018-1061-DOS-via-regexp-difflib.patch - CVE-2019-10160-netloc-port-regression.patch - CVE-2019-16056-email-parse-addr.patch - Add CVE-2019-9674-zip-bomb.patch to improve documentation warning about dangers of zip-bombs and other security problems with zipfile library. (bsc#1162825 CVE-2019-9674) - Change to Requires: libpython%{so_version} == %{version}-%{release} to python-base to keep both packages always synchronized (add %{so_version}) (bsc#1162224). - Add CVE-2020-8492-urllib-ReDoS.patch fixing the security bug &quot;/Python urrlib allowed an HTTP server to conduct Regular Expression Denial of Service (ReDoS)&quot;/ (bsc#1162367) - Provide python-testsuite from devel subkg to ease py2-&gt;py3 dependencies - bsc#1109847 (CVE-2018-14647): add CVE-2018-14647_XML_SetHashSalt-in_elementtree.patch fixing bpo-34623. fixing bpo-35746 (CVE-2019-5010). Package python-six was updated: - Update in SLE-12 (bsc#1176784, jsc#ECO-3105, jsc#PM-2352)- Fix testsuite on SLE-12 + Add python to BuildRequires for suse_version &lt; 1500 - Include in SLE-12 (FATE#326838, bsc#1113302) - build python3 subpackage (FATE#324435, bsc#1073879) - Submit 1.9.0 to SLE-12 (fate#319030, fate#318838, bsc#940812) - sanitize release line in specfile Package python3 was updated: - Add CVE-2021-3733-ReDoS-urllib-AbstractBasicAuthHandler.patch fixing ReDoS in urllib AbstractBasicAuthHandler (bsc#1189287, CVE-2021-3733, bpo#43075) - Add CVE-2021-3737-infinite-loop-on-100-Continue.patch fixing bpo-44022 (bsc#1189241, CVE-2021-3737): http.client now avoids infinitely reading potential HTTP headers after a 100 Continue status response from the server. - Reorder and better documented patches related to bpo#30458 (also, for rechecking solution for bsc#1129071). - Refresh patches: - CVE-2019-10160-netloc-port-regression.patch - CVE-2019-18348-CRLF_injection_via_host_part.patch - CVE-2019-9947-no-ctrl-char-http.patch - CVE-2020-8492-urllib-ReDoS.patch - Python-3.3.0b2-multilib.patch - python-3.6-CVE-2017-18207.patch - python3-urllib-prefer-lowercase-proxies.patch - subprocess-raise-timeout.patch - Modify Lib/ensurepip/__init__.py to contain the same version numbers as are in reality the ones in the bundled wheels (bsc#1187668). - Add CVE-2020-27619-no-eval-http-content.patch fixing CVE-2020-27619 (bsc#1178009), where Lib/test/multibytecodec_support calls eval() on content retrieved via HTTP. - Make sure to close the import_failed.map file after the exception has been raised in order to avoid ResourceWarnings when the failing import is part of a try...except block. - Add CVE-2021-23336-only-amp-as-query-sep.patch which forbids use of semicolon as a query string separator (bpo#42967, bsc#1182379, CVE-2021-23336). Package python3-base was updated: - Add CVE-2021-3733-ReDoS-urllib-AbstractBasicAuthHandler.patch fixing ReDoS in urllib AbstractBasicAuthHandler (bsc#1189287, CVE-2021-3733, bpo#43075) - Add CVE-2021-3737-infinite-loop-on-100-Continue.patch fixing bpo-44022 (bsc#1189241, CVE-2021-3737): http.client now avoids infinitely reading potential HTTP headers after a 100 Continue status response from the server. - Reorder and better documented patches related to bpo#30458 (also, for rechecking solution for bsc#1129071). - Refresh patches: - CVE-2019-10160-netloc-port-regression.patch - CVE-2019-18348-CRLF_injection_via_host_part.patch - CVE-2019-9947-no-ctrl-char-http.patch - CVE-2020-8492-urllib-ReDoS.patch - Python-3.3.0b2-multilib.patch - python-3.6-CVE-2017-18207.patch - python3-urllib-prefer-lowercase-proxies.patch - subprocess-raise-timeout.patch - Modify Lib/ensurepip/__init__.py to contain the same version numbers as are in reality the ones in the bundled wheels (bsc#1187668). - Add CVE-2020-27619-no-eval-http-content.patch fixing CVE-2020-27619 (bsc#1178009), where Lib/test/multibytecodec_support calls eval() on content retrieved via HTTP. - Make sure to close the import_failed.map file after the exception has been raised in order to avoid ResourceWarnings when the failing import is part of a try...except block. - Add CVE-2021-23336-only-amp-as-query-sep.patch which forbids use of semicolon as a query string separator (bpo#42967, bsc#1182379, CVE-2021-23336). Package release-notes-sles was updated: - 12.3.20211208 (tracked in bsc#933411)- Added note about unprivileged eBPF (jsc#DOCTEAM-433) - Added note about virtual users in vsftpd (jsc#SLE-12573) - Added note about LibreOffice 6.4 (jsc#SLE-11596) - Added note about Salt 3000 update (jsc#SLE-12830) - Added note about new kernel-firmware package (bsc#1143465) Package rsync was updated: - Fix a segmentation fault in iconv [bsc#1188258] * Add rsync-iconv-segfault.patch Package rsyslog was updated: - fix memory leak when internal messages not processed internally (bsc#1190483) * add 0001-core-bugfix-memory-leak-when-internal-messages-not-p.patch - fix memory leak in omfile (bsc#1189737) * add 0001-omfile-bugfix-file-handle-leak.patch - fix SIGSEV/SIGABRT in da-queue when using libfastjson (bsc#1187590) * add 0001-Fix-race-condition-related-to-libfastjson-when-using.patch - fix race in async writer (bsc#1179089) * add 0001-omfile-bugfix-race-file-when-async-writing-is-enable.patch Package ruby2 was updated: Add patches to fix the following CVE's: - CVE-2021-32066.patch (CVE-2021-32066): Fix StartTLS stripping vulnerability in Net:IMAP (bsc#1188160) - CVE-2021-31810.patch (CVE-2021-31810): Fix trusting FTP PASV responses vulnerability in Net:FTP (bsc#1188161) - CVE-2020-25613.patch (CVE-2020-25613): Fix potential HTTP request smuggling in WEBrick (bsc#1177125) - CVE-2021-31799.patch (CVE-2021-31799): Fix Command injection vulnerability in RDoc (bsc#1190375) Package samba was updated: - The username map [script] advice from CVE-2020-25717 advisory note has undesired side effects for the local nt token. Fallback to a SID/UID based mapping if the name based lookup fails; (bsc#1192849); (bso#14901). - CVE-2016-2124: SMB1 client connections can be downgraded to plaintext authentication (bsc#1014440); (bso#12444); - CVE-2020-25717: A user in an AD Domain could become root on domain members; (bsc#1192284); (bso#14556); - CVE-2021-20254 Buffer overrun in sids_to_unixids(); (bso#14571); (bsc#1184677). - Avoid free'ing our own pointer in memcache when memcache_trim attempts to reduce cache size; (bso#14625); (bnc#1179156). - Adjust smbcacls '--propagate-inheritance' feature to align with upstream; (bsc#1178469). Package sqlite3 was updated: - Sync version 3.36.0 from Factory to implement jsc#SLE-16032.- The following CVEs have been fixed in upstream releases up to this point, but were not mentioned in the change log so far: * bsc#1173641, CVE-2020-15358: heap-based buffer overflow in multiSelectOrderBy due to mishandling of query-flattener optimization * bsc#1164719, CVE-2020-9327: NULL pointer dereference and segmentation fault because of generated column optimizations in isAuxiliaryVtabOperator * bsc#1160439, CVE-2019-20218: selectExpander in select.c proceeds with WITH stack unwinding even after a parsing error * bsc#1160438, CVE-2019-19959: memory-management error via ext/misc/zipfile.c involving embedded '0' input * bsc#1160309, CVE-2019-19923: improper handling of certain uses of SELECT DISTINCT in flattenSubquery may lead to null pointer dereference * bsc#1159850, CVE-2019-19924: improper error handling in sqlite3WindowRewrite() * bsc#1159847, CVE-2019-19925: improper handling of NULL pathname during an update of a ZIP archive * bsc#1159715, CVE-2019-19926: improper handling of certain errors during parsing multiSelect in select.c * bsc#1159491, CVE-2019-19880: exprListAppendList in window.c allows attackers to trigger an invalid pointer dereference * bsc#1158960, CVE-2019-19603: during handling of CREATE TABLE and CREATE VIEW statements, does not consider confusion with a shadow table name * bsc#1158959, CVE-2019-19646: pragma.c mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns * bsc#1158958, CVE-2019-19645: alter.c allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements * bsc#1158812, CVE-2019-19317: lookupName in resolve.c omits bits from the colUsed bitmask in the case of a generated column, which allows attackers to cause a denial of service * bsc#1157818, CVE-2019-19244: sqlite3,sqlite2,sqlite: The function sqlite3Select in select.c allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage * bsc#928701, CVE-2015-3415: sqlite3VdbeExec comparison operator vulnerability * bsc#928700, CVE-2015-3414: sqlite3,sqlite2: dequoting of collation-sequence names * CVE-2020-13434 boo#1172115: integer overflow in sqlite3_str_vappendf * CVE-2020-13630 boo#1172234: use-after-free in fts3EvalNextRow * CVE-2020-13631 boo#1172236: virtual table allowed to be renamed to one of its shadow tables * CVE-2020-13632 boo#1172240: NULL pointer dereference via crafted matchinfo() query * CVE-2020-13435: Malicious SQL statements could have crashed the process that is running SQLite (boo#1172091) - Remove the following patches from there which are all upstream: * sqlite3-CVE-2017-10989.patch * sqlite3-CVE-2017-2518.patch, * sqlite3-CVE-2018-20346.patch, * sqlite3-CVE-2018-8740.patch, * sqlite3-CVE-2019-16168.patch, * sqlite3-CVE-2019-8457.patch, * sqlite3-journal-file.patch, * sqlite3-xFetch-null.patch, * sqlite3-CVE-2016-6153.patch Package sudo was updated: - Tenable Scan reports sudo is still vulnerable to CVE-2021-3156 [bsc#1183936] Package supportutils was updated: - Changes to version 3.0.10 + Adding ethtool options g l m to network.txt (jsc#SLE-18239) + lsof options to improve performance (bsc#1186687) + Exclude rhn.conf from etc.txt (bsc#1186347) - analyzevmcore supports local directories (bsc#1186397) - getappcore checks for valid compression binary (bsc#1185991) - getappcore does not trigger errors with help message (bsc#1185993) - Additions to version 3.0.9 + prevent running 'systool -vb memory' by default on systems with 16TB or more #57 (bsc#1127734) - Additions to version 3.0.9 + Checks package signatures in rpm.txt (bsc#1021918) + Optimizing find (bsc#1184911) - Using zypper --xmlout (bsc#1181351) - Error fix for sysfs.txt (bsc#1089870) - Additions to version 3.0.9 + Added drbd information and configuration details to drbd.txt (bsc#1063765) + Added list-timers and list-jobs to systemd.txt (bsc#1169348) + nfs4 in search (bsc#1184828) - Captures rotated logs with different compression methods (bsc#1179188) - Minor wording change in text - Removed deprecated mii-tool (bsc#1043601) - Added -u for HTTPS and -a for FTPES uploads to SUSE FTP servers (bsc#1051419) Package suse-module-tools was updated: - Update to version 12.6.1: Import kernel scriptlets from kernel-source * rpm-script: fix bad exit status in OpenQA (bsc#1191922) * cert-script: Deal with existing $cert.delete file (bsc#1191804). * cert-script: Ignore kernel keyring for kernel certificates (bsc#1191480). * cert-script: Only print mokutil output in verbose mode. * inkmp-script(postun): don't pass existing files to weak-modules2 (boo#1191200) * kernel-scriptlets: skip cert scriptlet on non-UEFI systems (boo#1191260) * rpm-script: link config also into /boot (boo#1189879) * Import kernel scriptlets from kernel-source. (bsc#1189841, bsc#1190598) * Provide &quot;/suse-kernel-rpm-scriptlets&quot;/ Package systemd was updated: - Added 1001-basic-unit-name-do-not-use-strdupa-on-a-path.patch (CVE-2021-33910 bsc#1188063) This patch will be moved to the git repo once the bug will become public. - Import commit 45e55ba407af6c95bb31ee6274a410221b270631 7ee5d00c35 mount-util: shorten the loop a bit (#7545) d11f9ecd26 mount-util: do not use the official MAX_HANDLE_SZ (#7523) 061ad6d042 mount-util: tape over name_to_handle_at() flakiness (#7517) (bsc#1184761) a3b6ac5b16 mount-util: fix bad indenting 2f1216da61 mount-util: EOVERFLOW might have other causes than buffer size issues 6aad8e1164 mount-util: fix error propagation in fd_fdinfo_mnt_id() 7f212aaf82 mount-util: drop exponential buffer growing in name_to_handle_at_loop() 575cd1cd59 udev: port udev_has_devtmpfs() to use path_get_mnt_id() 6e640e0f72 mount-util: add new path_get_mnt_id() call that queries the mnt ID of a path f897e6fa6b mount-util: add name_to_handle_at_loop() wrapper around name_to_handle_at() 9a99b8e39b mount-util: accept that name_to_handle_at() might fail with EPERM (#5499) 2d37137b9a basic: fallback to the fstat if we don't have access to the /proc/self/fdinfo - Import commit e41f1650e7f69f44569d5b27a7ca27b69b162792 514ffd3db7 sysusers: use the usual comment style 5aa120f089 test/TEST-21-SYSUSERS: add tests for new functionality 8e55e98aae sysusers: allow admin/runtime overrides to command-line config dca71da06a basic/strv: add function to insert items at position 0b0c80f431 sysusers: allow the shell to be specified 57cf9a6680 sysusers: move various user credential validity checks to src/basic/ cece58038d man: reformat table in sysusers.d(5) 579642f528 sysusers: take configuration as positional arguments c3b02cbec6 sysusers: emit a bit more info at debug level when locking fails e1beaac365 sysusers: allow force reusing existing user/group IDs (#8037) c4dc42a352 sysusers: ensure GID in uid:gid syntax exists 7a55d8caf3 sysusers: make ADD_GROUP always create a group 895392a9a4 test: add TEST-21-SYSUSERS test 753dc29ca0 sysuser: use OrderedHashmap 5275d4e204 sysusers: allow uid:gid in sysusers.conf files a15c051441 sysusers: fix memleak (#4430) These commits implement the option '--replace' for systemd-sysusers so %sysusers_create_package can be introduced in SLE and packages can rely on this rpm macro without wondering whether the macro is available on the different target the package is submitted to. - Expect 644 permissions for /usr/lib/udev/compat-symlink-generation (bsc#1185807) - Import commit 29b66d7e01845caec85e303e784ba216918715c1 b06adcab32 systemctl: add --value option e1f9d7b8f0 execute: make sure to call into PAM after initializing resource limits (bsc#1184967) d2396ab8b7 rlimit-util: introduce setrlimit_closest_all() d1e0854de9 system-conf: drop reference to ShutdownWatchdogUsec= 91110a7331 core: rename ShutdownWatchdogSec to RebootWatchdogSec (bsc#1185331) b249d10eb5 Return -EAGAIN instead of -EALREADY from unit_reload (bsc#1185046) - Import commit 0c74cd4d58ef31f346e1edb1be7692d61961897c 611376f830 rules: don't ignore Xen virtual interfaces anymore (bsc#1178561) 65f4fa852e write_net_rules: set execute bits (bsc#1178561) f60153e565 udev: rework network device renaming df31eb968a Revert &quot;/Revert &quot;/udev: network device renaming - immediately give up if the target name isn't available&quot;/&quot;/ - Import commit d7219f1b222f5ca3ff58701d413bf09fe8ce2e82 (bsc#1183790) b66e9a5e5a service: go through stop_post on failure (#4770) 8d4001767f service: only fail notify services on empty cgroup during start 322324c5e6 service: fix main processes exit behavior for type notify services fdb06bc393 service: introduce protocol error type 1a94e63978 core: when a service's ExecStartPre= times out, skip ExecStop= - Import commit fadcac5bb458e57306bd370995938af4c7ea05f8 832c6d3161 shutdown: bump kmsg log level to LOG_WARNING only 77fa130932 shutdown: rework bump_sysctl_printk_log_level() to use sysctl_writef() 17e2859d11 sysctl: add sysctl_writef() helper 0826c7395e shutdown: use &quot;/int&quot;/ for log level type d3345e5d0d killall: bump log message about unkilled processes to LOG_WARNING 408ad0aeed core/killall: Log the process names not killed after 10s 235fb3716f shutdown: Bump sysctl kernel.printk log level in order to see info msg 816497776a core/killall: Propagate errors and return the number of process left ea84ca6f13 shutdown: always pass errno to logging functions 28de6884a5 umount: beef up logging when umount/remount child processes fail 7954277e26 umount: Try unmounting even if remounting read-only failed 3e1b1be184 core: Implement sync_with_progress() (bsc#1178219) 748da3e5c7 core: Implement timeout based umount/remount limit (bsc#1178219) 705b3d7618 core: remove &quot;/misuse&quot;/ of getpgid() in systemd-shutdown 573617ed8a core: systemd-shutdown: avoid confusingly redundant messages f07ddb30ad core: systemd-shutdown: add missing check for umount_changed 016365166a umount: always use MNT_FORCE in umount_all() (#7213) f831b68e56 pid1: improve logging when failing to remount / ro (#5940) 4d1bbd1bc1 signal-util: use a slightly less likely to conflict variable name instead of 't' 447ed76ff9 shutdown: already sync IO before we enter the final killing spree 0a80b4a9ac shutdown: use (void) 8428aa0e6d shutdown: use 90s SIGKILL timeout 5cbaf621ca basic: mark unused variable as such a320b497db nss: block various signals while running NSS lookups 87b294baa5 core: free m-&gt;deserialized_subscribed on daemon-reexec 0ba5127071 PATCH] Always free deserialized_subscribed on reload (bsc#1180020) A bunch of commits which should improve the logs emitted by systemd-shutdown during the shutdown process when some badly written applications cannot be stopped properly and prevents some mount points to be unmounted properly. See bsc#1178219 for an example of such case. - Don't use shell redirections when calling a rpm macro (bsc#1183094) It's broken since the redirection is expanded where the parameters of the macro are, which can be anywhere in the body of macro. - systemd requires aaa_base &gt;= 13.2 This dependency is required because 'systemctl {is-enabled,enable,disable} &lt;initscript&gt;&quot;/ ends up calling systemd-sysv-install which in its turn calls &quot;/chkconfig - -no-systemctl&quot;/. aaa_base package has a weird versioning but the '--no-systemctl' option has been introduced starting from SLE12-SP2-GA, which shipped version &quot;/13.2+git20140911.61c1681&quot;/. Spotted in bsc#1180083. - Import commit 4eae068097b42f2fd2a942e637e91ba3c12b37af 386e85dcd3 core: Fix edge case when processing /proc/self/mountinfo (#7811) (bsc#1180596) 7be6e949dc udev: create /dev/disk/by-label symlink for LUKS2 (#8998) (bsc#1180885) 3bce298616 core: fix memory leak on reload (bsc#1180020) b24b36d76c journal: do not trigger assertion when journal_file_close() get NULL (bsc#1179824) 703c08e0ae udev: Fix sound.target dependency (bsc#1179363) 07dc6d987d rules: enable hardware-related targets also for user instances 5cfed8b620 scope: on unified, make sure to unwatch all PIDs once they've been moved to the cgroup scope 2710a4be38 core: serialize u-&gt;pids until the processes have been moved to the scope cgroup (bsc#1174436) d3b81a8940 core: make sure RequestStop signal is send directed bbe11f8400 time-util: treat /etc/localtime missing as UTC (bsc#1141597) Package tar was updated: - security update- added patches fix CVE-2021-20193 [bsc#1181131], Memory leak in read_header() in list.c + tar-CVE-2021-20193.patch Package tcsh was updated: - Modify patch tcsh-6.18.01-toolong.patch to avoid to be oom killed by broken history files (bsc#1192472) - Add patch tcsh-6.18.01-toolong.patch which is an upstream commit ported back to 6.18.01 to fix bsc#1179316 about history file growing Package telnet was updated: - Update Source location to use Gentoo mirror, fixes bsc#1129925- spec-cleaner used for cleaning the specfile up - url was repaired Package timezone was updated: - timezone update 2021e (bsc#1177460): * Palestine will fall back 10-29 (not 10-30) at 01:00 - timezone update 2021d: * Fiji suspends DST for the 2021/2022 season * 'zic -r' marks unspecified timestamps with &quot;/-00&quot;/ - timezone update 2021c: * Revert almost all of 2021b's changes to the 'backward' file * Fix a bug in 'zic -b fat' that caused old timestamps to be mishandled in 32-bit-only readers - timezone update 2021b: * Jordan now starts DST on February's last Thursday. * Samoa no longer observes DST. * Move some backward-compatibility links to 'backward'. * Rename Pacific/Enderbury to Pacific/Kanton. * Correct many pre-1993 transitions in Malawi, Portugal, etc. * zic now creates each output file or link atomically. * zic -L no longer omits the POSIX TZ string in its output. * zic fixes for truncation and leap second table expiration. * zic now follows POSIX for TZ strings using all-year DST. * Fix some localtime crashes and bugs in obscure cases. * zdump -v now outputs more-useful boundary cases. * tzfile.5 better matches a draft successor to RFC 8536. - Refresh tzdata-china.patch - Install tzdata.zi (bsc#1188127) Package util-linux was updated: - ipcutils: Avoid potential memory allocation overflow (bsc#1188921, CVE-2021-37600, util-linux-ipcutils-overflow-CVE-2021-37600.patch). - Fix ipcs testsuite (bsc#1178236#c19, util-linux-ipcs-shmall-overflow-ts.patch). - ipcs: Avoid overflows (bsc#1178236, util-linux-ipcs-shmall-overflow-1.patch, util-linux-ipcs-shmall-overflow-2.patch). - libblkid: Do not trigger CDROM autoclose (bsc#1084671, util-linux-libblkid-cdrom-autoclose-1.patch, util-linux-libblkid-cdrom-autoclose-2.patch, util-linux-libblkid-cdrom-autoclose-3.patch). - Modernize patch util-linux-sulogin4bsc1175514.patch * Try to autoconfigure broken serial lines - Add patch util-linux-sulogin4bsc1175514.patch Avoid sulogin failing on not existing or not functional console devices (bsc#1175514) - Build with libudev support to support non-root users (boo#1169006). - lscpu: avoid segfault on PowerPC systems with valid hardware configurations (bsc#1175623, bsc#1178554, bsc#1178825, lscpu-avoid-segfault-on-PowerPC-systems-with-valid-h.patch) - Fix for SG#57988, bsc#1174942: libmount-fix-mount-a-EBUSY-for-cifs.patch: Fix warning on mounts to CIFS with mount –a. - blockdev: Do not fail --report on kpartx-style partitions on multipath (bsc#1168235, util-linux-blockdev-report-dm.patch). - nologin: Add support for -c to prevent error from su -c (bsc#1151708, util-linux-nologin-su-c.patch). - Add