openSUSE Security Update: Security update for zypper, libzypp and libsolv
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2019:1927-1
Rating:             moderate
References:         #1047962 #1049826 #1053177 #1065022 #1099019 
                    #1102261 #1110542 #1111319 #1112911 #1113296 
                    #1114908 #1115341 #1116840 #1118758 #1119373 
                    #1119820 #1119873 #1120263 #1120463 #1120629 
                    #1120630 #1120631 #1121611 #1122062 #1122471 
                    #1123137 #1123681 #1123843 #1123865 #1123967 
                    #1124897 #1125415 #1127026 #1127155 #1127220 
                    #1130161 #1131823 #1135749 #1137977 #663358 
                    #764147 #965786 #978193 #993025 
Cross-References:   CVE-2018-20532 CVE-2018-20533 CVE-2018-20534
                   
Affected Products:
                    openSUSE Leap 15.0
______________________________________________________________________________

   An update that solves three vulnerabilities and has 41
   fixes is now available.

Description:

   This update for libzypp and libsolv fixes the following issues:

   Security issues fixed:

   - CVE-2018-20532: Fixed NULL pointer dereference at ext/testcase.c
     (function testcase_read) (bsc#1120629).
   - CVE-2018-20533: Fixed NULL pointer dereference at ext/testcase.c
     (function testcase_str2dep_complex) in libsolvext.a (bsc#1120630).
   - CVE-2018-20534: Fixed illegal address access at src/pool.h (function
     pool_whatprovides) in libsolv.a (bsc#1120631).

   Fixed bugs and enhancements:

   - make cleandeps jobs on patterns work (bnc#1137977)
   - Fixed an issue where libsolv failed to build against swig 4.0 by
     updating the version to 0.7.5 (bsc#1135749).
   - Virtualization host upgrade from SLES-15 to SLES-15-SP1 finished with
     wrong product name shown up (bsc#1131823).
   - Copy pattern categories from the rpm that defines the pattern
     (fate#323785).
   - Enhance scanning /sys for modaliases (bsc#1130161).
   - Prevent SEGV if the application sets an empty TextLocale (bsc#1127026).
   - Handle libgpgme error when gpg key is not completely read and user hits
     CTRL + C (bsc#1127220).
   - Added a hint when registration codes have expired (bsc#965786).
   - Adds a better handling of an error when verifying any repository medium
     (bsc#1065022).
   - Will now only write type field when probing (bsc#1114908).
   - Fixes an issue where zypper has showed the info message 'Installation
     aborted by user' while the installation was aborted by wicked
     (bsc#978193).
   - Suppresses reporting `/memfd:` pseudo files (bsc#1123843).
   - Fixes an issue where zypper was not able to install or uninstall
     packages when rpm is unavailable (bsc#1122471).
   - Fixes an issue where locks were ignored (bsc#1113296).
   - Simplify complex locks so zypper can display them (bsc#1112911).
   - zypper will now set `SYSTEMD_OFFLINE=1` during chrooted commits
     (bsc#1118758).
   - no-recommends: Nevertheless consider resolver namespaces (hardware,
     language,..supporting packages) (fate#325513).
   - Removes world-readable bit from /var/log/zypp (bsc#1099019).
   - Does no longer fail service-refresh on a empty repoindex.xml
     (bsc#1116840).
   - Fixes soname due to libsolv ABI changes (bsc#1115341).
   - Add infrastructure to flag specific packages to trigger a reboot needed
     hint (fate#326451).

   This update for zypper 1.14.27 fixes the following issues:

   - bash-completion: add package completion for addlock (bsc#1047962)
   - bash-completion: fix incorrect detection of command names (bsc#1049826)