libmount-Avoid-triggering-autofs-in-lookup_umount_fs.patch: Avoid triggering autofs in lookup_umount_fs_by_statfs (boo#1168389) - Issue a warning for outdated pam files (bsc#1082293, boo#1081947#c68). - Do not skip trim of file systems with bind mounts (boo1089529, util-linux-fstrim-a-bindmount.patch). - Do not trim read-only volumes (boo#1106214, util-linux-fstrim-RO.patch). - libmount: To prevent incorrect behavior, recognize more pseudofs and netfs (bsc#1122417, util-linux-libmount-pseudofs.patch). - Fix license of libraries: LGPL-2.1-or-later and BSD-3-Clause for libuuid (bsc#1135708). - raw.service: Add RemainAfterExit=yes (bsc#1135534). - agetty: Reload issue only if it is really needed (bsc#1085196, util-linux-agetty-smart-reload-01.patch, util-linux-agetty-smart-reload-02.patch, util-linux-agetty-smart-reload-03.patch, util-linux-agetty-smart-reload-04.patch, util-linux-agetty-smart-reload-05.patch, util-linux-agetty-smart-reload-06.patch, util-linux-agetty-smart-reload-07.patch, util-linux-agetty-smart-reload-08.patch, util-linux-agetty-smart-reload-09.patch, util-linux-agetty-smart-reload-10.patch, util-linux-agetty-smart-reload-11.patch, util-linux-agetty-smart-reload-12.patch). - agetty: Return previous response of agetty for special characters (bsc#1085196, bsc#1125886, util-linux-agetty-smart-reload-13.patch, util-linux-agetty-smart-reload-14.patch). - agetty BEHAVIOR CHANGE: Terminal switches to character mode when entering logname; echo is generated by the agetty itself. (In past, logname echo was generated locally by the terminal, using the canonical line editing mode.) Package util-linux-systemd was updated: - ipcutils: Avoid potential memory allocation overflow (bsc#1188921, CVE-2021-37600, util-linux-ipcutils-overflow-CVE-2021-37600.patch). - Fix ipcs testsuite (bsc#1178236#c19, util-linux-ipcs-shmall-overflow-ts.patch). - ipcs: Avoid overflows (bsc#1178236, util-linux-ipcs-shmall-overflow-1.patch, util-linux-ipcs-shmall-overflow-2.patch). - libblkid: Do not trigger CDROM autoclose (bsc#1084671, util-linux-libblkid-cdrom-autoclose-1.patch, util-linux-libblkid-cdrom-autoclose-2.patch, util-linux-libblkid-cdrom-autoclose-3.patch). - Modernize patch util-linux-sulogin4bsc1175514.patch * Try to autoconfigure broken serial lines - Add patch util-linux-sulogin4bsc1175514.patch Avoid sulogin failing on not existing or not functional console devices (bsc#1175514) - Build with libudev support to support non-root users (boo#1169006). - lscpu: avoid segfault on PowerPC systems with valid hardware configurations (bsc#1175623, bsc#1178554, bsc#1178825, lscpu-avoid-segfault-on-PowerPC-systems-with-valid-h.patch) - Fix for SG#57988, bsc#1174942: libmount-fix-mount-a-EBUSY-for-cifs.patch: Fix warning on mounts to CIFS with mount –a. - blockdev: Do not fail --report on kpartx-style partitions on multipath (bsc#1168235, util-linux-blockdev-report-dm.patch). - nologin: Add support for -c to prevent error from su -c (bsc#1151708, util-linux-nologin-su-c.patch). - Add libmount-Avoid-triggering-autofs-in-lookup_umount_fs.patch: Avoid triggering autofs in lookup_umount_fs_by_statfs (boo#1168389) - Issue a warning for outdated pam files (bsc#1082293, boo#1081947#c68). - Do not skip trim of file systems with bind mounts (boo1089529, util-linux-fstrim-a-bindmount.patch). - Do not trim read-only volumes (boo#1106214, util-linux-fstrim-RO.patch). - libmount: To prevent incorrect behavior, recognize more pseudofs and netfs (bsc#1122417, util-linux-libmount-pseudofs.patch). - Fix license of libraries: LGPL-2.1-or-later and BSD-3-Clause for libuuid (bsc#1135708). - raw.service: Add RemainAfterExit=yes (bsc#1135534). - agetty: Reload issue only if it is really needed (bsc#1085196, util-linux-agetty-smart-reload-01.patch, util-linux-agetty-smart-reload-02.patch, util-linux-agetty-smart-reload-03.patch, util-linux-agetty-smart-reload-04.patch, util-linux-agetty-smart-reload-05.patch, util-linux-agetty-smart-reload-06.patch, util-linux-agetty-smart-reload-07.patch, util-linux-agetty-smart-reload-08.patch, util-linux-agetty-smart-reload-09.patch, util-linux-agetty-smart-reload-10.patch, util-linux-agetty-smart-reload-11.patch, util-linux-agetty-smart-reload-12.patch). - agetty: Return previous response of agetty for special characters (bsc#1085196, bsc#1125886, util-linux-agetty-smart-reload-13.patch, util-linux-agetty-smart-reload-14.patch). - agetty BEHAVIOR CHANGE: Terminal switches to character mode when entering logname; echo is generated by the agetty itself. (In past, logname echo was generated locally by the terminal, using the canonical line editing mode.) Package xfsprogs was updated: - mkfs: don't treat files as though they are block devices (bsc#1186054) * add xfsprogs-mkfs-don-t-treat-files-as-though-they-are-block-devi.patch Package yast2 was updated: - Do not use the 'installation-helper' binary to create snapshots during installation or offline upgrade (bsc#1180142). - Add a new exception to properly handle exceptions when reading/writing snapshots numbers (related to bsc#1180142). - save_y2logs: save kernel messages and udev log (snwint@suse.de). Related to bsc#1089647 and bsc#1085212. - 3.2.46.2 Package yast2-installation was updated: - Do not crash when it is not possible to create a snapshot after installing or upgrading the system (bsc#1180142). - 3.2.57.1 Package yast2-pkg-bindings was updated: - Pkg.ProvidePackage() - download the latest package version from the repository, this ensures that the installer is updated with the latest packages from the installer updates repository (bsc#1185240) - 3.2.5.1 - Fixed Pkg.ExpandedUrl to return also the password part of the URL (bsc#1067007) - 3.2.5 Package yast2-update was updated: - Do not rely on the 'installation-helper' binary to create snapshots after installation or offline upgrade (bsc#1180142). - Do not crash when it is not possible to create a snapshot before upgrading the system (related to bsc#1180142). - 3.2.2.1 Package zsh was updated: - Add CVE-2018-0502_CVE-2018-13259.patch. Fixes CVE-2018-0502 and CVE-2018-13259 (bsc#1107296 and bsc#1107294). Package zypper was updated: - Add support for PTFs (jsc#SLE-17974)- version 1.13.60 - man: point out more clearly that patches update affected packages to the latest available version (bsc#1187466) - version 1.13.59 The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://publiccloudimagechangeinfo.suse.com/google/sles-12-sp3-byos-v20220126/ Public Cloud Image Info https://www.suse.com/support/security/rating/ SUSE Security Ratings Public Cloud Image google/sles-12-sp3-byos-v20220126 SUSEConnect-0.3.32-3.49.1 SuSEfirewall2-3.6.312.333-3.13.1 aaa_base-13.2+git20140911.61c1681-38.22.1 acl-2.2.52-7.3.1 at-3.1.14-8.9.1 at-spi2-core-2.20.2-14.3.1 attr-2.4.47-3.143 audit-2.8.1-8.8.1 augeas-1.2.0-17.3.1 augeas-lenses-1.2.0-17.3.1 autofs-5.0.9-28.15.1 autoyast2-installation-3.2.32.5-2.45.1 bash-4.3-83.29.1 bc-1.06.95-6.56 bind-libs-9.9.9P1-63.31.1 bind-utils-9.9.9P1-63.31.1 binutils-2.37-9.44.1 blktrace-1.0.5-8.5.74 blog-2.19-4.3.2 boost-license1_54_0-1.54.0-26.9.1 ca-certificates-1201403302107-6.2 ca-certificates-mozilla-2.44-12.34.1 cifs-utils-6.9-9.15.1 cloud-netconfig-gce-1.6-24.1 command-not-found-0.1.0-57.8 coreutils-8.25-13.10.1 cpio-2.11-36.15.1 cracklib-2.9.0-8.5.1 cracklib-dict-small-2.9.0-8.5.1 crash-7.1.8-4.15.6 cron-4.2-59.16.1 cronie-1.4.11-59.16.1 cryptconfig-0.3-92.14 cryptsetup-1.6.4-4.1 cups-libs-1.7.5-20.36.1 curl-7.37.0-37.70.1 cyrus-sasl-2.1.26-8.13.1 cyrus-sasl-digestmd5-2.1.26-8.13.1 cyrus-sasl-gssapi-2.1.26-8.13.1 cyrus-sasl-plain-2.1.26-8.13.1 cyrus-sasl-saslauthd-2.1.26-8.7.1 dbus-1-1.8.22-29.21.1 dbus-1-x11-1.8.22-29.21.1 dejavu-fonts-2.34-3.189 deltarpm-3.6.1-5.1 device-mapper-1.02.97-78.16.1 dhcp-4.3.3-10.22.1 dhcp-client-4.3.3-10.22.1 diffutils-3.3-5.4 dirmngr-1.1.1-13.1 dmidecode-3.0-10.3.1 dos2unix-6.0.4-1.133 dosfstools-3.0.26-6.5 dracut-44.2-114.28.1 e2fsprogs-1.42.11-16.6.1 elfutils-0.158-7.13.3 ethtool-4.5-11.7 expat-2.1.0-21.12.1 expect-5.45-18.56 fd0ssh-20140325-1.13 fdupes-1.61-7.1 file-5.22-10.21.1 file-magic-5.22-10.21.1 filesystem-13.1-14.15 fillup-1.42-270.64 findutils-4.5.12-7.1 fipscheck-1.2.0-9.3 fontconfig-2.11.1-7.1 fonts-config-20180430-6.8.1 fping-3.5-5.3.1 gamin-server-0.1.10-11.19 gawk-4.1.0-3.663 gettext-runtime-0.19.2-3.3.6 gio-branding-upstream-2.48.2-12.22.1 glibc-2.22-116.1 glibc-i18ndata-2.22-116.1 glibc-locale-2.22-116.1 google-guest-agent-20210414.0-1.20.1 google-guest-configs-20210317.0-1.11.1 google-guest-oslogin-20210728.0-1.20.1 google-opensans-fonts-1.0-9.128 google-osconfig-agent-20210506.0-1.11.1 gpg2-2.0.24-9.8.1 gptfdisk-0.8.8-1.38 grep-2.16-4.6.1 groff-1.22.2-7.3.1 growpart-0.31-4.14.2 growpart-rootgrow-1.0.3-1.6.1 grub2-2.02-132.1 grub2-i386-pc-2.02-132.1 gzip-1.6-9.3.1 hardlink-1.0-6.45 haveged-1.9.1-16.1 hwinfo-21.63-2.17.1 icmpinfo-1.11-710.63 info-4.13a-37.229 initviocons-0.5-101.62 insserv-compat-0.1-14.3.1 iproute2-4.4-15.6.25 iptables-1.4.21-6.1 iputils-s20121221-2.19 irqbalance-1.1.0-9.9.1 iscsiuio-0.7.8.2-53.31.1 kbd-2.0.4-8.10.2 kbd-legacy-2.0.4-8.10.2 kdump-0.8.16-7.28.1 kernel-default-4.4.180-94.150.1 kexec-tools-2.0.12-23.3.5 keyutils-1.5.9-3.29 klogd-1.4.1-778.1 kmod-17-9.12.1 kmod-compat-17-9.12.1 krb5-1.12.5-40.40.2 krb5-client-1.12.5-40.40.2 ksh-93vu-18.1 less-458-7.6.1 libHX28-3.18-1.19 libX11-6-1.6.2-12.21.1 libX11-data-1.6.2-12.21.1 libXau6-1.0.8-4.58 libXext6-1.3.2-4.3.1 libXtst6-1.2.2-7.1 libacl1-2.2.52-7.3.1 libadns1-1.4-103.3.1 libaio1-0.3.109-17.15 libapparmor1-2.8.2-51.27.1 libasm1-0.158-7.13.3 libassuan0-2.1.1-3.217 libatspi0-2.20.2-14.3.1 libattr1-2.4.47-3.143 libaudit1-2.8.1-8.8.1 libaugeas0-1.2.0-17.3.1 libauparse0-2.8.1-8.8.1 libavahi-client3-0.6.32-32.15.1 libavahi-common3-0.6.32-32.15.1 libblkid1-2.29.2-3.24.1 libboost_regex1_54_0-1.54.0-26.9.1 libbz2-1-1.0.6-30.14.1 libcamgm100-1.0.7-1.4 libcap-ng0-0.7.3-4.125 libcap2-2.26-14.6.1 libcom_err2-1.42.11-16.6.1 libcrack2-2.9.0-8.5.1 libcroco-0_6-3-0.6.11-12.3.1 libcryptmount0-2.14-5.3.1 libcryptsetup4-1.6.4-4.1 libcurl4-7.37.0-37.70.1 libdb-4_8-4.8.30-29.6 libdbus-1-3-1.8.22-29.21.1 libdcerpc-binding0-4.6.16+git.313.502515a5bfc-3.67.2 libdcerpc0-4.6.16+git.313.502515a5bfc-3.67.2 libdw1-0.158-7.13.3 libebl1-0.158-7.13.3 libedit0-3.1.snap20140620-1.13 libelf1-0.158-7.13.3 libesmtp-1.0.6-17.3.1 libestr0-0.1.9-1.54 libevent-2_0-5-2.0.21-6.3.1 libexpat1-2.1.0-21.12.1 libext2fs2-1.42.11-16.6.1 libfam0-gamin-0.1.10-11.25 libfastjson4-0.99.4-1.14 libfdisk1-2.29.2-3.24.1 libffi4-5.3.1+r233831-12.1 libfipscheck1-1.2.0-9.3 libfreetype6-2.6.3-7.18.1 libfuse2-2.9.3-6.3.1 libgcc_s1-11.2.1+git610-1.3.2 libgcrypt20-1.6.1-16.80.1 libgdbm4-1.1-9.7 libgio-2_0-0-2.48.2-12.22.1 libglib-2_0-0-2.48.2-12.22.1 libgmodule-2_0-0-2.48.2-12.22.1 libgmp10-5.1.3-4.3.1 libgobject-2_0-0-2.48.2-12.22.1 libgpg-error0-1.13-1.79 libhavege1-1.9.1-16.1 libicu52_1-52.1-8.10.1 libicu52_1-data-52.1-8.10.1 libidn11-1.28-5.6.1 libiptc0-1.4.21-6.1 libjson-c2-0.11-2.22 libkeyutils1-1.5.9-3.29 libkmod2-17-9.12.1 libksba8-1.3.0-23.1 libldap-2_4-2-2.4.41-18.86.1 libldapcpp1-0.3.1-4.75 libldb1-1.1.29-3.8.1 liblockdev1-1.0.3_git201003141408-27.1 liblogging0-1.0.4-1.6 liblua5_1-5.1.5-8.3.1 liblzma5-5.0.5-6.3.1 liblzo2-2-2.08-1.13 libmagic1-5.22-10.21.1 libmnl0-1.0.3-9.18 libmodman1-2.0.1-15.75 libmount1-2.29.2-3.24.1 libmozjs-17_0-17.0-13.2 libncurses5-5.9-75.1 libncurses6-5.9-75.1 libndr-krb5pac0-4.6.16+git.313.502515a5bfc-3.67.2 libndr-nbt0-4.6.16+git.313.502515a5bfc-3.67.2 libndr-standard0-4.6.16+git.313.502515a5bfc-3.67.2 libndr0-4.6.16+git.313.502515a5bfc-3.67.2 libnetapi0-4.6.16+git.313.502515a5bfc-3.67.2 libnetfilter_conntrack3-1.0.4-3.6 libnettle4-2.7.1-13.6.1 libnfnetlink0-1.0.1-6.58 libnl-config-3.2.23-4.4.6 libnl1-1.1.4-4.21 libnl3-200-3.2.23-4.4.6 libnuma1-2.0.9-9.1 libopeniscsiusr0_2_0-2.0.876-53.31.1 libopenssl1_0_0-1.0.2j-60.72.2 libp11-kit0-0.20.7-3.6.1 libparted0-3.1-35.6.1 libpcap1-1.8.1-10.3.1 libpci3-3.2.1-11.3.1 libpcre1-8.45-8.7.1 libpipeline1-1.2.6-1.2 libpng16-16-1.6.8-15.5.2 libpolkit0-0.113-5.24.1 libpopt0-1.16-26.128 libprocps3-3.3.9-11.24.1 libproxy1-0.4.13-18.3.1 libpth20-2.0.7-140.1 libpython2_7-1_0-2.7.18-28.77.1 libpython3_4m1_0-3.4.10-25.80.2 libqrencode3-3.4.3-1.31 libreadline6-6.3-83.29.1 libruby2_1-2_1-2.1.9-19.6.1 libsamba-credentials0-4.6.16+git.313.502515a5bfc-3.67.2 libsamba-errors0-4.6.16+git.313.502515a5bfc-3.67.2 libsamba-hostconfig0-4.6.16+git.313.502515a5bfc-3.67.2 libsamba-passdb0-4.6.16+git.313.502515a5bfc-3.67.2 libsamba-util0-4.6.16+git.313.502515a5bfc-3.67.2 libsamdb0-4.6.16+git.313.502515a5bfc-3.67.2 libsasl2-3-2.1.26-8.13.1 libseccomp2-2.4.1-11.3.2 libselinux1-2.5-8.79 libsemanage1-2.5-9.3.1 libsepol1-2.5-3.143 libsgutils2-2-1.43+46.4b09c76-16.26.1 libsmartcols1-2.29.2-3.24.1 libsmbconf0-4.6.16+git.313.502515a5bfc-3.67.2 libsmbldap0-4.6.16+git.313.502515a5bfc-3.67.2 libsmi-0.4.8-18.63 libsmi2-0.4.8-18.63 libsnappy1-1.1.3-1.2 libsolv-tools-0.6.38-2.36.4 libsqlite3-0-3.36.0-9.18.1 libssh2-1-1.4.3-20.14.1 libstdc++6-11.2.1+git610-1.3.2 libstorage-ruby-2.26.12.2-3.3.2 libstorage7-2.26.12.2-3.3.2 libsystemd0-228-150.98.1 libtalloc2-2.1.10-3.3.2 libtasn1-4.9-3.10.1 libtasn1-6-4.9-3.10.1 libtdb1-1.3.12-3.3.1 libtevent-util0-4.6.16+git.313.502515a5bfc-3.67.2 libtevent0-0.9.34-3.6.1 libtirpc-netconfig-1.0.1-17.13.1 libtirpc1-0.2.3-20.5 libtirpc3-1.0.1-17.13.1 libudev1-228-150.98.1 libunwind-1.1-11.3.1 libusb-0_1-4-0.1.13-29.13 libusb-1_0-0-1.0.20-5.3 libustr-1_0-1-1.0.4-31.197 libutempter0-1.1.6-5.114 libuuid1-2.29.2-3.24.1 libverto1-0.2.6-3.2.2 libwbclient0-4.6.16+git.313.502515a5bfc-3.67.2 libwrap0-7.6-886.3 libx86emu1-1.11-1.7 libxcb1-1.1-4.5.1 libxml2-2-2.9.4-46.46.1 libxtables10-1.4.21-6.1 libyaml-0-2-0.1.6-7.1 libyui-ncurses-pkg7-2.48.4.1-3.3.15 libyui-ncurses7-2.48.2-1.17 libyui7-3.2.9-1.3 libz1-1.2.8-12.3.1 libzio1-1.0-9.188 libzypp-16.22.3-33.1 lio-utils-4.1-17.9.1 lockdev-1.0.3_git201003141408-27.1 logrotate-3.11.0-2.17.1 lsof-4.89-27.5.1 lsscsi-0.29-7.3.1 lvm2-2.02.120-78.16.1 makedumpfile-1.6.1-3.9.1 man-2.6.6-4.3.1 man-pages-4.02-6.6.1 mozilla-nspr-4.32-19.18.1 mozilla-nss-certs-3.68.2-58.60.1 ncurses-utils-5.9-75.1 net-tools-1.6-765.5.4 netcat-openbsd-1.89-92.3.1 netcfg-11.5-29.1 nfs-client-1.3.0-34.31.1 nfs-kernel-server-1.3.0-34.31.1 nfsidmap-0.25-7.3.1 nscd-2.22-116.1 ntp-4.2.8p15-97.1 ofl-20140325-1.13 open-iscsi-2.0.876-53.31.1 openldap2-client-2.4.41-18.86.1 openslp-2.0.0-18.23.1 openssh-7.2p2-74.60.1 openssl-1.0.2j-60.72.2 opie-2.4-724.65 p11-kit-0.20.7-3.6.1 p11-kit-tools-0.20.7-3.6.1 pam-1.1.8-24.49.1 pam-config-0.89-5.3.2 pam-modules-12.1-25.4.5 pam_mount-2.14-5.3.1 parted-3.1-35.6.1 patterns-sles-Minimal-12-79.3.3 pciutils-3.2.1-11.3.1 pciutils-ids-2019.08.30-12.6.1 perl-5.18.2-12.23.1 perl-Bit-Vector-7.3-3.171 perl-Bootloader-0.923-3.9.1 perl-Carp-Clan-6.04-23.11 perl-Config-Crontab-1.33-8.19 perl-Config-IniFiles-2.82-3.14 perl-Crypt-SmbHash-0.12-156.12 perl-Date-Calc-6.3-25.1 perl-Digest-HMAC-1.03-18.16 perl-Digest-MD4-1.9-3.203 perl-Digest-SHA1-2.13-17.216 perl-List-MoreUtils-0.33-7.63 perl-Net-DNS-0.73-4.1 perl-Parse-RecDescent-1.967009-7.19 perl-Sub-Uplevel-0.240.0-11.19 perl-Test-Exception-0.32-3.14 perl-URI-1.6-7.19 perl-X500-DN-0.29-106.14 perl-XML-LibXML-2.0019-6.3.5 perl-XML-NamespaceSupport-1.11-21.13 perl-XML-Parser-2.41-21.14 perl-XML-SAX-0.99-22.8 perl-XML-SAX-Base-1.08-8.2 perl-XML-SAX-Expat-0.5-3.8 perl-XML-Simple-2.2-4.2 perl-XML-Writer-0.623-3.19 perl-base-5.18.2-12.23.1 perl-camgm-1.0.7-1.4 perl-gettext-1.05-163.126 permissions-2015.09.28.1626-17.27.1 pigz-2.3-5.1 pinentry-0.8.3-4.27 pkg-config-0.28-6.98 polkit-0.113-5.24.1 polkit-default-privs-13.2-22.9.1 prctl-1.5-17.61 procinfo-18-221.3.1 procps-3.3.9-11.24.1 psmisc-22.21-6.19.1 python-2.7.18-28.77.1 python-base-2.7.18-28.77.1 python-solv-0.6.38-2.36.4 python-talloc-2.1.10-3.3.2 python-xml-2.7.18-28.77.1 python3-3.4.10-25.80.2 python3-base-3.4.10-25.80.2 python3-gcemetadata-1.0.4-2.5.1 python3-packaging-17.1-2.7.1 python3-pyparsing-2.2.0-3.3.1 python3-setuptools-40.6.2-4.18.1 python3-six-1.14.0-13.6.1 quota-4.05-6.3.1 recode-3.6-663.62 release-notes-sles-12.3.20211208-2.27.1 rpcbind-0.2.3-24.9.1 rpm-4.11.2-16.21.1 rpm-python-4.11.2-16.21.1 rsh-0.17-731.12 rsync-3.1.0-13.16.1 rsyslog-8.24.0-3.55.1 ruby-2.1-1.6 ruby-common-2.1-19.1 ruby2.1-2.1.9-19.6.1 ruby2.1-rubygem-abstract_method-1.2.1-4.1 ruby2.1-rubygem-cfa-0.6.1-1.9 ruby2.1-rubygem-cfa_grub2-0.6.5-3.7.2 ruby2.1-rubygem-cheetah-0.5.0-4.1 ruby2.1-rubygem-fast_gettext-0.9.2-1.1 ruby2.1-rubygem-gem2rpm-0.10.1-4.1 ruby2.1-rubygem-ruby-augeas-0.5.0-1.4 ruby2.1-rubygem-ruby-dbus-0.9.3-3.6 ruby2.1-stdlib-2.1.9-19.6.1 samba-libs-4.6.16+git.313.502515a5bfc-3.67.2 scout-0.1.0-57.8 screen-4.0.4-23.6.1 sed-4.2.2-7.3.1 sg3_utils-1.43+46.4b09c76-16.26.1 shadow-4.2.1-27.19.1 shared-mime-info-1.6-11.3 sles-manuals_en-12.3-6.3.3 sles-release-12.3-4.3.1 strace-4.1-3.1 sudo-1.8.20p2-3.23.1 supportutils-3.0.10-95.48.1 supportutils-plugin-suse-public-cloud-1.0.5-6.10.1 suse-build-key-12.0-7.12.1 suse-module-tools-12.6.1-27.6.1 sysconfig-0.84.0-13.1 sysconfig-netconfig-0.84.0-13.1 sysfsutils-2.1.0-153.3.1 syslog-service-2.0-778.1 systemd-228-150.98.1 systemd-presets-branding-SLE-12.2-4.3.1 systemd-sysvinit-228-150.98.1 sysvinit-tools-2.88+-101.3.1 tar-1.27.1-15.9.1 tcl-8.6.7-3.3.3 tcpd-7.6-886.3 tcpdump-4.9.2-14.17.1 tcsh-6.18.01-8.20.1 telnet-1.2-167.7.1 terminfo-5.9-75.1 terminfo-base-5.9-75.1 timezone-2021e-74.55.1 udev-228-150.98.1 unzip-6.0-33.13.3 update-alternatives-1.18.4-16.3.1 util-linux-2.29.2-3.24.1 util-linux-systemd-2.29.2-3.24.1 vim-7.4.326-17.6.1 wget-1.14-21.10.1 which-2.2-3.18 wicked-0.6.64-38.40.1 wicked-service-0.6.64-38.40.1 x86info-1.29-11.55 xfsprogs-4.3.0-13.12.1 xinetd-2.3.15-8.8.1 xtables-plugins-1.4.21-6.1 xz-5.0.5-6.3.1 yast2-3.2.46.2-3.33.2 yast2-add-on-3.2.0-1.44 yast2-audit-laf-3.1.5-6.5 yast2-bootloader-3.2.27.3-2.12.1 yast2-ca-management-3.2.1-2.3.3 yast2-core-3.2.3-3.3.1 yast2-country-3.2.14-3.4.20 yast2-country-data-3.2.14-3.4.20 yast2-dbus-server-3.1.1-1.61 yast2-dhcp-server-3.2.2-1.106 yast2-dns-server-3.2.0-1.124 yast2-firewall-3.2.2-3.6.2 yast2-ftp-server-3.2.3-3.3.2 yast2-hardware-detection-3.1.8-1.39 yast2-http-server-3.2.2-1.85 yast2-inetd-3.1.13-4.6 yast2-installation-3.2.57.1-3.14.2 yast2-iscsi-client-3.1.32-3.6.1 yast2-iscsi-lio-server-3.2.2-3.5.1 yast2-isns-3.1.7-3.5 yast2-kdump-3.2.7-1.8 yast2-ldap-3.1.14-3.86 yast2-mail-3.1.12-3.3.1 yast2-network-3.2.58-2.50.1 yast2-nfs-client-3.1.18-5.1 yast2-nfs-common-3.1.9-5.5 yast2-nfs-server-3.1.9-5.5 yast2-nis-client-3.2.1-1.17 yast2-nis-server-3.1.4-5.6 yast2-ntp-client-3.2.18-2.13.1 yast2-online-update-3.1.11-3.3 yast2-online-update-frontend-3.1.11-3.3 yast2-packager-3.2.26.1-2.9.17 yast2-pam-3.1.2-3.21 yast2-perl-bindings-3.2.0-1.38 yast2-pkg-bindings-3.2.5.1-2.6.1 yast2-printer-3.2.0-1.65 yast2-proxy-3.1.8-5.6.1 yast2-registration-3.2.16.1-3.13.2 yast2-ruby-bindings-3.2.16-3.6.1 yast2-samba-client-3.1.19-1.8 yast2-samba-server-3.2.1-1.73 yast2-schema-3.2.0-1.161 yast2-security-3.2.3-6.5 yast2-services-manager-3.2.2-2.4.3 yast2-slp-3.1.11-1.85 yast2-slp-server-3.1.5-4.5 yast2-squid-3.1.5-5.6 yast2-storage-3.2.16.4-2.14.1 yast2-sudo-3.1.3-5.6.1 yast2-support-3.2.1-3.3.1 yast2-sysconfig-3.1.4-3.5 yast2-tftp-server-3.1.3-5.5 yast2-theme-SLE-3.2.3-1.3 yast2-trans-en_US-3.0.0-59.3 yast2-trans-stats-2.19.0-15.22 yast2-transfer-3.1.3-3.7 yast2-tune-3.2.1-3.3.1 yast2-update-3.2.2.1-3.5.3 yast2-users-3.2.15.3-3.22.1 yast2-xml-3.1.2-2.3.1 yast2-ycp-ui-bindings-3.2.0-1.23 yp-tools-2.14-6.1 zip-3.0-16.3.1 zsh-5.0.5-6.12.2 zypper-1.13.60-21.41.3 zypper-migration-plugin-0.1-12.4 SUSEConnect-0.3.32-3.49.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 SuSEfirewall2-3.6.312.333-3.13.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 aaa_base-13.2+git20140911.61c1681-38.22.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 acl-2.2.52-7.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 at-3.1.14-8.9.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 at-spi2-core-2.20.2-14.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 attr-2.4.47-3.143 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 audit-2.8.1-8.8.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 augeas-1.2.0-17.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 augeas-lenses-1.2.0-17.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 autofs-5.0.9-28.15.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 autoyast2-installation-3.2.32.5-2.45.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 bash-4.3-83.29.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 bc-1.06.95-6.56 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 bind-libs-9.9.9P1-63.31.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 bind-utils-9.9.9P1-63.31.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 binutils-2.37-9.44.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 blktrace-1.0.5-8.5.74 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 blog-2.19-4.3.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 boost-license1_54_0-1.54.0-26.9.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 ca-certificates-1201403302107-6.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 ca-certificates-mozilla-2.44-12.34.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 cifs-utils-6.9-9.15.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 cloud-netconfig-gce-1.6-24.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 command-not-found-0.1.0-57.8 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 coreutils-8.25-13.10.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 cpio-2.11-36.15.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 cracklib-2.9.0-8.5.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 cracklib-dict-small-2.9.0-8.5.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 crash-7.1.8-4.15.6 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 cron-4.2-59.16.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 cronie-1.4.11-59.16.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 cryptconfig-0.3-92.14 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 cryptsetup-1.6.4-4.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 cups-libs-1.7.5-20.36.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 curl-7.37.0-37.70.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 cyrus-sasl-2.1.26-8.13.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 cyrus-sasl-digestmd5-2.1.26-8.13.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 cyrus-sasl-gssapi-2.1.26-8.13.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 cyrus-sasl-plain-2.1.26-8.13.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 cyrus-sasl-saslauthd-2.1.26-8.7.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 dbus-1-1.8.22-29.21.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 dbus-1-x11-1.8.22-29.21.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 dejavu-fonts-2.34-3.189 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 deltarpm-3.6.1-5.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 device-mapper-1.02.97-78.16.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 dhcp-4.3.3-10.22.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 dhcp-client-4.3.3-10.22.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 diffutils-3.3-5.4 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 dirmngr-1.1.1-13.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 dmidecode-3.0-10.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 dos2unix-6.0.4-1.133 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 dosfstools-3.0.26-6.5 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 dracut-44.2-114.28.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 e2fsprogs-1.42.11-16.6.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 elfutils-0.158-7.13.3 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 ethtool-4.5-11.7 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 expat-2.1.0-21.12.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 expect-5.45-18.56 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 fd0ssh-20140325-1.13 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 fdupes-1.61-7.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 file-5.22-10.21.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 file-magic-5.22-10.21.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 filesystem-13.1-14.15 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 fillup-1.42-270.64 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 findutils-4.5.12-7.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 fipscheck-1.2.0-9.3 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 fontconfig-2.11.1-7.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 fonts-config-20180430-6.8.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 fping-3.5-5.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 gamin-server-0.1.10-11.19 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 gawk-4.1.0-3.663 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 gettext-runtime-0.19.2-3.3.6 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 gio-branding-upstream-2.48.2-12.22.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 glibc-2.22-116.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 glibc-i18ndata-2.22-116.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 glibc-locale-2.22-116.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 google-guest-agent-20210414.0-1.20.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 google-guest-configs-20210317.0-1.11.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 google-guest-oslogin-20210728.0-1.20.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 google-opensans-fonts-1.0-9.128 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 google-osconfig-agent-20210506.0-1.11.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 gpg2-2.0.24-9.8.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 gptfdisk-0.8.8-1.38 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 grep-2.16-4.6.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 groff-1.22.2-7.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 growpart-0.31-4.14.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 growpart-rootgrow-1.0.3-1.6.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 grub2-2.02-132.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 grub2-i386-pc-2.02-132.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 gzip-1.6-9.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 hardlink-1.0-6.45 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 haveged-1.9.1-16.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 hwinfo-21.63-2.17.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 icmpinfo-1.11-710.63 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 info-4.13a-37.229 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 initviocons-0.5-101.62 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 insserv-compat-0.1-14.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 iproute2-4.4-15.6.25 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 iptables-1.4.21-6.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 iputils-s20121221-2.19 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 irqbalance-1.1.0-9.9.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 iscsiuio-0.7.8.2-53.31.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 kbd-2.0.4-8.10.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 kbd-legacy-2.0.4-8.10.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 kdump-0.8.16-7.28.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 kernel-default-4.4.180-94.150.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 kexec-tools-2.0.12-23.3.5 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 keyutils-1.5.9-3.29 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 klogd-1.4.1-778.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 kmod-17-9.12.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 kmod-compat-17-9.12.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 krb5-1.12.5-40.40.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 krb5-client-1.12.5-40.40.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 ksh-93vu-18.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 less-458-7.6.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libHX28-3.18-1.19 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libX11-6-1.6.2-12.21.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libX11-data-1.6.2-12.21.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libXau6-1.0.8-4.58 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libXext6-1.3.2-4.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libXtst6-1.2.2-7.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libacl1-2.2.52-7.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libadns1-1.4-103.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libaio1-0.3.109-17.15 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libapparmor1-2.8.2-51.27.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libasm1-0.158-7.13.3 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libassuan0-2.1.1-3.217 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libatspi0-2.20.2-14.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libattr1-2.4.47-3.143 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libaudit1-2.8.1-8.8.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libaugeas0-1.2.0-17.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libauparse0-2.8.1-8.8.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libavahi-client3-0.6.32-32.15.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libavahi-common3-0.6.32-32.15.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libblkid1-2.29.2-3.24.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libboost_regex1_54_0-1.54.0-26.9.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libbz2-1-1.0.6-30.14.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libcamgm100-1.0.7-1.4 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libcap-ng0-0.7.3-4.125 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libcap2-2.26-14.6.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libcom_err2-1.42.11-16.6.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libcrack2-2.9.0-8.5.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libcroco-0_6-3-0.6.11-12.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libcryptmount0-2.14-5.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libcryptsetup4-1.6.4-4.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libcurl4-7.37.0-37.70.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libdb-4_8-4.8.30-29.6 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libdbus-1-3-1.8.22-29.21.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libdcerpc-binding0-4.6.16+git.313.502515a5bfc-3.67.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libdcerpc0-4.6.16+git.313.502515a5bfc-3.67.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libdw1-0.158-7.13.3 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libebl1-0.158-7.13.3 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libedit0-3.1.snap20140620-1.13 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libelf1-0.158-7.13.3 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libesmtp-1.0.6-17.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libestr0-0.1.9-1.54 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libevent-2_0-5-2.0.21-6.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libexpat1-2.1.0-21.12.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libext2fs2-1.42.11-16.6.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libfam0-gamin-0.1.10-11.25 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libfastjson4-0.99.4-1.14 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libfdisk1-2.29.2-3.24.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libffi4-5.3.1+r233831-12.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libfipscheck1-1.2.0-9.3 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libfreetype6-2.6.3-7.18.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libfuse2-2.9.3-6.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libgcc_s1-11.2.1+git610-1.3.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libgcrypt20-1.6.1-16.80.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libgdbm4-1.1-9.7 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libgio-2_0-0-2.48.2-12.22.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libglib-2_0-0-2.48.2-12.22.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libgmodule-2_0-0-2.48.2-12.22.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libgmp10-5.1.3-4.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libgobject-2_0-0-2.48.2-12.22.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libgpg-error0-1.13-1.79 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libhavege1-1.9.1-16.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libicu52_1-52.1-8.10.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libicu52_1-data-52.1-8.10.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libidn11-1.28-5.6.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libiptc0-1.4.21-6.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libjson-c2-0.11-2.22 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libkeyutils1-1.5.9-3.29 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libkmod2-17-9.12.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libksba8-1.3.0-23.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libldap-2_4-2-2.4.41-18.86.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libldapcpp1-0.3.1-4.75 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libldb1-1.1.29-3.8.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 liblockdev1-1.0.3_git201003141408-27.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 liblogging0-1.0.4-1.6 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 liblua5_1-5.1.5-8.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 liblzma5-5.0.5-6.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 liblzo2-2-2.08-1.13 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libmagic1-5.22-10.21.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libmnl0-1.0.3-9.18 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libmodman1-2.0.1-15.75 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libmount1-2.29.2-3.24.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libmozjs-17_0-17.0-13.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libncurses5-5.9-75.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libncurses6-5.9-75.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libndr-krb5pac0-4.6.16+git.313.502515a5bfc-3.67.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libndr-nbt0-4.6.16+git.313.502515a5bfc-3.67.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libndr-standard0-4.6.16+git.313.502515a5bfc-3.67.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libndr0-4.6.16+git.313.502515a5bfc-3.67.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libnetapi0-4.6.16+git.313.502515a5bfc-3.67.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libnetfilter_conntrack3-1.0.4-3.6 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libnettle4-2.7.1-13.6.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libnfnetlink0-1.0.1-6.58 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libnl-config-3.2.23-4.4.6 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libnl1-1.1.4-4.21 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libnl3-200-3.2.23-4.4.6 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libnuma1-2.0.9-9.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libopeniscsiusr0_2_0-2.0.876-53.31.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libopenssl1_0_0-1.0.2j-60.72.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libp11-kit0-0.20.7-3.6.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libparted0-3.1-35.6.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libpcap1-1.8.1-10.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libpci3-3.2.1-11.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libpcre1-8.45-8.7.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libpipeline1-1.2.6-1.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libpng16-16-1.6.8-15.5.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libpolkit0-0.113-5.24.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libpopt0-1.16-26.128 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libprocps3-3.3.9-11.24.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libproxy1-0.4.13-18.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libpth20-2.0.7-140.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libpython2_7-1_0-2.7.18-28.77.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libpython3_4m1_0-3.4.10-25.80.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libqrencode3-3.4.3-1.31 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libreadline6-6.3-83.29.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libruby2_1-2_1-2.1.9-19.6.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libsamba-credentials0-4.6.16+git.313.502515a5bfc-3.67.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libsamba-errors0-4.6.16+git.313.502515a5bfc-3.67.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libsamba-hostconfig0-4.6.16+git.313.502515a5bfc-3.67.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libsamba-passdb0-4.6.16+git.313.502515a5bfc-3.67.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libsamba-util0-4.6.16+git.313.502515a5bfc-3.67.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libsamdb0-4.6.16+git.313.502515a5bfc-3.67.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libsasl2-3-2.1.26-8.13.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libseccomp2-2.4.1-11.3.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libselinux1-2.5-8.79 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libsemanage1-2.5-9.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libsepol1-2.5-3.143 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libsgutils2-2-1.43+46.4b09c76-16.26.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libsmartcols1-2.29.2-3.24.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libsmbconf0-4.6.16+git.313.502515a5bfc-3.67.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libsmbldap0-4.6.16+git.313.502515a5bfc-3.67.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libsmi-0.4.8-18.63 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libsmi2-0.4.8-18.63 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libsnappy1-1.1.3-1.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libsolv-tools-0.6.38-2.36.4 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libsqlite3-0-3.36.0-9.18.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libssh2-1-1.4.3-20.14.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libstdc++6-11.2.1+git610-1.3.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libstorage-ruby-2.26.12.2-3.3.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libstorage7-2.26.12.2-3.3.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libsystemd0-228-150.98.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libtalloc2-2.1.10-3.3.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libtasn1-4.9-3.10.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libtasn1-6-4.9-3.10.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libtdb1-1.3.12-3.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libtevent-util0-4.6.16+git.313.502515a5bfc-3.67.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libtevent0-0.9.34-3.6.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libtirpc-netconfig-1.0.1-17.13.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libtirpc1-0.2.3-20.5 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libtirpc3-1.0.1-17.13.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libudev1-228-150.98.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libunwind-1.1-11.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libusb-0_1-4-0.1.13-29.13 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libusb-1_0-0-1.0.20-5.3 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libustr-1_0-1-1.0.4-31.197 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libutempter0-1.1.6-5.114 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libuuid1-2.29.2-3.24.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libverto1-0.2.6-3.2.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libwbclient0-4.6.16+git.313.502515a5bfc-3.67.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libwrap0-7.6-886.3 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libx86emu1-1.11-1.7 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libxcb1-1.1-4.5.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libxml2-2-2.9.4-46.46.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libxtables10-1.4.21-6.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libyaml-0-2-0.1.6-7.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libyui-ncurses-pkg7-2.48.4.1-3.3.15 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libyui-ncurses7-2.48.2-1.17 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libyui7-3.2.9-1.3 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libz1-1.2.8-12.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libzio1-1.0-9.188 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 libzypp-16.22.3-33.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 lio-utils-4.1-17.9.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 lockdev-1.0.3_git201003141408-27.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 logrotate-3.11.0-2.17.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 lsof-4.89-27.5.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 lsscsi-0.29-7.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 lvm2-2.02.120-78.16.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 makedumpfile-1.6.1-3.9.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 man-2.6.6-4.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 man-pages-4.02-6.6.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 mozilla-nspr-4.32-19.18.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 mozilla-nss-certs-3.68.2-58.60.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 ncurses-utils-5.9-75.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 net-tools-1.6-765.5.4 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 netcat-openbsd-1.89-92.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 netcfg-11.5-29.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 nfs-client-1.3.0-34.31.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 nfs-kernel-server-1.3.0-34.31.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 nfsidmap-0.25-7.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 nscd-2.22-116.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 ntp-4.2.8p15-97.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 ofl-20140325-1.13 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 open-iscsi-2.0.876-53.31.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 openldap2-client-2.4.41-18.86.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 openslp-2.0.0-18.23.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 openssh-7.2p2-74.60.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 openssl-1.0.2j-60.72.