   - Offer to change the 'runSearchPackages' config option at the prompt
     (bsc#1119373, FATE#325599)
   - Prompt: provide a 'yes/no/always/never' prompt.
   - Prompt: support "#NUM" as answer to select the NUMth option...
   - Augeas: enable writing back changed option values (to ~/.zypper.conf)
   - removelocale: fix segfault
   - Move needs-restarting command to subpackage (fixes #254)
   - Allow empty string as argument (bsc#1125415)
   - Provide a way to delete cache for volatile repositories (bsc#1053177)
   - Adapt to boost-1.69 requiring explicit casts tribool->bool (fixes #255)
   - Show support status in info if not unknown (bsc#764147)
   - Fix installing plain rpm files with `zypper in` (bsc#1124897)
   - Show only required info in the summary in quiet mode (bsc#993025)
   - Stay with legacy behavior and return ZYPPER_EXIT_INF_REBOOT_NEEDED
     only for patches. We don't extend this return code to packages, although
      they may also carry the 'reboot-needed' attribute. The preferred way to
      test whether the system needs to be rebooted is `zypper
      needs-rebooting`. (openSUSE/zypper#237)
   - Skip repository on error (bsc#1123967)
   - New commands for locale management: locales addlocale removelocale
     Inspect and manipulate the systems `requested locales`, aka. the
     languages software packages should try support by installing
     translations, dictionaries and tools, as far as they are available.
   - Don't throw, just warn if options are repeated (bsc#1123865)
   - Fix detection whether stdout is a tty (happened too late)
   - Fix broken --plus-content switch (fixes bsc#1123681)
   - Fix broken --replacefiles switch (fixes bsc#1123137)
   - Extend zypper source-install (fixes bsc#663358)
   - Fix inconsistent results for search (bsc#1119873)
   - Show reboot hint in zypper ps and summary (fixes bsc#1120263)
   - Improve handling of partially locked packages (bsc#1113296)
   - Fix wrong default values in help text (bsc#1121611)
   - Fixed broken argument parsing for --reposd-dir (bsc#1122062)
   - Fix wrong zypp::indeterminate use (bsc#1120463)
   - CLI parser: fix broken initialization enforcing 'select by name'
     (bsc#1119820)
   - zypper.conf: [commit] autoAgreeWithLicenses {=false} (fixes #220)
   - locks: Fix printing of versioned locks (bsc#1112911)
   - locks: create and write versioned locks correctly (bsc#1112911)
   - patch: --with update may implicitly assume --with-optional (bsc#1102261)
   - no-recommends: Nevertheless consider resolver namespaces (hardware,
     language,..supporting packages) (FATE#325513)
   - Optionally run "zypper search-packages" after "search" (FATE#325599)
   - zypper.conf: Add [search]runSearchPackages config variable.
   - Don't iterate twice on --no-cd (bsc#1111319)
   - zypper-log: Make it Python 3 compatible
   - man: mention /etc/zypp/needreboot config file (fate#326451, fixes #140)
   - Add `needs-restarting` shell script and manpage (fate#326451)
   - Add zypper needs-rebooting command (fate#326451)
   - Introduce new zypper command framefork. Migrated commands so far:
     addlock addrepo addservice clean cleanlocks modifyrepo modifyservice ps
     refresh refresh-services removelock removerepo removeservice renamerepo
     repos services
   - MediaChangeReport: fix https URLs causing 2 prompts on error
     (bsc#1110542)

   This update was imported from the SUSE:SLE-15:Update update project.


Patch Instructions:

   To install this openSUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - openSUSE Leap 15.0:

      zypper in -t patch openSUSE-2019-1927=1



Package List:

   - openSUSE Leap 15.0 (i586 x86_64):

      PackageKit-1.1.10-lp150.11.1
      PackageKit-backend-zypp-1.1.10-lp150.11.1
      PackageKit-backend-zypp-debuginfo-1.1.10-lp150.11.1
      PackageKit-debuginfo-1.1.10-lp150.11.1
      PackageKit-debugsource-1.1.10-lp150.11.1
      PackageKit-devel-1.1.10-lp150.11.1
      PackageKit-devel-debuginfo-1.1.10-lp150.11.1
      PackageKit-gstreamer-plugin-1.1.10-lp150.11.1
      PackageKit-gstreamer-plugin-debuginfo-1.1.10-lp150.11.1
      PackageKit-gtk3-module-1.1.10-lp150.11.1
      PackageKit-gtk3-module-debuginfo-1.1.10-lp150.11.1
      libpackagekit-glib2-18-1.1.10-lp150.11.1
      libpackagekit-glib2-18-debuginfo-1.1.10-lp150.11.1
      libpackagekit-glib2-devel-1.1.10-lp150.11.1
      libyui-ncurses-pkg-debugsource-2.48.5.2-lp150.7.1
      libyui-ncurses-pkg-devel-2.48.5.2-lp150.7.1
      libyui-ncurses-pkg8-2.48.5.2-lp150.7.1
      libyui-ncurses-pkg8-debuginfo-2.48.5.2-lp150.7.1
      libyui-qt-pkg-debugsource-2.45.15.2-lp150.7.1
      libyui-qt-pkg-devel-2.45.15.2-lp150.7.1
      libyui-qt-pkg8-2.45.15.2-lp150.7.1
      libyui-qt-pkg8-debuginfo-2.45.15.2-lp150.7.1
      typelib-1_0-PackageKitGlib-1_0-1.1.10-lp150.11.1
      yast2-pkg-bindings-4.0.13-lp150.2.13.1
      yast2-pkg-bindings-debuginfo-4.0.13-lp150.2.13.1
      yast2-pkg-bindings-debugsource-4.0.13-lp150.2.13.1