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 opie-2.4-724.65 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 p11-kit-0.20.7-3.6.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 p11-kit-tools-0.20.7-3.6.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 pam-1.1.8-24.49.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 pam-config-0.89-5.3.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 pam-modules-12.1-25.4.5 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 pam_mount-2.14-5.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 parted-3.1-35.6.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 patterns-sles-Minimal-12-79.3.3 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 pciutils-3.2.1-11.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 pciutils-ids-2019.08.30-12.6.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 perl-5.18.2-12.23.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 perl-Bit-Vector-7.3-3.171 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 perl-Bootloader-0.923-3.9.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 perl-Carp-Clan-6.04-23.11 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 perl-Config-Crontab-1.33-8.19 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 perl-Config-IniFiles-2.82-3.14 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 perl-Crypt-SmbHash-0.12-156.12 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 perl-Date-Calc-6.3-25.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 perl-Digest-HMAC-1.03-18.16 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 perl-Digest-MD4-1.9-3.203 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 perl-Digest-SHA1-2.13-17.216 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 perl-List-MoreUtils-0.33-7.63 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 perl-Net-DNS-0.73-4.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 perl-Parse-RecDescent-1.967009-7.19 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 perl-Sub-Uplevel-0.240.0-11.19 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 perl-Test-Exception-0.32-3.14 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 perl-URI-1.6-7.19 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 perl-X500-DN-0.29-106.14 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 perl-XML-LibXML-2.0019-6.3.5 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 perl-XML-NamespaceSupport-1.11-21.13 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 perl-XML-Parser-2.41-21.14 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 perl-XML-SAX-0.99-22.8 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 perl-XML-SAX-Base-1.08-8.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 perl-XML-SAX-Expat-0.5-3.8 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 perl-XML-Simple-2.2-4.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 perl-XML-Writer-0.623-3.19 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 perl-base-5.18.2-12.23.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 perl-camgm-1.0.7-1.4 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 perl-gettext-1.05-163.126 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 permissions-2015.09.28.1626-17.27.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 pigz-2.3-5.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 pinentry-0.8.3-4.27 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 pkg-config-0.28-6.98 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 polkit-0.113-5.24.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 polkit-default-privs-13.2-22.9.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 prctl-1.5-17.61 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 procinfo-18-221.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 procps-3.3.9-11.24.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 psmisc-22.21-6.19.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 python-2.7.18-28.77.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 python-base-2.7.18-28.77.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 python-solv-0.6.38-2.36.4 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 python-talloc-2.1.10-3.3.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 python-xml-2.7.18-28.77.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 python3-3.4.10-25.80.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 python3-base-3.4.10-25.80.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 python3-gcemetadata-1.0.4-2.5.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 python3-packaging-17.1-2.7.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 python3-pyparsing-2.2.0-3.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 python3-setuptools-40.6.2-4.18.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 python3-six-1.14.0-13.6.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 quota-4.05-6.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 recode-3.6-663.62 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 release-notes-sles-12.3.20211208-2.27.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 rpcbind-0.2.3-24.9.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 rpm-4.11.2-16.21.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 rpm-python-4.11.2-16.21.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 rsh-0.17-731.12 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 rsync-3.1.0-13.16.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 rsyslog-8.24.0-3.55.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 ruby-2.1-1.6 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 ruby-common-2.1-19.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 ruby2.1-2.1.9-19.6.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 ruby2.1-rubygem-abstract_method-1.2.1-4.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 ruby2.1-rubygem-cfa-0.6.1-1.9 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 ruby2.1-rubygem-cfa_grub2-0.6.5-3.7.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 ruby2.1-rubygem-cheetah-0.5.0-4.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 ruby2.1-rubygem-fast_gettext-0.9.2-1.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 ruby2.1-rubygem-gem2rpm-0.10.1-4.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 ruby2.1-rubygem-ruby-augeas-0.5.0-1.4 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 ruby2.1-rubygem-ruby-dbus-0.9.3-3.6 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 ruby2.1-stdlib-2.1.9-19.6.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 samba-libs-4.6.16+git.313.502515a5bfc-3.67.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 scout-0.1.0-57.8 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 screen-4.0.4-23.6.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 sed-4.2.2-7.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 sg3_utils-1.43+46.4b09c76-16.26.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 shadow-4.2.1-27.19.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 shared-mime-info-1.6-11.3 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 sles-manuals_en-12.3-6.3.3 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 sles-release-12.3-4.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 strace-4.1-3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 sudo-1.8.20p2-3.23.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 supportutils-3.0.10-95.48.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 supportutils-plugin-suse-public-cloud-1.0.5-6.10.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 suse-build-key-12.0-7.12.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 suse-module-tools-12.6.1-27.6.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 sysconfig-0.84.0-13.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 sysconfig-netconfig-0.84.0-13.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 sysfsutils-2.1.0-153.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 syslog-service-2.0-778.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 systemd-228-150.98.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 systemd-presets-branding-SLE-12.2-4.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 systemd-sysvinit-228-150.98.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 sysvinit-tools-2.88+-101.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 tar-1.27.1-15.9.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 tcl-8.6.7-3.3.3 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 tcpd-7.6-886.3 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 tcpdump-4.9.2-14.17.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 tcsh-6.18.01-8.20.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 telnet-1.2-167.7.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 terminfo-5.9-75.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 terminfo-base-5.9-75.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 timezone-2021e-74.55.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 udev-228-150.98.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 unzip-6.0-33.13.3 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 update-alternatives-1.18.4-16.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 util-linux-2.29.2-3.24.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 util-linux-systemd-2.29.2-3.24.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 vim-7.4.326-17.6.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 wget-1.14-21.10.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 which-2.2-3.18 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 wicked-0.6.64-38.40.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 wicked-service-0.6.64-38.40.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 x86info-1.29-11.55 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 xfsprogs-4.3.0-13.12.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 xinetd-2.3.15-8.8.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 xtables-plugins-1.4.21-6.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 xz-5.0.5-6.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-3.2.46.2-3.33.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-add-on-3.2.0-1.44 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-audit-laf-3.1.5-6.5 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-bootloader-3.2.27.3-2.12.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-ca-management-3.2.1-2.3.3 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-core-3.2.3-3.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-country-3.2.14-3.4.20 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-country-data-3.2.14-3.4.20 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-dbus-server-3.1.1-1.61 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-dhcp-server-3.2.2-1.106 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-dns-server-3.2.0-1.124 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-firewall-3.2.2-3.6.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-ftp-server-3.2.3-3.3.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-hardware-detection-3.1.8-1.39 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-http-server-3.2.2-1.85 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-inetd-3.1.13-4.6 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-installation-3.2.57.1-3.14.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-iscsi-client-3.1.32-3.6.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-iscsi-lio-server-3.2.2-3.5.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-isns-3.1.7-3.5 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-kdump-3.2.7-1.8 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-ldap-3.1.14-3.86 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-mail-3.1.12-3.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-network-3.2.58-2.50.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-nfs-client-3.1.18-5.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-nfs-common-3.1.9-5.5 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-nfs-server-3.1.9-5.5 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-nis-client-3.2.1-1.17 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-nis-server-3.1.4-5.6 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-ntp-client-3.2.18-2.13.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-online-update-3.1.11-3.3 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-online-update-frontend-3.1.11-3.3 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-packager-3.2.26.1-2.9.17 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-pam-3.1.2-3.21 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-perl-bindings-3.2.0-1.38 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-pkg-bindings-3.2.5.1-2.6.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-printer-3.2.0-1.65 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-proxy-3.1.8-5.6.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-registration-3.2.16.1-3.13.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-ruby-bindings-3.2.16-3.6.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-samba-client-3.1.19-1.8 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-samba-server-3.2.1-1.73 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-schema-3.2.0-1.161 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-security-3.2.3-6.5 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-services-manager-3.2.2-2.4.3 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-slp-3.1.11-1.85 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-slp-server-3.1.5-4.5 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-squid-3.1.5-5.6 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-storage-3.2.16.4-2.14.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-sudo-3.1.3-5.6.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-support-3.2.1-3.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-sysconfig-3.1.4-3.5 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-tftp-server-3.1.3-5.5 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-theme-SLE-3.2.3-1.3 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-trans-en_US-3.0.0-59.3 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-trans-stats-2.19.0-15.22 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-transfer-3.1.3-3.7 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-tune-3.2.1-3.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-update-3.2.2.1-3.5.3 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-users-3.2.15.3-3.22.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-xml-3.1.2-2.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yast2-ycp-ui-bindings-3.2.0-1.23 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 yp-tools-2.14-6.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 zip-3.0-16.3.1 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 zsh-5.0.5-6.12.2 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 zypper-1.13.60-21.41.3 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 zypper-migration-plugin-0.1-12.4 as a component of Public Cloud Image google/sles-12-sp3-byos-v20220126 SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial of service (uninitialized memory access and application crash) or possibly have unspecified other impact via a crafted COLLATE clause, as demonstrated by COLLATE"""""""" at the end of a SELECT statement. CVE-2015-3414 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsqlite3-0-3.36.0-9.18.1 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 does not properly implement comparison operators, which allows context-dependent attackers to cause a denial of service (invalid free operation) or possibly have unspecified other impact via a crafted CHECK clause, as demonstrated by CHECK(0&O>O) in a CREATE TABLE statement. CVE-2015-3415 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsqlite3-0-3.36.0-9.18.1 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required. CVE-2016-2124 Public Cloud Image google/sles-12-sp3-byos-v20220126:libdcerpc-binding0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libdcerpc0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libndr-krb5pac0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libndr-nbt0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libndr-standard0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libndr0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libnetapi0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsamba-credentials0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsamba-errors0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsamba-hostconfig0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsamba-passdb0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsamba-util0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsamdb0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsmbconf0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsmbldap0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libtevent-util0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libwbclient0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:samba-libs-4.6.16+git.313.502515a5bfc-3.67.2 moderate 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N os_unix.c in SQLite before 3.13.0 improperly implements the temporary directory search algorithm, which might allow local users to obtain sensitive information, cause a denial of service (application crash), or have unspecified other impact by leveraging use of the current working directory for temporary files. CVE-2016-6153 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsqlite3-0-3.36.0-9.18.1 low 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-based buffer overflow (and possible arbitrary code execution) CVE-2017-1000158 Public Cloud Image google/sles-12-sp3-byos-v20220126:libpython2_7-1_0-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-base-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-xml-2.7.18-28.77.1 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other products, mishandles undersized RTree blobs in a crafted database, leading to a heap-based buffer over-read or possibly unspecified other impact. CVE-2017-10989 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsqlite3-0-3.36.0-9.18.1 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users for denial of service. CVE-2017-17862 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C ** DISPUTED ** The Wave_read._read_fmt_chunk function in Lib/wave.py in Python through 3.6.4 does not ensure a nonzero channel value, which allows attackers to cause a denial of service (divide-by-zero and exception) via a crafted wav format audio file. NOTE: the vendor disputes this issue because Python applications "need to be prepared to handle a wide variety of exceptions." CVE-2017-18207 Public Cloud Image google/sles-12-sp3-byos-v20220126:libpython3_4m1_0-3.4.10-25.80.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:python3-3.4.10-25.80.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:python3-base-3.4.10-25.80.2 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. watchOS before 3.2.2 is affected. The issue involves the "SQLite" component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted SQL statement. CVE-2017-2518 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsqlite3-0-3.36.0-9.18.1 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. CVE-2017-5753 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 important 4.7 AV:L/AC:M/Au:N/C:C/I:N/A:N The compile_bracket_matchingpath function in pcre_jit_compile.c in PCRE through 8.x before revision 1680 (e.g., the PHP 7.1.1 bundled version) allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted regular expression. CVE-2017-6004 Public Cloud Image google/sles-12-sp3-byos-v20220126:libpcre1-8.45-8.7.1 important 5 AV:N/AC:L/Au:N/C:N/I:N/A:P libpcre1 in PCRE 8.40 and libpcre2 in PCRE2 10.23 allow remote attackers to cause a denial of service (segmentation violation for read access, and application crash) by triggering an invalid Unicode property lookup. CVE-2017-7186 Public Cloud Image google/sles-12-sp3-byos-v20220126:libpcre1-8.45-8.7.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P The _pcre32_xclass function in pcre_xclass.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (invalid memory read) via a crafted file. CVE-2017-7244 Public Cloud Image google/sles-12-sp3-byos-v20220126:libpcre1-8.45-8.7.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Stack-based buffer overflow in the pcre32_copy_substring function in pcre_get.c in libpcre1 in PCRE 8.40 allows remote attackers to cause a denial of service (WRITE of size 4) or possibly have unspecified other impact via a crafted file. CVE-2017-7245 Public Cloud Image google/sles-12-sp3-byos-v20220126:libpcre1-8.45-8.7.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P An issue was discovered in zsh before 5.6. The beginning of a #! script file was mishandled, potentially leading to an execve call to a program named on the second line. CVE-2018-0502 Public Cloud Image google/sles-12-sp3-byos-v20220126:zsh-5.0.5-6.12.2 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.IS_LINE_JUNK method. An attacker could use this flaw to cause denial of service. CVE-2018-1061 Public Cloud Image google/sles-12-sp3-byos-v20220126:libpython2_7-1_0-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-base-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-xml-2.7.18-28.77.