   - openSUSE Leap 15.0 (x86_64):

      libpackagekit-glib2-18-32bit-1.1.10-lp150.11.1
      libpackagekit-glib2-18-32bit-debuginfo-1.1.10-lp150.11.1
      libpackagekit-glib2-devel-32bit-1.1.10-lp150.11.1
      libsolv-debuginfo-0.7.5-lp150.7.1
      libsolv-debugsource-0.7.5-lp150.7.1
      libsolv-demo-0.7.5-lp150.7.1
      libsolv-demo-debuginfo-0.7.5-lp150.7.1
      libsolv-devel-0.7.5-lp150.7.1
      libsolv-devel-debuginfo-0.7.5-lp150.7.1
      libsolv-tools-0.7.5-lp150.7.1
      libsolv-tools-debuginfo-0.7.5-lp150.7.1
      libzypp-17.12.0-lp150.2.13.1
      libzypp-debuginfo-17.12.0-lp150.2.13.1
      libzypp-debugsource-17.12.0-lp150.2.13.1
      libzypp-devel-17.12.0-lp150.2.13.1
      libzypp-devel-doc-17.12.0-lp150.2.13.1
      perl-solv-0.7.5-lp150.7.1
      perl-solv-debuginfo-0.7.5-lp150.7.1
      python-solv-0.7.5-lp150.7.1
      python-solv-debuginfo-0.7.5-lp150.7.1
      python3-solv-0.7.5-lp150.7.1
      python3-solv-debuginfo-0.7.5-lp150.7.1
      ruby-solv-0.7.5-lp150.7.1
      ruby-solv-debuginfo-0.7.5-lp150.7.1
      zypper-1.14.28-lp150.2.13.1
      zypper-debuginfo-1.14.28-lp150.2.13.1
      zypper-debugsource-1.14.28-lp150.2.13.1

   - openSUSE Leap 15.0 (noarch):

      PackageKit-branding-upstream-1.1.10-lp150.11.1
      PackageKit-lang-1.1.10-lp150.11.1
      zypper-aptitude-1.14.28-lp150.2.13.1
      zypper-log-1.14.28-lp150.2.13.1
      zypper-needs-restarting-1.14.28-lp150.2.13.1


References:

   https://www.suse.com/security/cve/CVE-2018-20532.html
   https://www.suse.com/security/cve/CVE-2018-20533.html
   https://www.suse.com/security/cve/CVE-2018-20534.html
   https://bugzilla.suse.com/1047962
   https://bugzilla.suse.com/1049826
   https://bugzilla.suse.com/1053177
   https://bugzilla.suse.com/1065022
   https://bugzilla.suse.com/1099019
   https://bugzilla.suse.com/1102261
   https://bugzilla.suse.com/1110542
   https://bugzilla.suse.com/1111319
   https://bugzilla.suse.com/1112911
   https://bugzilla.suse.com/1113296
   https://bugzilla.suse.com/1114908
   https://bugzilla.suse.com/1115341
   https://bugzilla.suse.com/1116840
   https://bugzilla.suse.com/1118758
   https://bugzilla.suse.com/1119373
   https://bugzilla.suse.com/1119820
   https://bugzilla.suse.com/1119873
   https://bugzilla.suse.com/1120263
   https://bugzilla.suse.com/1120463
   https://bugzilla.suse.com/1120629
   https://bugzilla.suse.com/1120630
   https://bugzilla.suse.com/1120631
   https://bugzilla.suse.com/1121611
   https://bugzilla.suse.com/1122062
   https://bugzilla.suse.com/1122471
   https://bugzilla.suse.com/1123137
   https://bugzilla.suse.com/1123681
   https://bugzilla.suse.com/1123843
   https://bugzilla.suse.com/1123865
   https://bugzilla.suse.com/1123967
   https://bugzilla.suse.com/1124897
   https://bugzilla.suse.com/1125415
   https://bugzilla.suse.com/1127026
   https://bugzilla.suse.com/1127155
   https://bugzilla.suse.com/1127220
   https://bugzilla.suse.com/1130161
   https://bugzilla.suse.com/1131823
   https://bugzilla.suse.com/1135749
   https://bugzilla.suse.com/1137977
   https://bugzilla.suse.com/663358
   https://bugzilla.suse.com/764147
   https://bugzilla.suse.com/965786
   https://bugzilla.suse.com/978193
   https://bugzilla.suse.com/993025