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P An issue was discovered in zsh before 5.6. Shebang lines exceeding 64 characters were truncated, potentially leading to an execve call to a program name that is a substring of the intended one. CVE-2018-13259 Public Cloud Image google/sles-12-sp3-byos-v20220126:zsh-5.0.5-6.12.2 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigger creation of a plain file whose group ownership is that group. The intended behavior was that the non-member can trigger creation of a directory (but not a plain file) whose group ownership is that group. The non-member can escalate privileges by making the plain file executable and SGID. CVE-2018-13405 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. This could make it easy to conduct denial of service attacks against Expat by constructing an XML document that would cause pathological hash collisions in Expat's internal data structures, consuming large amounts CPU and RAM. The vulnerability exists in Python versions 3.7.0, 3.6.0 through 3.6.6, 3.5.0 through 3.5.6, 3.4.0 through 3.4.9, 2.7.0 through 2.7.15. CVE-2018-14647 Public Cloud Image google/sles-12-sp3-byos-v20220126:libpython2_7-1_0-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-base-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-xml-2.7.18-28.77.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested(=1) virtualization is enabled. In nested_get_vmcs12_pages(), in case of an error while processing posted interrupt address, it unmaps the 'pi_desc_page' without resetting 'pi_desc' descriptor address, which is later used in pi_test_and_clear_on(). A guest user/process could use this flaw to crash the host kernel resulting in DoS or potentially gain privileged access to a system. Kernel versions before 4.14.91 and before 4.19.13 are vulnerable. CVE-2018-16882 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 important 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C An issue was discovered in GNU gettext 0.19.8. There is a double free in default_add_message in read-catalog.c, related to an invalid free in po_gram_parse in po-gram-gen.y, as demonstrated by lt-msgfmt. CVE-2018-18751 Public Cloud Image google/sles-12-sp3-byos-v20220126:gettext-runtime-0.19.2-3.3.6 low 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases), aka Magellan. CVE-2018-20346 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsqlite3-0-3.36.0-9.18.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. CVE-2018-3639 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 2.1 AV:L/AC:L/Au:N/C:P/I:N/A:N In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c. CVE-2018-8740 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsqlite3-0-3.36.0-9.18.1 low 5 AV:N/AC:L/Au:N/C:N/I:N/A:P A security regression of CVE-2019-9636 was discovered in python since commit d537ab0ff9767ef024f26246899728f0116b1ec3 affecting versions 2.7, 3.5, 3.6, 3.7 and from v3.8.0a4 through v3.8.0b1, which still allows an attacker to exploit CVE-2019-9636 by abusing the user and password parts of a URL. When an application parses user-supplied URLs to store cookies, authentication credentials, or other kind of information, it is possible for an attacker to provide specially crafted URLs to make the application locate host-related information (e.g. cookies, authentication data) and send them to a different host than where it should, unlike if the URLs had been correctly parsed. The result of an attack may vary based on the application. CVE-2019-10160 Public Cloud Image google/sles-12-sp3-byos-v20220126:libpython2_7-1_0-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:libpython3_4m1_0-3.4.10-25.80.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-base-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-xml-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:python3-3.4.10-25.80.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:python3-base-3.4.10-25.80.2 critical 5 AV:N/AC:L/Au:N/C:P/I:N/A:N An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. There is a heap-based buffer over-read in _bfd_doprnt in bfd.c because elf_object_p in elfcode.h mishandles an e_shstrndx section of type SHT_GROUP by omitting a trailing '\0' character. CVE-2019-12972 Public Cloud Image google/sles-12-sp3-byos-v20220126:binutils-2.37-9.44.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.32. simple_object_elf_match in simple-object-elf.c does not check for a zero shstrndx value, leading to an integer overflow and resultant heap-based buffer overflow. CVE-2019-14250 Public Cloud Image google/sles-12-sp3-byos-v20220126:binutils-2.37-9.44.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P apply_relocations in readelf.c in GNU Binutils 2.32 contains an integer overflow that allows attackers to trigger a write access violation (in byte_put_little_endian function in elfcomm.c) via an ELF file, as demonstrated by readelf. CVE-2019-14444 Public Cloud Image google/sles-12-sp3-byos-v20220126:binutils-2.37-9.44.1 low 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and implements some kind of checks on the From/To headers of a message could be tricked into accepting an email address that should be denied. An attack may be the same as in CVE-2019-11340; however, this CVE applies to Python more generally. CVE-2019-16056 Public Cloud Image google/sles-12-sp3-byos-v20220126:libpython2_7-1_0-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-base-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-xml-2.7.18-28.77.1 moderate 5 AV:N/AC:L/Au:N/C:P/I:N/A:N In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat1 sz field, aka a "severe division by zero in the query planner." CVE-2019-16168 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsqlite3-0-3.36.0-9.18.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P find_abstract_instance in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32, allows remote attackers to cause a denial of service (infinite recursion and application crash) via a crafted ELF file. CVE-2019-17450 Public Cloud Image google/sles-12-sp3-byos-v20220126:binutils-2.37-9.44.1 low 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an integer overflow leading to a SEGV in _bfd_dwarf2_find_nearest_line in dwarf2.c, as demonstrated by nm. CVE-2019-17451 Public Cloud Image google/sles-12-sp3-byos-v20220126:binutils-2.37-9.44.1 low 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P cdf_read_property_info in cdf.c in file through 5.37 does not restrict the number of CDF_VECTOR elements, which allows a heap-based buffer overflow (4-byte out-of-bounds write). CVE-2019-18218 Public Cloud Image google/sles-12-sp3-byos-v20220126:file-5.22-10.21.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:file-magic-5.22-10.21.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:libmagic1-5.22-10.21.1 critical 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P An issue was discovered in urllib2 in Python 2.x through 2.7.17 and urllib in Python 3.x through 3.8.0. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (specifically in the host component of a URL) followed by an HTTP header. This is similar to the CVE-2019-9740 query string issue and the CVE-2019-9947 path string issue. (This is not exploitable when glibc has CVE-2016-10739 fixed.). This is fixed in: v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1; v3.6.11, v3.6.11rc1, v3.6.12; v3.7.8, v3.7.8rc1, v3.7.9; v3.8.3, v3.8.3rc1, v3.8.4, v3.8.4rc1, v3.8.5, v3.8.6, v3.8.6rc1. CVE-2019-18348 Public Cloud Image google/sles-12-sp3-byos-v20220126:libpython2_7-1_0-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:libpython3_4m1_0-3.4.10-25.80.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-base-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-xml-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:python3-3.4.10-25.80.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:python3-base-3.4.10-25.80.2 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage. CVE-2019-19244 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsqlite3-0-3.36.0-9.18.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed bitmask in the case of a generated column, which allows attackers to cause a denial of service or possibly have unspecified other impact. CVE-2019-19317 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsqlite3-0-3.36.0-9.18.1 low 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P SQLite 3.30.1 mishandles certain SELECT statements with a nonexistent VIEW, leading to an application crash. CVE-2019-19603 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsqlite3-0-3.36.0-9.18.1 important 5 AV:N/AC:L/Au:N/C:N/I:N/A:P alter.c in SQLite through 3.30.1 allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements. CVE-2019-19645 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsqlite3-0-3.36.0-9.18.1 moderate 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns. CVE-2019-19646 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsqlite3-0-3.36.0-9.18.1 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled. CVE-2019-19880 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsqlite3-0-3.36.0-9.18.1 important 5 AV:N/AC:L/Au:N/C:N/I:N/A:P flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view. This can cause a NULL pointer dereference (or incorrect results). CVE-2019-19923 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsqlite3-0-3.36.0-9.18.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This is caused by incorrect sqlite3WindowRewrite() error handling. CVE-2019-19924 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsqlite3-0-3.36.0-9.18.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:P/A:N zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive. CVE-2019-19925 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsqlite3-0-3.36.0-9.18.1 low 5 AV:N/AC:L/Au:N/C:N/I:N/A:P multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: this vulnerability exists because of an incomplete fix for CVE-2019-19880. CVE-2019-19926 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsqlite3-0-3.36.0-9.18.1 important 5 AV:N/AC:L/Au:N/C:N/I:N/A:P ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames, leading to a memory-management error that can be detected by (for example) valgrind. CVE-2019-19959 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsqlite3-0-3.36.0-9.18.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:P/A:N selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error. CVE-2019-20218 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsqlite3-0-3.36.0-9.18.1 important 5 AV:N/AC:L/Au:N/C:N/I:N/A:P repodata_schema2id in repodata.c in libsolv before 0.7.6 has a heap-based buffer over-read via a last schema whose length is less than the length of the input schema. CVE-2019-20387 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsolv-tools-0.6.38-2.36.4 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-solv-0.6.38-2.36.4 low 5 AV:N/AC:L/Au:N/C:N/I:N/A:P libpcre in PCRE before 8.43 allows a subject buffer over-read in JIT when UTF is disabled, and \X or \R has more than one fixed quantifier, a related issue to CVE-2019-20454. CVE-2019-20838 Public Cloud Image google/sles-12-sp3-byos-v20220126:libpcre1-8.45-8.7.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P In Lib/tarfile.py in Python through 3.8.3, an attacker is able to craft a TAR archive leading to an infinite loop when opened by tarfile.open, because _proc_pax lacks header validation. CVE-2019-20907 Public Cloud Image google/sles-12-sp3-byos-v20220126:libpython2_7-1_0-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-base-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-xml-2.7.18-28.77.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P An exploitable denial-of-service vulnerability exists in the X509 certificate parser of Python.org Python 2.7.11 / 3.6.6. A specially crafted X509 certificate can cause a NULL pointer dereference, resulting in a denial of service. An attacker can initiate or accept TLS connections using crafted certificates to trigger this vulnerability. CVE-2019-5010 Public Cloud Image google/sles-12-sp3-byos-v20220126:libpython2_7-1_0-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-base-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-xml-2.7.18-28.77.1 important 5 AV:N/AC:L/Au:N/C:N/I:N/A:P SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables. CVE-2019-8457 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsqlite3-0-3.36.0-9.18.1 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is an out-of-bounds read leading to a SEGV in bfd_getl32 in libbfd.c, when called from pex64_get_runtime_function in pei-x86_64.c. CVE-2019-9074 Public Cloud Image google/sles-12-sp3-byos-v20220126:binutils-2.37-9.44.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.32. It is a heap-based buffer overflow in _bfd_archive_64_bit_slurp_armap in archive64.c. CVE-2019-9075 Public Cloud Image google/sles-12-sp3-byos-v20220126:binutils-2.37-9.44.1 low 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P An issue was discovered in GNU Binutils 2.32. It is a heap-based buffer overflow in process_mips_specific in readelf.c via a malformed MIPS option section. CVE-2019-9077 Public Cloud Image google/sles-12-sp3-byos-v20220126:binutils-2.37-9.44.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb. CVE-2019-9674 Public Cloud Image google/sles-12-sp3-byos-v20220126:libpython2_7-1_0-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-base-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-xml-2.7.18-28.77.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \r\n (specifically in the path component of a URL that lacks a ? character) followed by an HTTP header or a Redis command. This is similar to the CVE-2019-9740 query string issue. This is fixed in: v2.7.17, v2.7.17rc1, v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1, v3.5.8, v3.5.8rc1, v3.5.8rc2, v3.5.9; v3.6.10, v3.6.10rc1, v3.6.11, v3.6.11rc1, v3.6.12, v3.6.9, v3.6.9rc1; v3.7.4, v3.7.4rc1, v3.7.4rc2, v3.7.5, v3.7.5rc1, v3.7.6, v3.7.6rc1, v3.7.7, v3.7.7rc1, v3.7.8, v3.7.8rc1, v3.7.9. CVE-2019-9947 Public Cloud Image google/sles-12-sp3-byos-v20220126:libpython3_4m1_0-3.4.10-25.80.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:python3-3.4.10-25.80.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:python3-base-3.4.10-25.80.2 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N In l2tp_session_delete and related functions of l2tp_core.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-152735806 CVE-2020-0429 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P In blk_mq_queue_tag_busy_iter of blk-mq-tag.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-151939299 CVE-2020-0433 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 important 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P An issue was discovered in dbus >= 1.3.0 before 1.12.18. The DBusServer in libdbus, as used in dbus-daemon, leaks file descriptors when a message exceeds the per-message file descriptor limit. A local attacker with access to the D-Bus system bus or another system service's private AF_UNIX socket could use this to make the system service reach its file descriptor limit, denying service to subsequent D-Bus clients. CVE-2020-12049 Public Cloud Image google/sles-12-sp3-byos-v20220126:dbus-1-1.8.22-29.21.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:dbus-1-x11-1.8.22-29.21.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:libdbus-1-3-1.8.22-29.21.1 moderate 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C During ECDSA signature generation, padding applied in the nonce designed to ensure constant-time scalar multiplication was removed, resulting in variable-time execution dependent on secret data. This vulnerability affects Firefox < 80 and Firefox for Android < 80. CVE-2020-12401 Public Cloud Image google/sles-12-sp3-byos-v20220126:mozilla-nss-certs-3.68.2-58.60.1 critical 1.9 AV:L/AC:M/Au:N/C:P/I:N/A:N A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55. When using multi-part Chacha20, it could cause out-of-bounds reads. This issue was fixed by explicitly disabling multi-part ChaCha20 (which was not functioning correctly) and strictly enforcing tag length. The highest threat from this vulnerability is to confidentiality and system availability. CVE-2020-12403 Public Cloud Image google/sles-12-sp3-byos-v20220126:mozilla-nss-certs-3.68.2-58.60.1 critical 6.4 AV:N/AC:L/Au:N/C:P/I:N/A:P An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel through 5.6.10. Attackers may trigger a sync of excessive duration via an XFS v5 image with crafted metadata, aka CID-d0c7feaf8767. CVE-2020-12655 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c. CVE-2020-13434 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsqlite3-0-3.36.0-9.18.1 moderate 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c. CVE-2020-13435 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsqlite3-0-3.36.0-9.18.1 important 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. CVE-2020-13630 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsqlite3-0-3.36.0-9.18.1 moderate 4.4 AV:L/AC:M/Au:N/C:P/I:P/A:P SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c. CVE-2020-13631 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsqlite3-0-3.36.0-9.18.1 moderate 2.1 AV:L/AC:L/Au:N/C:N/I:P/A:N ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query. CVE-2020-13632 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsqlite3-0-3.36.0-9.18.1 moderate 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring. CVE-2020-14155 Public Cloud Image google/sles-12-sp3-byos-v20220126:libpcre1-8.45-8.7.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P An out-of-bounds memory write flaw was found in how the Linux kernel’s Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. This flaw allows an unauthenticated remote user to crash the system, causing a denial of service. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. CVE-2020-14305 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 8.3 AV:N/AC:M/Au:N/C:P/I:P/A:C In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation. CVE-2020-15358 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsqlite3-0-3.36.0-9.18.1 moderate 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P A double free vulnerability exists in the Binary File Descriptor (BFD) (aka libbrd) in GNU Binutils 2.35 in the process_symbol_table, as demonstrated in readelf, via a crafted file. CVE-2020-16590 Public Cloud Image google/sles-12-sp3-byos-v20220126:binutils-2.37-9.44.1 low 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P A Denial of Service vulnerability exists in the Binary File Descriptor (BFD) in GNU Binutils 2.35 due to an invalid read in process_symbol_table, as demonstrated in readeif. CVE-2020-16591 Public Cloud Image google/sles-12-sp3-byos-v20220126:binutils-2.37-9.44.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P A use after free issue exists in the Binary File Descriptor (BFD) library (aka libbfd) in GNU Binutils 2.34 in bfd_hash_lookup, as demonstrated in nm-new, that can cause a denial of service via a crafted file. CVE-2020-16592 Public Cloud Image google/sles-12-sp3-byos-v20220126:binutils-2.37-9.44.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35, in scan_unit_for_symbols, as demonstrated in addr2line, that can cause a denial of service via a crafted file. CVE-2020-16593 Public Cloud Image google/sles-12-sp3-byos-v20220126:binutils-2.37-9.44.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. CVE-2020-16598 Public Cloud Image google/sles-12-sp3-byos-v20220126:binutils-2.37-9.44.