--

openSUSE: 2019:1927-1: moderate: zypper, libzypp and libsolv

August 18, 2019
An update that solves three vulnerabilities and has 41 fixes is now available.

Description

This update for libzypp and libsolv fixes the following issues: Security issues fixed: - CVE-2018-20532: Fixed NULL pointer dereference at ext/testcase.c (function testcase_read) (bsc#1120629). - CVE-2018-20533: Fixed NULL pointer dereference at ext/testcase.c (function testcase_str2dep_complex) in libsolvext.a (bsc#1120630). - CVE-2018-20534: Fixed illegal address access at src/pool.h (function pool_whatprovides) in libsolv.a (bsc#1120631). Fixed bugs and enhancements: - make cleandeps jobs on patterns work (bnc#1137977) - Fixed an issue where libsolv failed to build against swig 4.0 by updating the version to 0.7.5 (bsc#1135749). - Virtualization host upgrade from SLES-15 to SLES-15-SP1 finished with wrong product name shown up (bsc#1131823). - Copy pattern categories from the rpm that defines the pattern (fate#323785). - Enhance scanning /sys for modaliases (bsc#1130161). - Prevent SEGV if the application sets an empty TextLocale (bsc#1127026). - Handle libgpgme error when gpg key is not completely read and user hits CTRL + C (bsc#1127220). - Added a hint when registration codes have expired (bsc#965786). - Adds a better handling of an error when verifying any repository medium (bsc#1065022). - Will now only write type field when probing (bsc#1114908). - Fixes an issue where zypper has showed the info message 'Installation aborted by user' while the installation was aborted by wicked (bsc#978193). - Suppresses reporting `/memfd:` pseudo files (bsc#1123843). - Fixes an issue where zypper was not able to install or uninstall packages when rpm is unavailable (bsc#1122471). - Fixes an issue where locks were ignored (bsc#1113296). - Simplify complex locks so zypper can display them (bsc#1112911). - zypper will now set `SYSTEMD_OFFLINE=1` during chrooted commits (bsc#1118758). - no-recommends: Nevertheless consider resolver namespaces (hardware, language,..supporting packages) (fate#325513). - Removes world-readable bit from /var/log/zypp (bsc#1099019). - Does no longer fail service-refresh on a empty repoindex.xml (bsc#1116840). - Fixes soname due to libsolv ABI changes (bsc#1115341). - Add infrastructure to flag specific packages to trigger a reboot needed hint (fate#326451). This update for zypper 1.14.27 fixes the following issues: - bash-completion: add package completion for addlock (bsc#1047962) - bash-completion: fix incorrect detection of command names (bsc#1049826) - Offer to change the 'runSearchPackages' config option at the prompt (bsc#1119373, FATE#325599) - Prompt: provide a 'yes/no/always/never' prompt. - Prompt: support "#NUM" as answer to select the NUMth option... - Augeas: enable writing back changed option values (to ~/.zypper.conf) - removelocale: fix segfault - Move needs-restarting command to subpackage (fixes #254) - Allow empty string as argument (bsc#1125415) - Provide a way to delete cache for volatile repositories (bsc#1053177) - Adapt to boost-1.69 requiring explicit casts tribool->bool (fixes #255) - Show support status in info if not unknown (bsc#764147) - Fix installing plain rpm files with `zypper in` (bsc#1124897) - Show only required info in the summary in quiet mode (bsc#993025) - Stay with legacy behavior and return ZYPPER_EXIT_INF_REBOOT_NEEDED only for patches. We don't extend this return code to packages, although they may also carry the 'reboot-needed' attribute. The preferred way to test whether the system needs to be rebooted is `zypper needs-rebooting`. (openSUSE/zypper#237) - Skip repository on error (bsc#1123967) - New commands for locale management: locales addlocale removelocale Inspect and manipulate the systems `requested locales`, aka. the languages software packages should try support by installing translations, dictionaries and tools, as far as they are available. - Don't throw, just warn if options are repeated (bsc#1123865) - Fix detection whether stdout is a tty (happened too late) - Fix broken --plus-content switch (fixes bsc#1123681) - Fix broken --replacefiles switch (fixes bsc#1123137) - Extend zypper source-install (fixes bsc#663358) - Fix inconsistent results for search (bsc#1119873) - Show reboot hint in zypper ps and summary (fixes bsc#1120263) - Improve handling of partially locked packages (bsc#1113296) - Fix wrong default values in help text (bsc#1121611) - Fixed broken argument parsing for --reposd-dir (bsc#1122062) - Fix wrong zypp::indeterminate use (bsc#1120463) - CLI parser: fix broken initialization enforcing 'select by name' (bsc#1119820) - zypper.conf: [commit] autoAgreeWithLicenses {=false} (fixes #220) - locks: Fix printing of versioned locks (bsc#1112911) - locks: create and write versioned locks correctly (bsc#1112911) - patch: --with update may implicitly assume --with-optional (bsc#1102261) - no-recommends: Nevertheless consider resolver namespaces (hardware, language,..supporting packages) (FATE#325513) - Optionally run "zypper search-packages" after "search" (FATE#325599) - zypper.conf: Add [search]runSearchPackages config variable. - Don't iterate twice on --no-cd (bsc#1111319) - zypper-log: Make it Python 3 compatible - man: mention /etc/zypp/needreboot config file (fate#326451, fixes #140) - Add `needs-restarting` shell script and manpage (fate#326451) - Add zypper needs-rebooting command (fate#326451) - Introduce new zypper command framefork. Migrated commands so far: addlock addrepo addservice clean cleanlocks modifyrepo modifyservice ps refresh refresh-services removelock removerepo removeservice renamerepo repos services - MediaChangeReport: fix https URLs causing 2 prompts on error (bsc#1110542) This update was imported from the SUSE:SLE-15:Update update project.

 

Patch

Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.0: zypper in -t patch openSUSE-2019-1927=1


Package List

- openSUSE Leap 15.0 (i586 x86_64): PackageKit-1.1.10-lp150.11.1 PackageKit-backend-zypp-1.1.10-lp150.11.1 PackageKit-backend-zypp-debuginfo-1.1.10-lp150.11.1 PackageKit-debuginfo-1.1.10-lp150.11.1 PackageKit-debugsource-1.1.10-lp150.11.1 PackageKit-devel-1.1.10-lp150.11.1 PackageKit-devel-debuginfo-1.1.10-lp150.11.1 PackageKit-gstreamer-plugin-1.1.10-lp150.11.1 PackageKit-gstreamer-plugin-debuginfo-1.1.10-lp150.11.1 PackageKit-gtk3-module-1.1.10-lp150.11.1 PackageKit-gtk3-module-debuginfo-1.1.10-lp150.11.1 libpackagekit-glib2-18-1.1.10-lp150.11.1 libpackagekit-glib2-18-debuginfo-1.1.10-lp150.11.1 libpackagekit-glib2-devel-1.1.10-lp150.11.1 libyui-ncurses-pkg-debugsource-2.48.5.2-lp150.7.1 libyui-ncurses-pkg-devel-2.48.5.2-lp150.7.1 libyui-ncurses-pkg8-2.48.5.2-lp150.7.1 libyui-ncurses-pkg8-debuginfo-2.48.5.2-lp150.7.1 libyui-qt-pkg-debugsource-2.45.15.2-lp150.7.1 libyui-qt-pkg-devel-2.45.15.2-lp150.7.1 libyui-qt-pkg8-2.45.15.2-lp150.7.1 libyui-qt-pkg8-debuginfo-2.45.15.2-lp150.7.1 typelib-1_0-PackageKitGlib-1_0-1.1.10-lp150.11.1 yast2-pkg-bindings-4.0.13-lp150.2.13.1 yast2-pkg-bindings-debuginfo-4.0.13-lp150.2.13.1 yast2-pkg-bindings-debugsource-4.0.13-lp150.2.13.1 - openSUSE Leap 15.0 (x86_64): libpackagekit-glib2-18-32bit-1.1.10-lp150.11.1 libpackagekit-glib2-18-32bit-debuginfo-1.1.10-lp150.11.1 libpackagekit-glib2-devel-32bit-1.1.10-lp150.11.1 libsolv-debuginfo-0.7.5-lp150.7.1 libsolv-debugsource-0.7.5-lp150.7.1 libsolv-demo-0.7.5-lp150.7.1 libsolv-demo-debuginfo-0.7.5-lp150.7.1 libsolv-devel-0.7.5-lp150.7.1 libsolv-devel-debuginfo-0.7.5-lp150.7.1 libsolv-tools-0.7.5-lp150.7.1 libsolv-tools-debuginfo-0.7.5-lp150.7.1 libzypp-17.12.0-lp150.2.13.1 libzypp-debuginfo-17.12.0-lp150.2.13.1 libzypp-debugsource-17.12.0-lp150.2.13.1 libzypp-devel-17.12.0-lp150.2.13.1 libzypp-devel-doc-17.12.0-lp150.2.13.1 perl-solv-0.7.5-lp150.7.1 perl-solv-debuginfo-0.7.5-lp150.7.1 python-solv-0.7.5-lp150.7.1 python-solv-debuginfo-0.7.5-lp150.7.1 python3-solv-0.7.5-lp150.7.1 python3-solv-debuginfo-0.7.5-lp150.7.1 ruby-solv-0.7.5-lp150.7.1 ruby-solv-debuginfo-0.7.5-lp150.7.1 