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35, in _bfd_elf_get_symbol_version_string, as demonstrated in nm-new, that can cause a denial of service via a crafted file. CVE-2020-16599 Public Cloud Image google/sles-12-sp3-byos-v20220126:binutils-2.37-9.44.1 low 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P A flaw was found in the Linux kernel's implementation of some networking protocols in IPsec, such as VXLAN and GENEVE tunnels over IPv6. When an encrypted tunnel is created between two hosts, the kernel isn't correctly routing tunneled data over the encrypted link; rather sending the data unencrypted. This would allow anyone in between the two endpoints to read the traffic unencrypted. The main threat from this vulnerability is to data confidentiality. CVE-2020-1749 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 important 5 AV:N/AC:L/Au:N/C:P/I:N/A:N The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP, this can be abused to inject arbitrary network packets and/or exfiltrate user data. CVE-2020-24586 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 2.9 AV:A/AC:M/Au:N/C:P/I:N/A:N The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed. CVE-2020-24587 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 1.8 AV:A/AC:H/Au:N/C:P/I:N/A:N The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets. CVE-2020-24588 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 2.9 AV:A/AC:M/Au:N/C:N/I:P/A:N An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy (which also has a poor header check), which may lead to an HTTP Request Smuggling attack. CVE-2020-25613 moderate 5 AV:N/AC:L/Au:N/C:N/I:P/A:N A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability. This flaw affects NSS versions before 3.58. CVE-2020-25648 Public Cloud Image google/sles-12-sp3-byos-v20220126:mozilla-nss-certs-3.68.2-58.60.1 important 5 AV:N/AC:L/Au:N/C:N/I:N/A:P A vulnerability was found in Linux Kernel where refcount leak in llcp_sock_bind() causing use-after-free which might lead to privilege escalations. CVE-2020-25670 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 important 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C A vulnerability was found in Linux Kernel, where a refcount leak in llcp_sock_connect() causing use-after-free which might lead to privilege escalations. CVE-2020-25671 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 important 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C A memory leak vulnerability was found in Linux kernel in llcp_sock_connect CVE-2020-25672 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 important 5 AV:N/AC:L/Au:N/C:N/I:N/A:P A vulnerability was found in Linux kernel where non-blocking socket in llcp_sock_connect() leads to leak and eventually hanging-up the system. CVE-2020-25673 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 important 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation. CVE-2020-25717 Public Cloud Image google/sles-12-sp3-byos-v20220126:libdcerpc-binding0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libdcerpc0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libndr-krb5pac0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libndr-nbt0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libndr-standard0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libndr0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libnetapi0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsamba-credentials0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsamba-errors0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsamba-hostconfig0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsamba-passdb0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsamba-util0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsamdb0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsmbconf0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsmbldap0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libtevent-util0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libwbclient0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:samba-libs-4.6.16+git.313.502515a5bfc-3.67.2 important 8.5 AV:N/AC:L/Au:S/C:C/I:C/A:N An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients. CVE-2020-26139 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 2.9 AV:A/AC:M/Au:N/C:N/I:N/A:P An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi-Fi implementation does not verify the Message Integrity Check (authenticity) of fragmented TKIP frames. An adversary can abuse this to inject and possibly decrypt packets in WPA or WPA2 networks that support the TKIP data-confidentiality protocol. CVE-2020-26141 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 3.3 AV:A/AC:L/Au:N/C:N/I:P/A:N An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration. CVE-2020-26145 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 3.3 AV:A/AC:L/Au:N/C:N/I:P/A:N An issue was discovered in the Linux kernel 5.8.9. The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or exfiltrate selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used. CVE-2020-26147 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 3.2 AV:A/AC:H/Au:N/C:P/I:P/A:N In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK codec tests call eval() on content retrieved via HTTP. CVE-2020-27619 Public Cloud Image google/sles-12-sp3-byos-v20220126:libpython3_4m1_0-3.4.10-25.80.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:python3-3.4.10-25.80.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:python3-base-3.4.10-25.80.2 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. Guest OS users can cause a denial of service (host OS hang) via a high rate of events to dom0, aka CID-e99502f76271. CVE-2020-27673 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. A write to this specific memory while freed and before use causes the flow of execution to change and possibly allow for memory corruption or privilege escalation. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. CVE-2020-27786 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 important 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C In drivers/target/target_core_xcopy.c in the Linux kernel before 5.10.7, insufficient identifier checking in the LIO SCSI target code can be used by remote attackers to read or write files via directory traversal in an XCOPY request, aka CID-2896c93811e3. For example, an attack can occur over a network if the attacker has access to one iSCSI LUN. The attacker gains control over file access because I/O operations are proxied via an attacker-selected backstore. CVE-2020-28374 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 important 5.5 AV:N/AC:L/Au:S/C:P/I:P/A:N An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35.1. A heap-based buffer over-read can occur in bfd_getl_signed_32 in libbfd.c because sh_entsize is not validated in _bfd_elf_slurp_secondary_reloc_section in elf.c. CVE-2020-35448 Public Cloud Image google/sles-12-sp3-byos-v20220126:binutils-2.37-9.44.1 moderate 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N A flaw exists in binutils in bfd/pef.c. An attacker who is able to submit a crafted PEF file to be parsed by objdump could cause a heap buffer overflow -> out-of-bounds read that could lead to an impact to application availability. This flaw affects binutils versions prior to 2.34. CVE-2020-35493 Public Cloud Image google/sles-12-sp3-byos-v20220126:binutils-2.37-9.44.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P There's a flaw in bfd_pef_scan_start_address() of bfd/pef.c in binutils which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability. This flaw affects binutils versions prior to 2.34. CVE-2020-35496 Public Cloud Image google/sles-12-sp3-byos-v20220126:binutils-2.37-9.44.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P There's a flaw in bfd_pef_parse_function_stubs of bfd/pef.c in binutils in versions prior to 2.34 which could allow an attacker who is able to submit a crafted file to be processed by objdump to cause a NULL pointer dereference. The greatest threat of this flaw is to application availability. CVE-2020-35507 Public Cloud Image google/sles-12-sp3-byos-v20220126:binutils-2.37-9.44.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P A use-after-free flaw was found in D-Bus Development branch <= 1.13.16, dbus-1.12.x stable branch <= 1.12.18, and dbus-1.10.x and older branches <= 1.10.30 when a system has multiple usernames sharing the same UID. When a set of policy rules references these usernames, D-Bus may free some memory in the heap, which is still used by data structures necessary for the other usernames sharing the UID, possibly leading to a crash or other undefined behaviors CVE-2020-35512 Public Cloud Image google/sles-12-sp3-byos-v20220126:dbus-1-1.8.22-29.21.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:dbus-1-x11-1.8.22-29.21.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:libdbus-1-3-1.8.22-29.21.1 moderate 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck). CVE-2020-36221 Public Cloud Image google/sles-12-sp3-byos-v20220126:libldap-2_4-2-2.4.41-18.86.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:openldap2-client-2.4.41-18.86.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P A flaw was discovered in OpenLDAP before 2.4.57 leading to an assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service. CVE-2020-36222 Public Cloud Image google/sles-12-sp3-byos-v20220126:libldap-2_4-2-2.4.41-18.86.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:openldap2-client-2.4.41-18.86.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read). CVE-2020-36223 Public Cloud Image google/sles-12-sp3-byos-v20220126:libldap-2_4-2-2.4.41-18.86.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:openldap2-client-2.4.41-18.86.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service. CVE-2020-36224 Public Cloud Image google/sles-12-sp3-byos-v20220126:libldap-2_4-2-2.4.41-18.86.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:openldap2-client-2.4.41-18.86.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P A flaw was discovered in OpenLDAP before 2.4.57 leading to a double free and slapd crash in the saslAuthzTo processing, resulting in denial of service. CVE-2020-36225 Public Cloud Image google/sles-12-sp3-byos-v20220126:libldap-2_4-2-2.4.41-18.86.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:openldap2-client-2.4.41-18.86.1 important 5 AV:N/AC:L/Au:N/C:N/I:N/A:P A flaw was discovered in OpenLDAP before 2.4.57 leading to a memch->bv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service. CVE-2020-36226 Public Cloud Image google/sles-12-sp3-byos-v20220126:libldap-2_4-2-2.4.41-18.86.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:openldap2-client-2.4.41-18.86.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service. CVE-2020-36227 Public Cloud Image google/sles-12-sp3-byos-v20220126:libldap-2_4-2-2.4.41-18.86.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:openldap2-client-2.4.41-18.86.1 important 5 AV:N/AC:L/Au:N/C:N/I:N/A:P An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service. CVE-2020-36228 Public Cloud Image google/sles-12-sp3-byos-v20220126:libldap-2_4-2-2.4.41-18.86.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:openldap2-client-2.4.41-18.86.1 important 5 AV:N/AC:L/Au:N/C:N/I:N/A:P A flaw was discovered in ldap_X509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in ad_keystring, resulting in denial of service. CVE-2020-36229 Public Cloud Image google/sles-12-sp3-byos-v20220126:libldap-2_4-2-2.4.41-18.86.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:openldap2-client-2.4.41-18.86.1 important 5 AV:N/AC:L/Au:N/C:N/I:N/A:P A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service. CVE-2020-36230 Public Cloud Image google/sles-12-sp3-byos-v20220126:libldap-2_4-2-2.4.41-18.86.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:openldap2-client-2.4.41-18.86.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P An issue was discovered in the Linux kernel before 5.8.10. virt/kvm/kvm_main.c has a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure, aka CID-f65886606c2d. CVE-2020-36312 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 low 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system crash. NOTE: the original fix for this vulnerability was incomplete, and its incompleteness is tracked as CVE-2021-28950. CVE-2020-36322 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 important 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c. CVE-2020-36385 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P An issue was discovered in the Linux kernel before 5.8.1. net/bluetooth/hci_event.c has a slab out-of-bounds read in hci_extended_inquiry_result_evt, aka CID-51c19bf3d5cf. CVE-2020-36386 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 5.6 AV:L/AC:L/Au:N/C:P/I:N/A:C u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MSM8909W, MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150 CVE-2020-3702 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 important 5 AV:N/AC:L/Au:N/C:P/I:N/A:N IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296. CVE-2020-4788 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 1.9 AV:L/AC:M/Au:N/C:P/I:N/A:N When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; which leaked partial information about the nonce used during signature generation. Given an electro-magnetic trace of a few signature generations, the private key could have been computed. This vulnerability affects Firefox < 80 and Firefox for Android < 80. CVE-2020-6829 Public Cloud Image google/sles-12-sp3-byos-v20220126:mozilla-nss-certs-3.68.2-58.60.1 critical 5 AV:N/AC:L/Au:N/C:P/I:N/A:N Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking. CVE-2020-8492 Public Cloud Image google/sles-12-sp3-byos-v20220126:libpython2_7-1_0-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:libpython3_4m1_0-3.4.10-25.80.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-base-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-xml-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:python3-3.4.10-25.80.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:python3-base-3.4.10-25.80.2 moderate 7.1 AV:N/AC:M/Au:N/C:N/I:N/A:C In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit. CVE-2020-8622 Public Cloud Image google/sles-12-sp3-byos-v20220126:bind-libs-9.9.9P1-63.31.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:bind-utils-9.9.9P1-63.31.1 important 4 AV:N/AC:L/Au:S/C:N/I:N/A:P In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations. CVE-2020-9327 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsqlite3-0-3.36.0-9.18.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access. CVE-2021-0129 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 2.7 AV:A/AC:L/Au:S/C:P/I:N/A:N In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-173843328References: Upstream kernel CVE-2021-0512 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 important 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P In pfkey_dump of af_key.c, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-110373476 CVE-2021-0605 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 important 4.9 AV:L/AC:L/Au:N/C:C/I:N/A:N A flaw was found in the src/list.c of tar 1.33 and earlier. This flaw allows an attacker who can submit a crafted input file to tar to cause uncontrolled consumption of memory. The highest threat from this vulnerability is to system availability. CVE-2021-20193 Public Cloud Image google/sles-12-sp3-byos-v20220126:tar-1.27.1-15.9.1 low 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. When these utilities are run as a privileged user (presumably as part of a script updating binaries across different users), an unprivileged user can trick these utilities into getting ownership of arbitrary files through a symlink. CVE-2021-20197 Public Cloud Image google/sles-12-sp3-byos-v20220126:binutils-2.37-9.44.1 moderate 3.3 AV:L/AC:M/Au:N/C:P/I:P/A:N A flaw was found in cifs-utils in versions before 6.13. A user when mounting a krb5 CIFS file system from within a container can use Kerberos credentials of the host. The highest threat from this vulnerability is to data confidentiality and integrity. CVE-2021-20208 Public Cloud Image google/sles-12-sp3-byos-v20220126:cifs-utils-6.9-9.15.1 moderate 4.9 AV:N/AC:M/Au:S/C:P/I:P/A:N A denial of service vulnerability was found in n_tty_receive_char_special in drivers/tty/n_tty.c of the Linux kernel. In this flaw a local attacker with a normal user privilege could delay the loop (due to a changing ldata->read_head, and a missing sanity check) and cause a threat to the system availability. CVE-2021-20219 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P A flaw was found in samba. The Samba smbd file server must map Windows group identities (SIDs) into unix group ids (gids). The code that performs this had a flaw that could allow it to read data beyond the end of the array in the case where a negative cache entry had been added to the mapping cache. This could cause the calling code to return those values into the process token that stores the group membership for a user. The highest threat from this vulnerability is to data confidentiality and integrity. CVE-2021-20254 Public Cloud Image google/sles-12-sp3-byos-v20220126:libdcerpc-binding0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libdcerpc0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libndr-krb5pac0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libndr-nbt0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libndr-standard0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libndr0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libnetapi0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsamba-credentials0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsamba-errors0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsamba-hostconfig0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsamba-passdb0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsamba-util0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsamdb0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsmbconf0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsmbldap0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libtevent-util0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:libwbclient0-4.6.16+git.313.502515a5bfc-3.67.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:samba-libs-4.6.16+git.313.502515a5bfc-3.67.2 important 5.5 AV:N/AC:L/Au:S/C:P/I:P/A:N A flaw was found in the way memory resources were freed in the unix_stream_recvmsg function in the Linux kernel when a signal was pending. This flaw allows an unprivileged local user to crash the system by exhausting available memory. The highest threat from this vulnerability is to system availability. CVE-2021-20265 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C A flaw was found in GNU Binutils 2.35.1, where there is a heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c due to the number of symbols not calculated correctly. The highest threat from this vulnerability is to system availability. CVE-2021-20284 Public Cloud Image google/sles-12-sp3-byos-v20220126:binutils-2.37-9.44.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P A flaw was found in binutils readelf 2.35 program. An attacker who is able to convince a victim using readelf to read a crafted file could trigger a stack buffer overflow, out-of-bounds write of arbitrary data supplied by the attacker. The highest impact of this flaw is to confidentiality, integrity, and availability. CVE-2021-20294 Public Cloud Image google/sles-12-sp3-byos-v20220126:binutils-2.37-9.44.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P A flaw was found in Nettle in versions before 3.7.2, where several Nettle signature verification functions (GOST DSA, EDDSA & ECDSA) result in the Elliptic Curve Cryptography point (ECC) multiply function being called with out-of-range scalers, possibly resulting in incorrect results. This flaw allows an attacker to force an invalid signature, causing an assertion failure or possible validation. The highest threat to this vulnerability is to confidentiality, integrity, as well as system availability. CVE-2021-20305 Public Cloud Image google/sles-12-sp3-byos-v20220126:libnettle4-2.7.1-13.6.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well. CVE-2021-20322 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 important 5.8 AV:N/AC:M/Au:N/C:P/I:P/A:N A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space CVE-2021-22555 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 important 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P curl 7.1.1 to and including 7.75.0 is vulnerable to an "Exposure of Private Personal Information to an Unauthorized Actor" by leaking credentials in the HTTP Referer: header. libcurl does not strip off user credentials from the URL when automatically populating the Referer: HTTP request header field in outgoing HTTP requests, and therefore risks leaking sensitive data to the server that is the target of the second HTTP request. CVE-2021-22876 Public Cloud Image google/sles-12-sp3-byos-v20220126:curl-7.37.0-37.70.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:libcurl4-7.37.0-37.70.1 moderate 5 AV:N/AC:L/Au:N/C:P/I:N/A:N curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send variable=content pairs to TELNET servers. Due to a flaw in the option parser for sending NEW_ENV variables, libcurl could be made to pass on uninitialized data from a stack based buffer to the server, resulting in potentially revealing sensitive internal information to the server using a clear-text network protocol. CVE-2021-22898 Public Cloud Image google/sles-12-sp3-byos-v20220126:curl-7.37.0-37.70.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:libcurl4-7.37.0-37.70.1 moderate 2.6 AV:N/AC:H/Au:N/C:P/I:N/A:N When curl is instructed to download content using the metalink feature, thecontents is verified against a hash provided in the metalink XML file.The metalink XML file points out to the client how to get the same contentfrom a set of different URLs, potentially hosted by different servers and theclient can then download the file from one or several of them. In a serial orparallel manner.If one of the servers hosting the contents has been breached and the contentsof the specific file on that server is replaced with a modified payload, curlshould detect this when the hash of the file mismatches after a completeddownload. It should remove the contents and instead try getting the contentsfrom another URL. This is not done, and instead such a hash mismatch is onlymentioned in text and the potentially malicious content is kept in the file ondisk. CVE-2021-22922 Public Cloud Image google/sles-12-sp3-byos-v20220126:curl-7.37.0-37.70.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:libcurl4-7.37.0-37.70.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N When curl is instructed to get content using the metalink feature, and a user name and password are used to download the metalink XML file, those same credentials are then subsequently passed on to each of the servers from which curl will download or try to download the contents from. Often contrary to the user's expectations and intentions and without telling the user it happened. CVE-2021-22923 Public Cloud Image google/sles-12-sp3-byos-v20220126:curl-7.37.0-37.70.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:libcurl4-7.37.0-37.70.1 moderate 2.6 AV:N/AC:H/Au:N/C:P/I:N/A:N libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse, if one of them matches the setup.Due to errors in the logic, the config matching function did not take 'issuercert' into account and it compared the involved paths *case insensitively*,which could lead to libcurl reusing wrong connections.File paths are, or can be, case sensitive on many systems but not all, and caneven vary depending on used file systems.The comparison also didn't include the 'issuer cert' which a transfer can setto qualify how to verify the server certificate. CVE-2021-22924 Public Cloud Image google/sles-12-sp3-byos-v20220126:curl-7.37.0-37.70.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:libcurl4-7.37.0-37.70.1 moderate 4.3 AV:N/AC:M/Au:N/C:P/I:N/A:N curl supports the `-t` command line option, known as `CURLOPT_TELNETOPTIONS`in libcurl. This rarely used option is used to send variable=content pairs toTELNET servers.Due to flaw in the option parser for sending `NEW_ENV` variables, libcurlcould be made to pass on uninitialized data from a stack based buffer to theserver. Therefore potentially revealing sensitive internal information to theserver using a clear-text network protocol.This could happen because curl did not call and use sscanf() correctly whenparsing the string provided by the application. CVE-2021-22925 Public Cloud Image google/sles-12-sp3-byos-v20220126:curl-7.37.0-37.70.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:libcurl4-7.37.0-37.70.1 moderate 5 AV:N/AC:L/Au:N/C:P/I:N/A:N A user can tell curl >= 7.20.0 and <= 7.78.0 to require a successful upgrade to TLS when speaking to an IMAP, POP3 or FTP server (`--ssl-reqd` on the command line or`CURLOPT_USE_SSL` set to `CURLUSESSL_CONTROL` or `CURLUSESSL_ALL` withlibcurl). This requirement could be bypassed if the server would return a properly crafted but perfectly legitimate response.This flaw would then make curl silently continue its operations **withoutTLS** contrary to the instructions and expectations, exposing possibly sensitive data in clear text over the network. CVE-2021-22946 Public Cloud Image google/sles-12-sp3-byos-v20220126:curl-7.37.0-37.70.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:libcurl4-7.37.0-37.70.1 moderate 5 AV:N/AC:L/Au:N/C:P/I:N/A:N When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that curl caches. curl would then upgrade to TLS but not flush the in-queue of cached responses but instead continue using and trustingthe responses it got *before* the TLS handshake as if they were authenticated.Using this flaw, it allows a Man-In-The-Middle attacker to first inject the fake responses, then pass-through the TLS traffic from the legitimate server and trick curl into sending data back to the user thinking the attacker's injected data comes from the TLS-protected server. CVE-2021-22947 Public Cloud Image google/sles-12-sp3-byos-v20220126:curl-7.37.0-37.70.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:libcurl4-7.37.0-37.70.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP_NET_RAW capability. CVE-2021-23134 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 important 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P The package python/cpython from 0 and before 3.6.13, from 3.7.0 and before 3.7.10, from 3.8.0 and before 3.8.8, from 3.9.0 and before 3.9.2 are vulnerable to Web Cache Poisoning via urllib.parse.parse_qsl and urllib.parse.parse_qs by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configuration) and the server. This can result in malicious requests being cached as completely safe ones, as the proxy would usually not see the semicolon as a separator, and therefore would not include it in a cache key of an unkeyed parameter. CVE-2021-23336 Public Cloud Image google/sles-12-sp3-byos-v20220126:libpython2_7-1_0-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:libpython3_4m1_0-3.4.10-25.80.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-base-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-xml-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:python3-3.4.10-25.80.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:python3-base-3.4.10-25.80.2 moderate 4 AV:N/AC:H/Au:N/C:N/I:P/A:P Calls to EVP_CipherUpdate, EVP_EncryptUpdate and EVP_DecryptUpdate may overflow the output length argument in some cases where the input length is close to the maximum permissable length for an integer on the platform. In such cases the return value from the function call will be 1 (indicating success), but the output length value will be negative. This could cause applications to behave incorrectly or crash. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x). CVE-2021-23840 Public Cloud Image google/sles-12-sp3-byos-v20220126:libopenssl1_0_0-1.0.2j-60.72.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:openssl-1.0.2j-60.72.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P The OpenSSL public API function X509_issuer_and_serial_hash() attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors that may occur while parsing the issuer field (which might occur if the issuer field is maliciously constructed). This may subsequently result in a NULL pointer deref and a crash leading to a potential denial of service attack. The function X509_issuer_and_serial_hash() is never directly called by OpenSSL itself so applications are only vulnerable if they use this function directly and they use it on certificates that may have been obtained from untrusted sources. OpenSSL versions 1.1.1i and below are affected by this issue. Users of these versions should upgrade to OpenSSL 1.1.1j. OpenSSL versions 1.0.2x and below are affected by this issue. However OpenSSL 1.0.2 is out of support and no longer receiving public updates. Premium support customers of OpenSSL 1.0.2 should upgrade to 1.0.2y. Other users should upgrade to 1.1.1j. Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1i). Fixed in OpenSSL 1.0.2y (Affected 1.0.2-1.0.2x). CVE-2021-23841 Public Cloud Image google/sles-12-sp3-byos-v20220126:libopenssl1_0_0-1.0.2j-60.72.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:openssl-1.0.2j-60.72.2 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P In BIND 9.8.5 -> 9.8.8, 9.9.3 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND 9 Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a malformed IXFR triggering the flaw described above, the named process will terminate due to a failed assertion the next time the transferred secondary zone is refreshed. CVE-2021-25214 Public Cloud Image google/sles-12-sp3-byos-v20220126:bind-libs-9.9.9P1-63.31.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:bind-utils-9.9.9P1-63.31.1 moderate 4 AV:N/AC:L/Au:S/C:N/I:N/A:P In BIND 9.0.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a query for a record triggering the flaw described above, the named process will terminate due to a failed assertion check. The vulnerability affects all currently maintained BIND 9 branches (9.11, 9.11-S, 9.16, 9.16-S, 9.17) as well as all other versions of BIND 9. CVE-2021-25215 Public Cloud Image google/sles-12-sp3-byos-v20220126:bind-libs-9.9.9P1-63.31.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:bind-utils-9.9.9P1-63.31.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P In BIND 9.5.0 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.11.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.1 of the BIND 9.17 development branch, BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setting values for the tkey-gssapi-keytab or tkey-gssapi-credential configuration options. Although the default configuration is not vulnerable, GSS-TSIG is frequently used in networks where BIND is integrated with Samba, as well as in mixed-server environments that combine BIND servers with Active Directory domain controllers. For servers that meet these conditions, the ISC SPNEGO implementation is vulnerable to various attacks, depending on the CPU architecture for which BIND was built: For named binaries compiled for 64-bit platforms, this flaw can be used to trigger a buffer over-read, leading to a server crash. For named binaries compiled for 32-bit platforms, this flaw can be used to trigger a server crash due to a buffer overflow and possibly also to achieve remote code execution. We have determined that standard SPNEGO implementations are available in the MIT and Heimdal Kerberos libraries, which support a broad range of operating systems, rendering the ISC implementation unnecessary and obsolete. Therefore, to reduce the attack surface for BIND users, we will be removing the ISC SPNEGO implementation in the April releases of BIND 9.11 and 9.16 (it had already been dropped from BIND 9.17). We would not normally remove something from a stable ESV (Extended Support Version) of BIND, but since system libraries can replace the ISC SPNEGO implementation, we have made an exception in this case for reasons of stability and security. CVE-2021-25216 Public Cloud Image google/sles-12-sp3-byos-v20220126:bind-libs-9.9.9P1-63.31.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:bind-utils-9.9.9P1-63.31.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P In ISC DHCP 4.1-ESV-R1 -> 4.1-ESV-R16, ISC DHCP 4.4.0 -> 4.4.2 (Other branches of ISC DHCP (i.e., releases in the 4.0.x series or lower and releases in the 4.3.x series) are beyond their End-of-Life (EOL) and no longer supported by ISC. From inspection it is clear that the defect is also present in releases from those series, but they have not been officially tested for the vulnerability), The outcome of encountering the defect while reading a lease that will trigger it varies, according to: the component being affected (i.e., dhclient or dhcpd) whether the package was built as a 32-bit or 64-bit binary whether the compiler flag -fstack-protection-strong was used when compiling In dhclient, ISC has not successfully reproduced the error on a 64-bit system. However, on a 32-bit system it is possible to cause dhclient to crash when reading an improper lease, which could cause network connectivity problems for an affected system due to the absence of a running DHCP client process. In dhcpd, when run in DHCPv4 or DHCPv6 mode: if the dhcpd server binary was built for a 32-bit architecture AND the -fstack-protection-strong flag was specified to the compiler, dhcpd may exit while parsing a lease file containing an objectionable lease, resulting in lack of service to clients. Additionally, the offending lease and the lease immediately following it in the lease database may be improperly deleted. if the dhcpd server binary was built for a 64-bit architecture OR if the -fstack-protection-strong compiler flag was NOT specified, the crash will not occur, but it is possible for the offending lease and the lease which immediately followed it to be improperly deleted. CVE-2021-25217 Public Cloud Image google/sles-12-sp3-byos-v20220126:dhcp-4.3.3-10.22.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:dhcp-client-4.3.3-10.22.1 important 3.3 AV:A/AC:L/Au:N/C:N/I:N/A:P In BIND 9.3.0 -> 9.11.35, 9.12.0 -> 9.16.21, and versions 9.9.3-S1 -> 9.11.35-S1 and 9.16.8-S1 -> 9.16.21-S1 of BIND Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.18 of the BIND 9.17 development branch, exploitation of broken authoritative servers using a flaw in response processing can cause degradation in BIND resolver performance. The way the lame cache is currently designed makes it possible for its internal data structures to grow almost infinitely, which may cause significant delays in client query processing. CVE-2021-25219 Public Cloud Image google/sles-12-sp3-byos-v20220126:bind-libs-9.9.9P1-63.31.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:bind-utils-9.9.9P1-63.31.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P A Incorrect Default Permissions vulnerability in the packaging of cups of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4.0, SUSE OpenStack Cloud Crowbar 9; openSUSE Leap 15.2, Factory allows local attackers with control of the lp users to create files as root with 0644 permissions without the ability to set the content. This issue affects: SUSE Linux Enterprise Server 11-SP4-LTSS cups versions prior to 1.3.9. SUSE Manager Server 4.0 cups versions prior to 2.2.7. SUSE OpenStack Cloud Crowbar 9 cups versions prior to 1.7.5. openSUSE Leap 15.2 cups versions prior to 2.2.7. openSUSE Factory cups version 2.3.3op2-2.1 and prior versions. CVE-2021-25317 Public Cloud Image google/sles-12-sp3-byos-v20220126:cups-libs-1.7.5-20.36.1 moderate 2.1 AV:L/AC:L/Au:N/C:N/I:P/A:N An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen. To service requests to the PV backend, the driver maps grant references provided by the frontend. In this process, errors may be encountered. In one case, an error encountered earlier might be discarded by later processing, resulting in the caller assuming successful mapping, and hence subsequent operations trying to access space that wasn't mapped. In another case, internal state would be insufficiently updated, preventing safe recovery from the error. This affects drivers/block/xen-blkback/blkback.c. CVE-2021-26930 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 important 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P An issue was discovered in the Linux kernel 2.6.39 through 5.10.16, as used in Xen. Block, net, and SCSI backends consider certain errors a plain bug, deliberately causing a kernel crash. For errors potentially being at least under the influence of guests (such as out of memory conditions), it isn't correct to assume a plain bug. Memory allocations potentially causing such crashes occur only when Linux is running in PV mode, though. This affects drivers/block/xen-blkback/blkback.c and drivers/xen/xen-scsiback.c. CVE-2021-26931 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 1.9 AV:L/AC:M/Au:N/C:N/I:N/A:P An issue was discovered in the Linux kernel 3.2 through 5.10.16, as used by Xen. Grant mapping operations often occur in batch hypercalls, where a number of operations are done in a single hypercall, the success or failure of each one is reported to the backend driver, and the backend driver then loops over the results, performing follow-up actions based on the success or failure of each operation. Unfortunately, when running in PV mode, the Linux backend drivers mishandle this: Some errors are ignored, effectively implying their success from the success of related batch elements. In other cases, errors resulting from one batch element lead to further batch elements not being inspected, and hence successful ones to not be possible to properly unmap upon error recovery. Only systems with Linux backends running in PV mode are vulnerable. Linux backends run in HVM / PVH modes are not vulnerable. This affects arch/*/xen/p2m.c and drivers/xen/gntdev.c. CVE-2021-26932 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 1.9 AV:L/AC:M/Au:N/C:N/I:N/A:P In OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, an assertion failure in slapd can occur in the issuerAndThisUpdateCheck function via a crafted packet, resulting in a denial of service (daemon exit) via a short timestamp. This is related to schema_init.c and checkTime. CVE-2021-27212 Public Cloud Image google/sles-12-sp3-byos-v20220126:libldap-2_4-2-2.4.41-18.86.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:openldap2-client-2.4.41-18.86.1 important 5 AV:N/AC:L/Au:N/C:N/I:N/A:P An issue was discovered in GNOME GLib before 2.66.7 and 2.67.x before 2.67.4. If g_byte_array_new_take() was called with a buffer of 4GB or more on a 64-bit platform, the length would be truncated modulo 2**32, causing unintended length truncation. CVE-2021-27218 Public Cloud Image google/sles-12-sp3-byos-v20220126:libgio-2_0-0-2.48.2-12.22.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:libglib-2_0-0-2.48.2-12.22.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:libgmodule-2_0-0-2.48.2-12.22.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:libgobject-2_0-0-2.48.2-12.22.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P An issue was discovered in GNOME GLib before 2.66.6 and 2.67.x before 2.67.3. The function g_bytes_new has an integer overflow on 64-bit platforms due to an implicit cast from 64 bits to 32 bits. The overflow could potentially lead to memory corruption. CVE-2021-27219 Public Cloud Image google/sles-12-sp3-byos-v20220126:libgio-2_0-0-2.48.2-12.22.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:libglib-2_0-0-2.48.2-12.22.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:libgmodule-2_0-0-2.48.2-12.22.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:libgobject-2_0-0-2.48.2-12.22.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P An issue was discovered in the Linux kernel through 5.11.3. A kernel pointer leak can be used to determine the address of the iscsi_transport structure. When an iSCSI transport is registered with the iSCSI subsystem, the transport's handle is available to unprivileged users via the sysfs file system, at /sys/class/iscsi_transport/$TRANSPORT_NAME/handle. When read, the show_transport_handle function (in drivers/scsi/scsi_transport_iscsi.c) is called, which leaks the handle. This handle is actually the pointer to an iscsi_transport struct in the kernel module's global variables. CVE-2021-27363 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 important 3.6 AV:L/AC:L/Au:N/C:P/I:N/A:P An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGE_SIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up to the maximum length of a Netlink message. CVE-2021-27365 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P An issue was discovered in the Linux kernel through 5.11.3, as used with Xen PV. A certain part of the netback driver lacks necessary treatment of errors such as failed memory allocations (as a result of changes to the handling of grant mapping errors). A host OS denial of service may occur during misbehavior of a networking frontend driver. NOTE: this issue exists because of an incomplete fix for CVE-2021-26931. CVE-2021-28038 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the ->ssid[] array. NOTE: from the perspective of kernel.org releases, CVE IDs are not normally used for drivers/staging/* (unfinished work); however, system integrators may have situations in which a drivers/staging issue is relevant to their own customer base. CVE-2021-28660 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 important 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C An issue was discovered in fs/fuse/fuse_i.h in the Linux kernel before 5.11.8. A "stall on CPU" can occur because a retry loop continually finds the same bad inode, aka CID-775c5033a0d1. CVE-2021-28950 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P In drivers/pci/hotplug/rpadlpar_sysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly. This occurs because add_slot_store and remove_slot_store mishandle drc_name '\0' termination, aka CID-cc7a0bb058b8. CVE-2021-28972 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c. CVE-2021-29154 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C An issue was discovered in the Linux kernel through 5.11.10. drivers/net/ethernet/freescale/gianfar.c in the Freescale Gianfar Ethernet driver allows attackers to cause a system crash because a negative fragment size is calculated in situations involving an rx queue overrun when jumbo packets are used and NAPI is enabled, aka CID-d8861bab48b6. CVE-2021-29264 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 4.7 AV:L/AC:M/Au:N/C:N/I:N/A:C An issue was discovered in the Linux kernel before 5.11.7. usbip_sockfd_store in drivers/usb/usbip/stub_dev.c allows attackers to cause a denial of service (GPF) because the stub-up sequence has race conditions during an update of the local and shared status, aka CID-9380afd6df70. CVE-2021-29265 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 4.7 AV:L/AC:M/Au:N/C:N/I:N/A:C An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value, aka CID-175e476b8cdf. CVE-2021-29650 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C An issue was discovered in the Linux kernel before 5.11.3 when a webcam device exists. video_usercopy in drivers/media/v4l2-core/v4l2-ioctl.c has a memory leak for large arguments, aka CID-fb18802a338b. CVE-2021-30002 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P LookupCol.c in X.Org X through X11R7.7 and libX11 before 1.7.1 might allow remote attackers to execute arbitrary code. The libX11 XLookupColor request (intended for server-side color lookup) contains a flaw allowing a client to send color-name requests with a name longer than the maximum size allowed by the protocol (and also longer than the maximum packet size for normal-sized packets). The user-controlled data exceeding the maximum size is then interpreted by the server as additional X protocol requests and executed, e.g., to disable X server authorization completely. For example, if the victim encounters malicious terminal control sequences for color codes, then the attacker may be able to take full control of the running graphical session. CVE-2021-31535 Public Cloud Image google/sles-12-sp3-byos-v20220126:libX11-6-1.6.2-12.21.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:libX11-data-1.6.2-12.21.1 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character. CVE-2021-3156 Public Cloud Image google/sles-12-sp3-byos-v20220126:sudo-1.8.20p2-3.23.1 important 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C Python 3.x through 3.9.1 has a buffer overflow in PyCArg_repr in _ctypes/callproc.c, which may lead to remote code execution in certain Python applications that accept floating-point numbers as untrusted input, as demonstrated by a 1e300 argument to c_double.from_param. This occurs because sprintf is used unsafely. CVE-2021-3177 Public Cloud Image google/sles-12-sp3-byos-v20220126:libpython2_7-1_0-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-base-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-xml-2.7.18-28.77.1 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P In RDoc 3.11 through 6.x before 6.3.1, as distributed with Ruby through 3.0.1, it is possible to execute arbitrary code via | and tags in a filename. CVE-2021-31799 important 4.4 AV:L/AC:M/Au:N/C:P/I:P/A:P An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. A malicious FTP server can use the PASV response to trick Net::FTP into connecting back to a given IP address and port. This potentially makes curl extract information about services that are otherwise private and not disclosed (e.g., the attacker can conduct port scans and service banner extractions). CVE-2021-31810 important 5 AV:N/AC:L/Au:N/C:P/I:N/A:N An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi-device driver module in the Linux kernel before 5.12. A bound check failure allows an attacker with special user (CAP_SYS_ADMIN) privilege to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability. CVE-2021-31916 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 6.1 AV:L/AC:L/Au:N/C:P/I:P/A:C Buffer overflow vulnerability in libsolv 2020-12-13 via the Solver * testcase_read(Pool *pool, FILE *fp, const char *testcase, Queue *job, char **resultp, int *resultflagsp function at src/testcase.c: line 2334, which could cause a denial of service CVE-2021-3200 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsolv-tools-0.6.38-2.36.4 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-solv-0.6.38-2.36.4 important 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. Net::IMAP does not raise an exception when StartTLS fails with an an unknown response, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command, aka a "StartTLS stripping attack." CVE-2021-32066 important 5.8 AV:N/AC:M/Au:N/C:P/I:P/A:N net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller. CVE-2021-32399 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 important 4.4 AV:L/AC:M/Au:N/C:P/I:P/A:P The Linux kernel before 5.11.14 has a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. This leads to writing an arbitrary value. CVE-2021-33033 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. This leads to writing an arbitrary value. CVE-2021-33034 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 important 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP. CVE-2021-33560 Public Cloud Image google/sles-12-sp3-byos-v20220126:libgcrypt20-1.6.1-16.80.1 important 5 AV:N/AC:L/Au:N/C:P/I:N/A:N The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possibly unspecified other impact. CVE-2021-33574 Public Cloud Image google/sles-12-sp3-byos-v20220126:glibc-2.22-116.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:glibc-i18ndata-2.22-116.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:glibc-locale-2.22-116.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:nscd-2.22-116.1 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05. CVE-2021-33909 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 important 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C basic/unit-name.c in systemd prior to 246.15, 247.8, 248.5, and 249.1 has a Memory Allocation with an Excessive Size Value (involving strdupa and alloca for a pathname controlled by a local attacker) that results in an operating system crash. CVE-2021-33910 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsystemd0-228-150.98.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:libudev1-228-150.98.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:systemd-228-150.98.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:systemd-sysvinit-228-150.98.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:udev-228-150.98.1 moderate 4.9 AV:L/AC:L/Au:N/C:N/I:N/A:C In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack. CVE-2021-34556 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 2.1 AV:L/AC:L/Au:N/C:P/I:N/A:N A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the availability of the avahi service, which becomes unresponsive after this flaw is triggered. CVE-2021-3468 Public Cloud Image google/sles-12-sp3-byos-v20220126:libavahi-client3-0.6.32-32.15.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:libavahi-common3-0.6.32-32.15.1 moderate 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized. CVE-2021-34693 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 2.1 AV:L/AC:L/Au:N/C:P/I:N/A:N A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Versions before kernel 5.12-rc6 are affected CVE-2021-3483 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P There's a flaw in the BFD library of binutils in versions before 2.36. An attacker who supplies a crafted file to an application linked with BFD, and using the DWARF functionality, could cause an impact to system availability by way of excessive memory consumption. CVE-2021-3487 Public Cloud Image google/sles-12-sp3-byos-v20220126:binutils-2.37-9.44.1 moderate 7.1 AV:N/AC:M/Au:N/C:N/I:N/A:C ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. CVE-2021-34981 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 important There's a flaw in libxml2's xmllint in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by xmllint could trigger a use-after-free. The greatest impact of this flaw is to confidentiality, integrity, and availability. CVE-2021-3516 Public Cloud Image google/sles-12-sp3-byos-v20220126:libxml2-2-2.9.4-46.46.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this flaw is to application availability, with some potential impact to confidentiality and integrity if an attacker is able to use memory information to further exploit the application. CVE-2021-3517 Public Cloud Image google/sles-12-sp3-byos-v20220126:libxml2-2-2.9.4-46.46.1 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to submit a crafted file to be processed by an application linked with libxml2 could trigger a use-after-free. The greatest impact from this flaw is to confidentiality, integrity, and availability. CVE-2021-3518 Public Cloud Image google/sles-12-sp3-byos-v20220126:libxml2-2-2.9.4-46.46.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could be used to crash the application. The highest threat from this vulnerability is to system availability. CVE-2021-3537 Public Cloud Image google/sles-12-sp3-byos-v20220126:libxml2-2-2.9.4-46.46.1 important 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P A flaw was found in libxml2. Exponential entity expansion attack its possible bypassing all existing protection mechanisms and leading to denial of service. CVE-2021-3541 Public Cloud Image google/sles-12-sp3-byos-v20220126:libxml2-2-2.9.4-46.46.1 moderate 4 AV:N/AC:L/Au:S/C:N/I:N/A:P ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-42739. Reason: This candidate is a reservation duplicate of CVE-2021-42739. Notes: All CVE users should reference CVE-2021-42739 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. CVE-2021-3542 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 important In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a store operation that has an attacker-controlled value. CVE-2021-35477 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 2.1 AV:L/AC:L/Au:N/C:P/I:N/A:N It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. CVE-2021-3560 Public Cloud Image google/sles-12-sp3-byos-v20220126:libpolkit0-0.113-5.24.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:polkit-0.113-5.24.1 important 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service. CVE-2021-3580 Public Cloud Image google/sles-12-sp3-byos-v20220126:libnettle4-2.7.1-13.6.1 important 5 AV:N/AC:L/Au:N/C:N/I:N/A:P The wordexp function in the GNU C Library (aka glibc) through 2.33 may crash or read arbitrary memory in parse_param (in posix/wordexp.c) when called with an untrusted, crafted pattern, potentially resulting in a denial of service or disclosure of information. This occurs because atoi was used but strtoul should have been used to ensure correct calculations. CVE-2021-35942 Public Cloud Image google/sles-12-sp3-byos-v20220126:glibc-2.22-116.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:glibc-i18ndata-2.22-116.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:glibc-locale-2.22-116.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:nscd-2.22-116.1 moderate 6.4 AV:N/AC:L/Au:N/C:P/I:N/A:P .A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges. This race condition in net/can/bcm.c in the Linux kernel allows for local privilege escalation to root. CVE-2021-3609 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page. A privileged local user could use this flaw to crash the system or escalate their privileges on the system. CVE-2021-3640 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 important 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "int_ctl" field, this issue could allow a malicious L1 to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape. This flaw affects Linux kernel versions prior to 5.14-rc7. CVE-2021-3653 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 important 6.1 AV:L/AC:L/Au:N/C:P/I:P/A:C A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory. CVE-2021-3655 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 low 2.1 AV:L/AC:L/Au:N/C:P/I:N/A:N A NULL pointer dereference flaw was found in the Linux kernel’s IEEE 802.15.4 wireless networking subsystem in the way the user closes the LR-WPAN connection. This flaw allows a local user to crash the system. The highest threat from this vulnerability is to system availability. CVE-2021-3659 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service. CVE-2021-3679 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) byte. Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's own "d2i" functions (and other similar parsing functions) as well as any string whose value has been set with the ASN1_STRING_set() function will additionally NUL terminate the byte array in the ASN1_STRING structure. However, it is possible for applications to directly construct valid ASN1_STRING structures which do not NUL terminate the byte array by directly setting the "data" and "length" fields in the ASN1_STRING array. This can also happen by using the ASN1_STRING_set0() function. Numerous OpenSSL functions that print ASN.1 data have been found to assume that the ASN1_STRING byte array will be NUL terminated, even though this is not guaranteed for strings that have been directly constructed. Where an application requests an ASN.1 structure to be printed, and where that ASN.1 structure contains ASN1_STRINGs that have been directly constructed by the application without NUL terminating the "data" field, then a read buffer overrun can occur. The same thing can also occur during name constraints processing of certificates (for example if a certificate has been directly constructed by the application instead of loading it via the OpenSSL parsing functions, and the certificate contains non NUL terminated ASN1_STRING structures). It can also occur in the X509_get1_email(), X509_REQ_get1_email() and X509_get1_ocsp() functions. If a malicious actor can cause an application to directly construct an ASN1_STRING and then process it through one of the affected OpenSSL functions then this issue could be hit. This might result in a crash (causing a Denial of Service attack). It could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext). Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k). Fixed in OpenSSL 1.0.2za (Affected 1.0.2-1.0.2y). CVE-2021-3712 Public Cloud Image google/sles-12-sp3-byos-v20220126:libopenssl1_0_0-1.0.2j-60.72.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:openssl-1.0.2j-60.72.2 moderate 5.8 AV:N/AC:M/Au:N/C:P/I:N/A:P A flaw was found in the "Routing decision" classifier in the Linux kernel's Traffic Control networking subsystem in the way it handled changing of classification filters, leading to a use-after-free condition. This flaw allows unprivileged local users to escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. CVE-2021-3715 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 important 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free. CVE-2021-37159 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 4.4 AV:L/AC:M/Au:N/C:P/I:P/A:P A security issue was found in Linux kernel’s OverlayFS subsystem where a local attacker who has the ability to mount the TmpFS filesystem with OverlayFS can abuse a logic bug in the overlayfs code which can inadvertently reveal files hidden in the original mount. CVE-2021-3732 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 low 2.1 AV:L/AC:L/Au:N/C:P/I:N/A:N There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as web browser) connects to, could trigger a Regular Expression Denial of Service (ReDOS) during an authentication request with a specially crafted payload that is sent by the server to the client. The greatest threat that this flaw poses is to application availability. CVE-2021-3733 Public Cloud Image google/sles-12-sp3-byos-v20220126:libpython2_7-1_0-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:libpython3_4m1_0-3.4.10-25.80.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-base-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-xml-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:python3-3.4.10-25.80.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:python3-base-3.4.10-25.80.2 low 4 AV:N/AC:L/Au:S/C:N/I:N/A:P A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability. CVE-2021-3737 Public Cloud Image google/sles-12-sp3-byos-v20220126:libpython2_7-1_0-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:libpython3_4m1_0-3.4.10-25.80.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-base-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:python-xml-2.7.18-28.77.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:python3-3.4.10-25.80.2 Public Cloud Image google/sles-12-sp3-byos-v20220126:python3-base-3.4.10-25.80.2 moderate 7.1 AV:N/AC:M/Au:N/C:N/I:N/A:C A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. CVE-2021-3752 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 important 7.9 AV:A/AC:M/Au:N/C:C/I:C/A:C A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulnerability is to data confidentiality. CVE-2021-3753 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 low 1.9 AV:L/AC:M/Au:N/C:P/I:N/A:N arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e. CVE-2021-37576 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 important 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C A flaw was found in the Linux kernel. A use-after-free vulnerability in the NFC stack can lead to a threat to confidentiality, integrity, and system availability. CVE-2021-3760 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C ** DISPUTED ** An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/sem file. NOTE: this is unexploitable in GNU C Library environments, and possibly in all realistic environments. CVE-2021-37600 Public Cloud Image google/sles-12-sp3-byos-v20220126:libblkid1-2.29.2-3.24.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:libfdisk1-2.29.2-3.24.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:libmount1-2.29.2-3.24.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:libsmartcols1-2.29.2-3.24.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:libuuid1-2.29.2-3.24.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:util-linux-2.29.2-3.24.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:util-linux-systemd-2.29.2-3.24.1 moderate 1.2 AV:L/AC:H/Au:N/C:N/I:N/A:P A flaw was found in the Linux SCTP stack. A blind attacker may be able to kill an existing SCTP association through invalid chunks if the attacker knows the IP-addresses and port numbers being used and the attacker can send packets with spoofed IP addresses. CVE-2021-3772 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 5.8 AV:N/AC:M/Au:N/C:N/I:P/A:P ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior. CVE-2021-38160 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c ds_fgetstr integer overflow that triggers an out-of-bounds heap write. NOTE: it is unclear whether there are common cases where the pattern file, associated with the -E option, is untrusted data. CVE-2021-38185 Public Cloud Image google/sles-12-sp3-byos-v20220126:cpio-2.11-36.15.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault. CVE-2021-38198 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 important 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations. CVE-2021-38204 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-43389. Reason: This candidate is a reservation duplicate of CVE-2021-43389. Notes: All CVE users should reference CVE-2021-43389 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. CVE-2021-3896 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow. CVE-2021-39537 Public Cloud Image google/sles-12-sp3-byos-v20220126:libncurses5-5.9-75.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:libncurses6-5.9-75.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:ncurses-utils-5.9-75.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:terminfo-5.9-75.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:terminfo-base-5.9-75.1 moderate 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine. CVE-2021-4034 Public Cloud Image google/sles-12-sp3-byos-v20220126:libpolkit0-0.113-5.24.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:polkit-0.113-5.24.1 important 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13. CVE-2021-40490 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 4.4 AV:L/AC:M/Au:N/C:P/I:P/A:P sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with group memberships of the sshd process, if the configuration specifies running the command as a different user. CVE-2021-41617 Public Cloud Image google/sles-12-sp3-byos-v20220126:openssh-7.2p2-74.60.1 moderate 4.4 AV:L/AC:M/Au:N/C:P/I:P/A:P The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access. CVE-2021-42008 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 important 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C A heap-based buffer overflow flaw was found in the Linux kernel FireDTV media card driver, where the user calls the CA_SEND_MSG ioctl. This flaw allows a local user of the host machine to crash the system or escalate privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. CVE-2021-42739 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 important 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c. CVE-2021-43389 Public Cloud Image google/sles-12-sp3-byos-v20220126:kernel-default-4.4.180-94.150.1 moderate 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \#7, or PKCS \#12 are likely to be impacted. Applications using NSS for certificate validation or other TLS, X.509, OCSP or CRL functionality may be impacted, depending on how they configure NSS. *Note: This vulnerability does NOT impact Mozilla Firefox.* However, email clients and PDF viewers that use NSS for signature verification, such as Thunderbird, LibreOffice, Evolution and Evince are believed to be impacted. This vulnerability affects NSS < 3.73 and NSS < 3.68.1. CVE-2021-43527 Public Cloud Image google/sles-12-sp3-byos-v20220126:mozilla-nss-certs-3.68.2-58.60.1 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P GNU Multiple Precision Arithmetic Library (GMP) through 6.2.1 has an mpz/inp_raw.c integer overflow and resultant buffer overflow via crafted input, leading to a segmentation fault on 32-bit platforms. CVE-2021-43618 Public Cloud Image google/sles-12-sp3-byos-v20220126:libgmp10-5.1.3-4.3.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory). CVE-2021-45960 Public Cloud Image google/sles-12-sp3-byos-v20220126:expat-2.1.0-21.12.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:libexpat1-2.1.0-21.12.1 moderate 9 AV:N/AC:L/Au:S/C:C/I:C/A:C In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize. CVE-2021-46143 Public Cloud Image google/sles-12-sp3-byos-v20220126:expat-2.1.0-21.12.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:libexpat1-2.1.0-21.12.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P addBinding in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. CVE-2022-22822 Public Cloud Image google/sles-12-sp3-byos-v20220126:expat-2.1.0-21.12.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:libexpat1-2.1.0-21.12.1 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P build_model in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. CVE-2022-22823 Public Cloud Image google/sles-12-sp3-byos-v20220126:expat-2.1.0-21.12.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:libexpat1-2.1.0-21.12.1 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P defineAttribute in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. CVE-2022-22824 Public Cloud Image google/sles-12-sp3-byos-v20220126:expat-2.1.0-21.12.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:libexpat1-2.1.0-21.12.1 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P lookup in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. CVE-2022-22825 Public Cloud Image google/sles-12-sp3-byos-v20220126:expat-2.1.0-21.12.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:libexpat1-2.1.0-21.12.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P nextScaffoldPart in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. CVE-2022-22826 Public Cloud Image google/sles-12-sp3-byos-v20220126:expat-2.1.0-21.12.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:libexpat1-2.1.0-21.12.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P storeAtts in xmlparse.c in Expat (aka libexpat) before 2.4.3 has an integer overflow. CVE-2022-22827 Public Cloud Image google/sles-12-sp3-byos-v20220126:expat-2.1.0-21.12.1 Public Cloud Image google/sles-12-sp3-byos-v20220126:libexpat1-2.1.0-21.12.1 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P