zypper-1.14.28-lp150.2.13.1 zypper-debuginfo-1.14.28-lp150.2.13.1 zypper-debugsource-1.14.28-lp150.2.13.1 - openSUSE Leap 15.0 (noarch): PackageKit-branding-upstream-1.1.10-lp150.11.1 PackageKit-lang-1.1.10-lp150.11.1 zypper-aptitude-1.14.28-lp150.2.13.1 zypper-log-1.14.28-lp150.2.13.1 zypper-needs-restarting-1.14.28-lp150.2.13.1


References

https://www.suse.com/security/cve/CVE-2018-20532.html https://www.suse.com/security/cve/CVE-2018-20533.html https://www.suse.com/security/cve/CVE-2018-20534.html https://bugzilla.suse.com/1047962 https://bugzilla.suse.com/1049826 https://bugzilla.suse.com/1053177 https://bugzilla.suse.com/1065022 https://bugzilla.suse.com/1099019 https://bugzilla.suse.com/1102261 https://bugzilla.suse.com/1110542 https://bugzilla.suse.com/1111319 https://bugzilla.suse.com/1112911 https://bugzilla.suse.com/1113296 https://bugzilla.suse.com/1114908 https://bugzilla.suse.com/1115341 https://bugzilla.suse.com/1116840 https://bugzilla.suse.com/1118758 https://bugzilla.suse.com/1119373 https://bugzilla.suse.com/1119820 https://bugzilla.suse.com/1119873 https://bugzilla.suse.com/1120263 https://bugzilla.suse.com/1120463 https://bugzilla.suse.com/1120629 https://bugzilla.suse.com/1120630 https://bugzilla.suse.com/1120631 https://bugzilla.suse.com/1121611 https://bugzilla.suse.com/1122062 https://bugzilla.suse.com/1122471 https://bugzilla.suse.com/1123137 https://bugzilla.suse.com/1123681 https://bugzilla.suse.com/1123843 https://bugzilla.suse.com/1123865 https://bugzilla.suse.com/1123967 https://bugzilla.suse.com/1124897 https://bugzilla.suse.com/1125415 https://bugzilla.suse.com/1127026 https://bugzilla.suse.com/1127155 https://bugzilla.suse.com/1127220 https://bugzilla.suse.com/1130161 https://bugzilla.suse.com/1131823 https://bugzilla.suse.com/1135749 https://bugzilla.suse.com/1137977 https://bugzilla.suse.com/663358 https://bugzilla.suse.com/764147 https://bugzilla.suse.com/965786 https://bugzilla.suse.com/978193 https://bugzilla.suse.com/993025--


Severity
Announcement ID: openSUSE-SU-2019:1927-1
Rating: moderate
Affected Products: openSUSE Leap 15.0 le.

Related News

19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved