SUSE-IU-2024:431-1 SUSE Image security@suse.de SUSE Security Team SUSE Image SUSE-IU-2024:431-1 Interim 1 1 2024-11-27T15:04:29Z current 2024-04-11T01:00:00Z 2024-04-11T01:00:00Z cve-database/bin/generate-cvrf-publiccloud.pl 2021-02-18T01:00:00Z Image update for SUSE-IU-2024:431-1 / google/suse-liberty-linux-8-9-byos-v20240411-x86-64 This image update for google/suse-liberty-linux-8-9-byos-v20240411-x86-64 contains the following changes: Package newt was updated: Package udisks2 was updated: - iscsi: Fix login on firmware-discovered nodes (#2213193)- tests: Extend iscsi method call timeouts (#2213715) Package popt was updated: - Rebase to popt 1.18 (https://github.com/rpm-software-management/popt/releases/tag/popt-1.18-release)- Update URLs to rebooted upstream - Clean up ancient cruft from spec, use modern build macros Package pcre was updated: Package audit-libs was updated: - Introduce new fanotify record fieldsResolves: rhbz#2216668 - invalid use of flexible array member Resolves: rhbz#2116867 Package dmidecode was updated: Package nftables was updated: Package libpcap was updated: Package crypto-policies was updated: - krb5: sort enctypes mac-first, cipher-second, prioritize SHA-2 ones- krb5: fix policy generator to account for macs - docs: replace `FIPS 140-2` with just `FIPS 140` Package chkconfig was updated: - alternatives: --keep-foreign incorrectly handles non-existent files- alternatives: isLink should return 0 in case of lstat error - spec: Replace not working awk command with sed (#63) Package polkit-pkla-compat was updated: Package libgcc was updated: Package python3-unbound was updated: Package dbus-tools was updated: Package libattr was updated: Package libzstd was updated: - Rebase to 1.4.4Resolvese: 1807452 Package libblockdev-fs was updated: - Fix double free in write_escrow_data_file Resolves: rhbz#2142660 Package e2fsprogs was updated: - Update e2fsprogs with upstream fixes and improvements (#2083621)- Fix out-of-bounds read/write via crafter filesystem (#2073548) Package elfutils-libs was updated: - Add elfutils-0.189-elf_getdata_rawchunk.patch- Add elfutils-0.189-debuginfod_config_cache-double-close.patch Package dnf was updated: Package gce-disk-expand was updated: Package gnutls was updated: Package google-compute-engine-oslogin was updated: Package libdb-utils was updated: - Apply the previous change only on aarch64 to limit the risk of unwanted impact- Resolves: #1992402 Package dhcp-libs was updated: Package libblockdev-crypto was updated: - Fix double free in write_escrow_data_file Resolves: rhbz#2142660 Package libsemanage was updated: Package geolite2-city was updated: Package efibootmgr was updated: - efibootmgr 16- better coverity and clang-analyzer support - better CI - minor fixes Package libtirpc was updated: - rpcb_clnt.c add mechanism to try v2 protocol first (bz 2107650)- Multithreaded cleanup (bz 2112116) Package policycoreutils was updated: Package elfutils-libelf was updated: - Add elfutils-0.189-elf_getdata_rawchunk.patch- Add elfutils-0.189-debuginfod_config_cache-double-close.patch Package rpm-libs was updated: - Backport file handling code from rpm-4.19 to fix CVE-2021-35937, CVE-2021-35938 and CVE-2021-35939 Package google-guest-agent was updated: Package libreport-filesystem was updated: Package libdb was updated: - Apply the previous change only on aarch64 to limit the risk of unwanted impact- Resolves: #1992402 Package rpm was updated: - Backport file handling code from rpm-4.19 to fix CVE-2021-35937, CVE-2021-35938 and CVE-2021-35939 Package polkit-libs was updated: - pkttyagent gets stopped if killed in the background- Resolves: rhbz#2128989 Package libidn2 was updated: - Update to 2.2.0 (#1674201)- Drop obsolete scriptlets Package libblockdev-swap was updated: - Fix double free in write_escrow_data_file Resolves: rhbz#2142660 Package libgpg-error was updated: Package pigz was updated: Package rpm-plugin-selinux was updated: - Backport file handling code from rpm-4.19 to fix CVE-2021-35937, CVE-2021-35938 and CVE-2021-35939 Package rpm-build-libs was updated: - Backport file handling code from rpm-4.19 to fix CVE-2021-35937, CVE-2021-35938 and CVE-2021-35939 Package platform-python was updated: - Security fix for CVE-2023-27043Resolves: RHEL-5563 Package nvme-cli was updated: Package hardlink was updated: Package python3-pip was updated: - Require Python with tarfile filtersResolves: RHEL-25449 Package dbus-glib was updated: Package procps-ng was updated: - CVE-2023-4016: ps: possible buffer overflow- Resolves: rhbz#2228503 Package plymouth was updated: Package python3-libdnf was updated: Package shadow-utils was updated: Package libunistring was updated: - Fix invalid license tag- Resolves: rhbz#1611728 Package keyutils-libs was updated: Package rubygem-json was updated: Package sg3_utils was updated: Package nspr was updated: Package openssh was updated: - Fix Terrapin attack Resolves: RHEL-19762 Package libpsl was updated: Package hwdata was updated: - Update pci, usb and vendor ids Resolves: #2169697 Package python3-linux-procfs was updated: - Rebase to upstream version python-linux-procfs-0.7.1Resolves: rhbz#2121522 Package device-mapper-libs was updated: Package rootfiles was updated: Package libselinux was updated: Package NetworkManager-tui was updated: Package tar was updated: - Fix CVE-2022-48303- Resolves: CVE-2022-48303 Package libblockdev-mdraid was updated: - Fix double free in write_escrow_data_file Resolves: rhbz#2142660 Package libsss_autofs was updated: Package tpm2-tss was updated: - Ensure layer number is in bounds Resolves: rhbz#2160302 Resolves: rhbz#2162611 Package libxmlb was updated: Package libnsl2 was updated: - Update to 1.2.0-2.20181605git4a062cf Resolves: rhbz#1573895 Package iwl105-firmware was updated: - Move amd-ucode README to docs directory due to dracut issue (RHEL-16800)- Update AMD cpu microcode from upstream 06afd7f939c5 (RHEL-16783) - Update amd-ucode/README from upstream d252e92d50c0 (RHEL-16783) - Revert 'Exclude AMD cpu ucode for fam19/*cpuid_0x00aa0f0*' Resolves: RHEL-16783, RHEL-16800 Package libestr was updated: - Rebuild due to the following message: libestr-0.1.10-2.el8 has already been built resolves: rhbz#2056293 Package kbd was updated: - Fix vlock when console or terminal is closed abruptly Resolves: #2178798 Package nss-softokn-freebl was updated: Package libteam was updated: - teamd: do no remove the ports on shutdown with -N [2148856]- teamd: stop iterating callbacks when a loop restart is requested [2148855] Package libstdc++ was updated: Package p11-kit was updated: - Rebase to 0.23.22 to fix memory safety issues (CVE-2020-29361, CVE-2020-29362, and CVE-2020-29363)- Preserve DT_NEEDED information from the previous version, flagged by rpmdiff - Add xsltproc to BR Package gnupg2 was updated: Package lz4-libs was updated: - Fix memory corruption due to an integer overflow_ Resolves: CVE-2021-3520 Package dbus-common was updated: Package ipset was updated: - Rebase to 7.1 (RHBZ#1649090): - Add compatibility support for strscpy() - Correct the manpage about the sort option - Add missing functions to libipset.map - configure.ac: Fix build regression on RHEL/CentOS/SL (Serhey Popovych) - Implement sorting for hash types in the ipset tool - Fix to list/save into file specified by option (reported by Isaac Good) - Introduction of new commands and protocol version 7, updated kernel include files - Add compatibility support for async in pernet_operations - Use more robust awk patterns to check for backward compatibility - Prepare the ipset tool to handle multiple protocol version - Fix warning message handlin - Correct to test null valued entry in hash:net6,port,net6 test - Library reworked to support embedding ipset completely - Add compatibility to support kvcalloc() - Validate string type attributes in attr2data() (Stefano Brivio) - manpage: Add comment about matching on destination MAC address (Stefano Brivio) (RHBZ#1649079) - Add compatibility to support is_zero_ether_addr() - Fix use-after-free in ipset_parse_name_compat() (Stefano Brivio) (RHBZ#1649085) - Fix leak in build_argv() on line parsing error (Stefano Brivio) (RHBZ#1649085) - Simplify return statement in ipset_mnl_query() (Stefano Brivio) (RHBZ#1649085) - tests/check_klog.sh: Try dmesg too, don't let shell terminate script (Stefano Brivio) - Fixes: - Fix all shellcheck warnings in init script (RHBZ#1649085) - Make error reporting consistent, introduce different severities (RHBZ#1683711) - While restoring, on invalid entries, remove them and retry (RHBZ#1683713) - Fix covscan SC2166 warning in init script (RHBZ#1649085) Package libsss_idmap was updated: Package dhcp-common was updated: Package nss was updated: Package NetworkManager-libnm was updated: Package libref_array was updated: Package libss was updated: - Update e2fsprogs with upstream fixes and improvements (#2083621)- Fix out-of-bounds read/write via crafter filesystem (#2073548) Package volume_key-libs was updated: - Make volume_key working in FIPS mode Resolves: #2143223 Package libnl3-cli was updated: Package libuuid was updated: Package readline was updated: Package libcom_err was updated: - Update e2fsprogs with upstream fixes and improvements (#2083621)- Fix out-of-bounds read/write via crafter filesystem (#2073548) Package cronie was updated: Package iptables-ebtables was updated: - iptables-restore: Drop dead code- iptables-apply: Eliminate shellcheck warnings - ebtables: Exit gracefully on invalid table names Package plymouth-scripts was updated: Package libcomps was updated: - Update to 0.1.18- Fix issues detected by static analyzers - Remove Python 2 support Package os-prober was updated: - Another build but with a gating.yaml to allow leaving gating Resolves: rhbz#1624158 Package xz was updated: - Fix arbitrary file write vulnerability Resolves: CVE-2022-1271 Package cpio was updated: Package rubygem-did_you_mean was updated: Package bzip2-libs was updated: Package libmodman was updated: Package filesystem was updated: - Make /proc and /sys ghost to workaround issue in container- Revert restorecon change Package libedit was updated: - Add gcc BR- Build verbosely - Drop obsolete --enable-widec configure option - Fix "unused direct shared library dependency" warning from rpmlint again - Fix man page error due to BSD nroff macro that is not available on Linux - Drop explicit R on pkgconfig from the -devel package, autogenerated Package libmaxminddb was updated: Package glibc-langpack-en was updated: Package ipset-libs was updated: - Rebase to 7.1 (RHBZ#1649090): - Add compatibility support for strscpy() - Correct the manpage about the sort option - Add missing functions to libipset.map - configure.ac: Fix build regression on RHEL/CentOS/SL (Serhey Popovych) - Implement sorting for hash types in the ipset tool - Fix to list/save into file specified by option (reported by Isaac Good) - Introduction of new commands and protocol version 7, updated kernel include files - Add compatibility support for async in pernet_operations - Use more robust awk patterns to check for backward compatibility - Prepare the ipset tool to handle multiple protocol version - Fix warning message handlin - Correct to test null valued entry in hash:net6,port,net6 test - Library reworked to support embedding ipset completely - Add compatibility to support kvcalloc() - Validate string type attributes in attr2data() (Stefano Brivio) - manpage: Add comment about matching on destination MAC address (Stefano Brivio) (RHBZ#1649079) - Add compatibility to support is_zero_ether_addr() - Fix use-after-free in ipset_parse_name_compat() (Stefano Brivio) (RHBZ#1649085) - Fix leak in build_argv() on line parsing error (Stefano Brivio) (RHBZ#1649085) - Simplify return statement in ipset_mnl_query() (Stefano Brivio) (RHBZ#1649085) - tests/check_klog.sh: Try dmesg too, don't let shell terminate script (Stefano Brivio) - Fixes: - Fix all shellcheck warnings in init script (RHBZ#1649085) - Make error reporting consistent, introduce different severities (RHBZ#1683711) - While restoring, on invalid entries, remove them and retry (RHBZ#1683713) - Fix covscan SC2166 warning in init script (RHBZ#1649085) Package gzip was updated: - fix an arbitrary-file-write vulnerability in zgrepResolves: CVE-2022-1271 Package libmodulemd was updated: Package libfdisk was updated: Package bash was updated: - Fix a crash in buffered_getchar() function Resolves: #2062291 Package glibc was updated: Package libnfnetlink was updated: Package file was updated: Package lua-libs was updated: Package libcurl was updated: Package trousers was updated: - Rebase to 0.3.15- Fix CVE-2020-24330 CVE-2020-24331 CVE-2020-24332 resolves: rhbz#1725782 rhbz#1877517 rhbz#1882402 rhbz#1882414 Package python3-setuptools was updated: - Security fix for CVE-2022-40897Resolves: rhbz#2158559 Package coreutils-common was updated: Package libsecret was updated: - Update to 0.18.6- Use valgrind_arches macro instead of hardcoding valgrind arch list Package NetworkManager-team was updated: Package iptables-libs was updated: - iptables-restore: Drop dead code- iptables-apply: Eliminate shellcheck warnings - ebtables: Exit gracefully on invalid table names Package libcap-ng was updated: Package libnl3 was updated: Package chrony was updated: - update to 4.2 (#2062356)- fix chrony-helper to delete sources by their original name (#2061660) - update ntp2chrony script (#2018045 #2063766) Package gdisk was updated: - Fix double byteswap on big-endian systems also while reading partition names resolves: #2065205 Package librepo was updated: - Fix termination of va_list in lr_metadatatarget_append_error()- Detailed error message when using non-existing TMPDIR Package glibc-gconv-extra was updated: Package nss-util was updated: Package openssl was updated: Package rubygems was updated: Package firewalld was updated: Package libgcrypt was updated: Package libmnl was updated: Package krb5-libs was updated: Package coreutils was updated: Package python3-gpg was updated: - Update pkgconfig files Related: #1953905 Package trousers-lib was updated: - Rebase to 0.3.15- Fix CVE-2020-24330 CVE-2020-24331 CVE-2020-24332 resolves: rhbz#1725782 rhbz#1877517 rhbz#1882402 rhbz#1882414 Package publicsuffix-list-dafsa was updated: Package rubygem-psych was updated: Package ruby was updated: Package kpartx was updated: - Add OSCI tests directory- Make kpartx_id installation location relative to /usr/lib/udev/rules.d - Resolves: bz #2164871 Package util-linux was updated: Package xkeyboard-config was updated: Package expat was updated: - CVE-2023-52425 expat: parsing large tokens can trigger a denial of service- Resolves: RHEL-29320 Package dbus-daemon was updated: Package iwl7260-firmware was updated: - Move amd-ucode README to docs directory due to dracut issue (RHEL-16800)- Update AMD cpu microcode from upstream 06afd7f939c5 (RHEL-16783) - Update amd-ucode/README from upstream d252e92d50c0 (RHEL-16783) - Revert 'Exclude AMD cpu ucode for fam19/*cpuid_0x00aa0f0*' Resolves: RHEL-16783, RHEL-16800 Package iproute was updated: Package libxcrypt was updated: + libxcrypt-4.1.1-6- Rebuilt with fixed binutils (#1954438) Package jansson was updated: - Rebase to 2.14 Related: rhbz#2001062 Package libkcapi was updated: Package libsysfs was updated: Package libgomp was updated: Package python3-dateutil was updated: Package shim-x64 was updated: Package libssh-config was updated: - Fix CVE-2023-48795: Prefix truncation attack on Binary Packet Protocol (BPP) - Resolves: RHEL-19311 Package man-db was updated: - schedule interrupted cache update for the next boot, instead of blocking system reboot/shutdown resolves #1874010 Package yum was updated: Package gmp was updated: - Add gating.yamlRelated: #1681026 Package iwl135-firmware was updated: - Move amd-ucode README to docs directory due to dracut issue (RHEL-16800)- Update AMD cpu microcode from upstream 06afd7f939c5 (RHEL-16783) - Update amd-ucode/README from upstream d252e92d50c0 (RHEL-16783) - Revert 'Exclude AMD cpu ucode for fam19/*cpuid_0x00aa0f0*' Resolves: RHEL-16783, RHEL-16800 Package gawk was updated: - Rebuild with some gating tests disabledResolves: rhbz#2053515 Package teamd was updated: - teamd: do no remove the ports on shutdown with -N [2148856]- teamd: stop iterating callbacks when a loop restart is requested [2148855] Package logrotate was updated: Package gettext-libs was updated: Package libassuan was updated: Package elfutils-debuginfod-client was updated: - Add elfutils-0.189-elf_getdata_rawchunk.patch- Add elfutils-0.189-debuginfod_config_cache-double-close.patch Package gettext was updated: Package dnf-automatic was updated: Package libgusb was updated: - New upstream version- Port to the Meson build system Package timedatex was updated: Package kernel-core was updated: Package acl was updated: Package kernel-modules was updated: Package json-glib was updated: Package python3-dnf-plugins-core was updated: Package libblockdev-loop was updated: - Fix double free in write_escrow_data_file Resolves: rhbz#2142660 Package libsmartcols was updated: Package prefixdevname was updated: Package libarchive was updated: Package libgudev was updated: + libgudev-232-4- Remove umockdev dependency Package python3-slip was updated: Package bubblewrap was updated: Package sssd-common was updated: Package grub2-tools-minimal was updated: Package xz-libs was updated: - Fix arbitrary file write vulnerability Resolves: CVE-2022-1271 Package grep was updated: - Fixed FTBFS with glibc-2.28 Resolves: rhbz#1611721 Package vim-minimal was updated: Package psmisc was updated: - pstree -al incorrectly handles large empty cmdline- Resolves: rhbz#1715509 Package python3-dnf was updated: Package libksba was updated: Package file-libs was updated: Package vim-filesystem was updated: Package libkcapi-hmaccalc was updated: Package gnupg2-smime was updated: Package lsscsi was updated: Package cyrus-sasl-lib was updated: - Fix for CVE-2022-24407- Resolves: rhbz#2055846 Package unbound-libs was updated: Package libutempter was updated: - build with hardening LDFLAGS (#1548717)- remove obsolete macro and comments - add gcc to build requirements Package which was updated: Package kmod-libs was updated: - depmod: fix parallel execution issues Resolves: rhbz#2026938 Package basesystem was updated: Package libpng was updated: Package python3-decorator was updated: Package sssd-kcm was updated: Package gdbm was updated: - Add backward compatibility patch- Resolves: #2097704 - Backport from upstream commit: 00ba17479ff31c6825f0e6f28b965f11525e83f6 Package gpgme was updated: - Update pkgconfig files Related: #1953905 Package libsss_sudo was updated: Package python3-firewall was updated: Package python3-perf was updated: Package gdbm-libs was updated: - Add backward compatibility patch- Resolves: #2097704 - Backport from upstream commit: 00ba17479ff31c6825f0e6f28b965f11525e83f6 Package langpacks-en was updated: Package libblockdev-part was updated: - Fix double free in write_escrow_data_file Resolves: rhbz#2142660 Package libuser was updated: - Man-page update- Resolves: rhbz#2070941 - small typo in lchage man page Package nss-softokn was updated: Package rng-tools was updated: - Update rng-tools to v6.16 @ 0e560296 (bz 2174908)- Get rid of text relocations in -fPIE build - Add a hint for opensc package (bz 1845854) Package squashfs-tools was updated: - rhbz#1895017 - unsquashfs does not preserve file capabilities rhbz#1754815 - Kdump: Building kdump initramfs img may fail with 'dracut: Failed making squash image' occasionally Resolves: rhbz#1895017, rhbz#1754815 Package device-mapper was updated: Package libnetfilter_conntrack was updated: Package iwl2030-firmware was updated: - Move amd-ucode README to docs directory due to dracut issue (RHEL-16800)- Update AMD cpu microcode from upstream 06afd7f939c5 (RHEL-16783) - Update amd-ucode/README from upstream d252e92d50c0 (RHEL-16783) - Revert 'Exclude AMD cpu ucode for fam19/*cpuid_0x00aa0f0*' Resolves: RHEL-16783, RHEL-16800 Package rubygem-bigdecimal was updated: Package libacl was updated: Package c-ares was updated: Package glibc-common was updated: Package libsepol was updated: - cil: Fix out-of-bound read of file context pattern ending with "\"- cil: Destroy classperms list when resetting classpermission (#1983517) - cil: Destroy classperm list when resetting map perms (#1983521) - cil: cil_reset_classperms_set() should not reset classpermission (#1983525) - cil: Set class field to NULL when resetting struct cil_classperms - cil: More strict verification of constraint leaf expressions - cil: Exit with an error if declaration name is a reserved word - cil: Allow permission expressions when using map classes - cil: Reorder checks for invalid rules when building AST - cil: Cleanup build AST helper functions - cil: Create new first child helper function for building AST - cil: Remove unused field from struct cil_args_resolve - cil: Destroy disabled optional blocks after pass is complete - cil: Check if name is a macro parameter first - cil: fix NULL pointer dereference in __cil_insert_name - cil: Report disabling an optional block only at high verbose levels - cil: Use AST to track blocks and optionals when resolving - cil: Reorder checks for invalid rules when resolving AST - cil: Sync checks for invalid rules in booleanifs - cil: Check for statements not allowed in optional blocks (#1983530) Package libcroco was updated: - Fix CVE-2020-12825 Resolves: #1866484 Package libatasmart was updated: Package xfsprogs was updated: Package libblockdev-utils was updated: - Fix double free in write_escrow_data_file Resolves: rhbz#2142660 Package fuse-libs was updated: - Add feature_notify_inode_expire_only- Fixes rhbz#2171095 Package cracklib was updated: Package pciutils-libs was updated: Package sqlite-libs was updated: Package gobject-introspection was updated: Package libzypp was updated: Package platform-python-pip was updated: - Require Python with tarfile filtersResolves: RHEL-25449 Package sles_es-release was updated: Package authselect was updated: - Fix Japanese translations (RHBZ #2216755)- Update translations (RHBZ #2189557) - Do not prompt for password twice when changing password of local user (RHBZ #2179607) Package libpath_utils was updated: Package npth was updated: Package dracut-config-generic was updated: Package crypto-policies-scripts was updated: - krb5: sort enctypes mac-first, cipher-second, prioritize SHA-2 ones- krb5: fix policy generator to account for macs - docs: replace `FIPS 140-2` with just `FIPS 140` Package libffi was updated: - Use /etc/sysconfig/libffi-force-shared-memory-check-first to override selinux permissions check for shared memory access (#2014228) Package libdhash was updated: Package grub2-tools-extra was updated: Package libsss_nss_idmap was updated: Package systemd-udev was updated: Package libtdb was updated: Package libselinux-utils was updated: Package openssl-pkcs11 was updated: - Fix memory leak in PKCS11_pkey_meths (#2097690)- Fix memory leak in RSA method (#2097690) Package glibc-all-langpacks was updated: Package dracut-network was updated: Package python3-iniparse was updated: - Remove Python 2 subpackage https://bugzilla.redhat.com/show_bug.cgi?id=1567873 Package grub2-common was updated: Package mozjs60 was updated: - Update enddianness.patch with more s390x fixes- Enable tests on s390x again - Resolves: #1803824 Package libnghttp2 was updated: Package mpfr was updated: - Update to MPFR version 3.1.6- Use autosetup specfile macro for applying patches (patches 1 and 2 applied) - Removed iconv calls, as they were breaking .info files, which are now unicode resolves #1299649 - Other minor cleanups - BuildRequire gcc per https://fedoraproject.org/wiki/Packaging:C_and_C%2B%2B#BuildRequires_and_Requires Package virt-what was updated: Package lmdb-libs was updated: RHEL 8.8.0 ERRATUM- Please put lmdb in RHEL 8 CRB - Rebuild - Resolves: rhbz#1972979 Package libxkbcommon was updated: Package efi-filesystem was updated: - Ignore the mode bits when doing RPM verification of files in /boot/efi Resolves: rhbz#1845052 Package p11-kit-trust was updated: - Rebase to 0.23.22 to fix memory safety issues (CVE-2020-29361, CVE-2020-29362, and CVE-2020-29363)- Preserve DT_NEEDED information from the previous version, flagged by rpmdiff - Add xsltproc to BR Package dracut-config-rescue was updated: Package python3-libselinux was updated: Package python3-setuptools-wheel was updated: - Security fix for CVE-2022-40897Resolves: rhbz#2158559 Package libsolv was updated: Package net-tools was updated: - Resolves: #1711119 - netstat says "packetes" instead of "packets"- Resolves: #1670355 - Exit code on wrong parameter is zero for many net-tools binaries - Resolves: #1807989 - The output of `route -A inet6` does not display properly when the 'Use' column output is over 6 digits Package grub2-tools was updated: Package libpipeline was updated: Package dbus-libs was updated: Package libevent was updated: - Install documentation files to an unversioned directory- Resolves: rhbz#1638032 Package openssh-server was updated: - Fix Terrapin attack Resolves: RHEL-19762 Package libyaml was updated: Package shared-mime-info was updated: Package grubby was updated: Package libusbx was updated: - Install README.md as README is only a symlink to .md Resolves: rhbz#1849682 Package NetworkManager was updated: Package tzdata was updated: - Rebase to tzdata-2024a - Kazakhstan will transition from UTC+6 to UTC+5 on 2024-03-01. - Palestine will spring forward a week later than previously predicted. Package sudo was updated: RHEL 8.9.0.Z ERRATUM- Rebase to 1.9.5p2 - CVE-2023-28486 sudo: Sudo does not escape control characters in log messages Resolves: RHEL-21825 - CVE-2023-28487 sudo: Sudo does not escape control characters in sudoreplay output Resolves: RHEL-21831 - CVE-2023-42465 sudo: Targeted Corruption of Register and Stack Variables Resolves: RHEL-21820 Package libldb was updated: Package iprutils was updated: Package ca-certificates was updated: - Update to CKBI 2.60_v7.0.306 from NSS 3.91- Removing: - # Certificate "Camerfirma Global Chambersign Root" - # Certificate "Staat der Nederlanden EV Root CA" - # Certificate "OpenTrust Root CA G1" - # Certificate "Swedish Government Root Authority v1" - # Certificate "DigiNotar Root CA G2" - # Certificate "Federal Common Policy CA" - # Certificate "TC TrustCenter Universal CA III" - # Certificate "CCA India 2007" - # Certificate "ipsCA Global CA Root" - # Certificate "ipsCA Main CA Root" - # Certificate "Macao Post eSignTrust Root Certification Authority" - # Certificate "InfoNotary CSP Root" - # Certificate "DigiNotar Root CA" - # Certificate "Root CA" - # Certificate "GPKIRootCA" - # Certificate "D-TRUST Qualified Root CA 1 2007:PN" - # Certificate "TC TrustCenter Universal CA I" - # Certificate "TC TrustCenter Universal CA II" - # Certificate "TC TrustCenter Class 2 CA II" - # Certificate "TC TrustCenter Class 4 CA II" - # Certificate "TÃRKTRUST Elektronik Sertifika Hizmet SaÄlayÄ±cÄ±sÄ±" - # Certificate "CertRSA01" - # Certificate "KISA RootCA 3" - # Certificate "A-CERT ADVANCED" - # Certificate "A-Trust-Qual-01" - # Certificate "A-Trust-nQual-01" - # Certificate "Serasa Certificate Authority II" - # Certificate "TDC Internet" - # Certificate "America Online Root Certification Authority 2" - # Certificate "RSA Security Inc" - # Certificate "Public Notary Root" - # Certificate "Autoridade Certificadora Raiz Brasileira" - # Certificate "Post.Trust Root CA" - # Certificate "Entrust.net Secure Server Certification Authority" - # Certificate "ePKI EV SSL Certification Authority - G1" - Adding: - # Certificate "DigiCert TLS ECC P384 Root G5" - # Certificate "DigiCert TLS RSA4096 Root G5" - # Certificate "DigiCert SMIME ECC P384 Root G5" - # Certificate "DigiCert SMIME RSA4096 Root G5" - # Certificate "Certainly Root R1" - # Certificate "Certainly Root E1" - # Certificate "E-Tugra Global Root CA RSA v3" - # Certificate "E-Tugra Global Root CA ECC v3" - # Certificate "DIGITALSIGN GLOBAL ROOT RSA CA" - # Certificate "DIGITALSIGN GLOBAL ROOT ECDSA CA" - # Certificate "BJCA Global Root CA1" - # Certificate "BJCA Global Root CA2" - # Certificate "Symantec Enterprise Mobile Root for Microsoft" - # Certificate "A-Trust-Root-05" - # Certificate "ADOCA02" - # Certificate "StartCom Certification Authority G2" - # Certificate "ATHEX Root CA" - # Certificate "EBG Elektronik Sertifika Hizmet SaÄlayÄ±cÄ±sÄ±" - # Certificate "GeoTrust Primary Certification Authority" - # Certificate "thawte Primary Root CA" - # Certificate "VeriSign Class 3 Public Primary Certification Authority - G5" - # Certificate "America Online Root Certification Authority 1" - # Certificate "Juur-SK" - # Certificate "ComSign CA" - # Certificate "ComSign Secured CA" - # Certificate "ComSign Advanced Security CA" - # Certificate "Global Chambersign Root" - # Certificate "Sonera Class2 CA" - # Certificate "VeriSign Class 3 Public Primary Certification Authority - G3" - # Certificate "VeriSign, Inc." - # Certificate "GTE CyberTrust Global Root" - # Certificate "Equifax Secure Global eBusiness CA-1" - # Certificate "Equifax" - # Certificate "Class 1 Primary CA" - # Certificate "Swiss Government Root CA III" - # Certificate "Application CA G4 Root" - # Certificate "SSC GDL CA Root A" - # Certificate "GlobalSign Code Signing Root E45" - # Certificate "GlobalSign Code Signing Root R45" - # Certificate "Entrust Code Signing Root Certification Authority - CSBR1" Package SUSEConnect was updated: Package mokutil was updated: - Add ability to set fallback verbose mode- Resolves: #2030704 Package kbd-misc was updated: - Fix vlock when console or terminal is closed abruptly Resolves: #2178798 Package libsmbios was updated: Package libfastjson was updated: - Address CVE-2020-12762Resolves: rhbz#2203171 Package libnftnl was updated: Package libtalloc was updated: Package polkit was updated: - pkttyagent gets stopped if killed in the background- Resolves: rhbz#2128989 Package cronie-anacron was updated: Package libcollection was updated: Package lzo was updated: - Added build notes to AS generated objects Resolves: rhbz#1630594 Package crontabs was updated: - update to the latest release- add sed require - remove %clean section - remove obsolete Group tag - fix upstream URL - Resolves: rhbz#1696449, rhbz#1703982 Package libnfsidmap was updated: - Covscan Scan: Wrong Check of Return Value (bz 2151966)- Covscan Scan: Clang (experimental) (bz 2151971) Package dbus was updated: Package libtevent was updated: Package initscripts was updated: - ci: Update `.packit.yml` to run on `c8s`- ci: Use Differential ShellCheck action Package fwupd was updated: Package ncurses-base was updated: Package libdnf was updated: Package zypper was updated: Package libxml2 was updated: Package lshw was updated: Package ruby-irb was updated: Package rubygem-openssl was updated: Package libsigsegv was updated: Package rubygem-rdoc was updated: Package groff-base was updated: - Fix also SHELLCHECK_WARNING related: #1602530 Package python36 was updated: Package python3-six was updated: - Disable the Python 2 subpackage https://bugzilla.redhat.com/show_bug.cgi?id=1594157 Package systemd-pam was updated: Package libproxy was updated: Package python3-hawkey was updated: Package tuned was updated: Package python3-libcomps was updated: - Update to 0.1.18- Fix issues detected by static analyzers - Remove Python 2 support Package curl was updated: Package python3-systemd was updated: Package authselect-libs was updated: - Fix Japanese translations (RHBZ #2216755)- Update translations (RHBZ #2189557) - Do not prompt for password twice when changing password of local user (RHBZ #2179607) Package dracut was updated: Package mdadm was updated: - Update to latest upstream and fix mdcheck service bug- Resolves rhbz#2116418, rhbz#2150862, rhbz#2159584 Package pcre2 was updated: Package cryptsetup-libs was updated: - Rebuild due to missing CI environment- Resolves: #2212772 #2193342 Package systemd-libs was updated: Package python3-libs was updated: - Security fix for CVE-2023-27043Resolves: RHEL-5563 Package python3-slip-dbus was updated: Package libdaemon was updated: Package sssd-nfs-idmap was updated: Package slang was updated: Package libssh was updated: - Fix CVE-2023-48795: Prefix truncation attack on Binary Packet Protocol (BPP) - Resolves: RHEL-19311 Package rsyslog was updated: Package memstrack was updated: Package audit was updated: - Introduce new fanotify record fieldsResolves: rhbz#2216668 - invalid use of flexible array member Resolves: rhbz#2116867 Package libibverbs was updated: - Add gating tests- Resolves: rhbz#2170066 Package vim-common was updated: Package python3-dbus was updated: - Backport patch from Neal Gompa <ngompa13@gmail.com> to generate pythonXdist metadata Package diffutils was updated: Package nettle was updated: Package openssl-libs was updated: Package ncurses was updated: Package rubygem-io-console was updated: Package libgcab1 was updated: - New upstream release- Add git version in --version - Fix list of new symbols in index page Package plymouth-core-libs was updated: Package libudisks2 was updated: - iscsi: Fix login on firmware-discovered nodes (#2213193)- tests: Extend iscsi method call timeouts (#2213715) Package kernel-tools-libs was updated: Package e2fsprogs-libs was updated: - Update e2fsprogs with upstream fixes and improvements (#2083621)- Fix out-of-bounds read/write via crafter filesystem (#2073548) Package hostname was updated: Package libbytesize was updated: Package numactl-libs was updated: Package zlib was updated: - Fix the Crash in zlib deflateBound() function on s390x- Resolves: BZ#2193045 Package dhcp-client was updated: Package kernel was updated: Package freetype was updated: - Guard face->size- Resolves: #2079279 Package dracut-squash was updated: Package libsss_certmap was updated: Package ruby-libs was updated: Package libbpf was updated: - kernel update- Related: rhbz#2097413 Package python3-gobject-base was updated: - Add lock to avoid two type object wrappers getting generated at the same time in multi-threaded programs. Resolves: #1844578 Package findutils was updated: Package cracklib-dicts was updated: Package dnf-plugins-core was updated: Package augeas-libs was updated: - Fix parsing of semanage.conf ignoredirs resolves: rhbz#1931058 Package python3-rpm was updated: - Backport file handling code from rpm-4.19 to fix CVE-2021-35937, CVE-2021-35938 and CVE-2021-35939 Package info was updated: - Fix a loop in fix-info-dir when /dev/null doesn't exist Resolves: #2022201 Package selinux-policy was updated: Package snappy was updated: Package python3-nftables was updated: Package libndp was updated: Package libblkid was updated: Package setup was updated: Package boost-regex was updated: - Remove unused libzstd-devel dependency (#2069831)- Preserve hardening flags when building bjam Package kbd-legacy was updated: - Fix vlock when console or terminal is closed abruptly Resolves: #2178798 Package pinentry was updated: Package gpm-libs was updated: - Put autogen.sh to proper place Related: #1854555 Package nss-sysinit was updated: Package vim-enhanced was updated: Package json-c was updated: - Start versioning symbols when building library- Resolves: rhbz#2001063 Package ipcalc was updated: Package parted was updated: - tests: Add a test for resizepart on a busy partition (bcl) Related: rhbz#1861804 - parted: Preserve resizepart End when prompted for busy partition (bcl) Resolves: rhbz#1861804 - Fix end_input usage in do_resizepart (bcl) Related: rhbz#1861804 - tests: Test incomplete resizepart command (bcl) Related: rhbz#1861804 - Fix resizepart iec unit end sector (psusi) Related: rhbz#1861804 - libparted: Fix endian bug in bsd.c (AWilcox) Resolves: rhbz#1980105 Package linux-firmware was updated: - Move amd-ucode README to docs directory due to dracut issue (RHEL-16800)- Update AMD cpu microcode from upstream 06afd7f939c5 (RHEL-16783) - Update amd-ucode/README from upstream d252e92d50c0 (RHEL-16783) - Revert 'Exclude AMD cpu ucode for fam19/*cpuid_0x00aa0f0*' Resolves: RHEL-16783, RHEL-16800 Package iptables was updated: - iptables-restore: Drop dead code- iptables-apply: Eliminate shellcheck warnings - ebtables: Exit gracefully on invalid table names Package dnf-data was updated: Package bind-export-libs was updated: Package elfutils-default-yama-scope was updated: - Add elfutils-0.189-elf_getdata_rawchunk.patch- Add elfutils-0.189-debuginfod_config_cache-double-close.patch Package openssh-clients was updated: - Fix Terrapin attack Resolves: RHEL-19762 Package grub2-efi-x64 was updated: Package libbasicobjects was updated: Package platform-python-setuptools was updated: - Security fix for CVE-2022-40897Resolves: rhbz#2158559 Package hdparm was updated: Package ncurses-libs was updated: Package ethtool was updated: Package firewalld-filesystem was updated: Package libtasn1 was updated: Package passwd was updated: - Rebuild due to migrated tests Related: #1841499 Package libpwquality was updated: Package selinux-policy-targeted was updated: Package google-osconfig-agent was updated: Package libseccomp was updated: - rebase to 2.5.2 resolves: rhbz#2019893 Package geolite2-country was updated: Package efivar-libs was updated: - Fix efivar "-w" and "-a" options that broke due the rebase Related: rhbz#1755645 Package sg3_utils-libs was updated: Package libini_config was updated: Package libicu was updated: - Apply ICU-13634-Adding-integer-overflow-logic-to-ICU4C-num.patch- Apply ICU-20958-Prevent-SEGV_MAPERR-in-append.patch - Resolves: rhbz#1808238 Package brotli was updated: Package glib2 was updated: - Backport grefcount API- Resolves: #2153205 Package iwl3160-firmware was updated: - Move amd-ucode README to docs directory due to dracut issue (RHEL-16800)- Update AMD cpu microcode from upstream 06afd7f939c5 (RHEL-16783) - Update amd-ucode/README from upstream d252e92d50c0 (RHEL-16783) - Revert 'Exclude AMD cpu ucode for fam19/*cpuid_0x00aa0f0*' Resolves: RHEL-16783, RHEL-16800 Package less was updated: - Fix: CVE-2022-48624- Resolves: RHEL-26123 Package libverto was updated: - New upstream release (0.3.2)- Resolves: rhbz#2100916 Package openldap was updated: Package iwl2000-firmware was updated: - Move amd-ucode README to docs directory due to dracut issue (RHEL-16800)- Update AMD cpu microcode from upstream 06afd7f939c5 (RHEL-16783) - Update amd-ucode/README from upstream d252e92d50c0 (RHEL-16783) - Revert 'Exclude AMD cpu ucode for fam19/*cpuid_0x00aa0f0*' Resolves: RHEL-16783, RHEL-16800 Package rpm-plugin-systemd-inhibit was updated: - Backport file handling code from rpm-4.19 to fix CVE-2021-35937, CVE-2021-35938 and CVE-2021-35939 Package kernel-tools was updated: Package google-compute-engine was updated: Package libmount was updated: Package acpid was updated: - Dropped sysvinit support Resolves: rhbz#1610275 Package libcap was updated: - Fix integer overflow in _libcap_strdup() (CVE-2023-2603) Resolves: rhbz#2210636 - Correctly check pthread_create() return value to avoid memory leak (CVE-2023-2602) Resolves: rhbz#2222197 Package python3-pip-wheel was updated: - Require Python with tarfile filtersResolves: RHEL-25449 Package libblockdev was updated: - Fix double free in write_escrow_data_file Resolves: rhbz#2142660 Package python3-pyudev was updated: Package dosfstools was updated: - Fixed mkfs.fat cluster size calculation for disks with 4k sectors Resolves: rhbz#1651496 Package sssd-client was updated: Package pam was updated: Package biosdevname was updated: - make biosdevname optional even on Dell servers (#1623621)- prevent infinite recursion in smbios_setslot() (#1499458) - Netronome biosdevname support (#1649036) Package systemd was updated: Package kmod was updated: - depmod: fix parallel execution issues Resolves: rhbz#2026938 Package kexec-tools was updated: - mkdumprd: Use the correct syntax to redirect the stderr to null- mkdumprd: call dracut with --add-device to install the drivers needed by /boot partition automatically for FIPS - Add NICs that handle DNS queries to the allowlist Package sed was updated: - Minor cleanup - remove unused patch from the spec file too (related to 4.5-3)- Resolves: rhbz#1869253 Package ima-evm-utils was updated: Package grub2-tools-efi was updated: Package iputils was updated: The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://publiccloudimagechangeinfo.suse.com/google/suse-liberty-linux-8-9-byos-v20240411-x86-64/ Public Cloud Image Info https://www.suse.com/support/security/rating/ SUSE Security Ratings Public Cloud Image google/suse-liberty-linux-8-9-byos-v20240411-x86-64 json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend. CVE-2020-12762 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P libcroco through 0.6.13 has excessive recursion in cr_parser_parse_any_core in cr-parser.c, leading to stack consumption. CVE-2020-12825 important 5.8 AV:N/AC:M/Au:N/C:N/I:P/A:P An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges instead of by the tss user, it fails to drop the root gid privilege when no longer needed. CVE-2020-24330 moderate 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C An issue was discovered in p11-kit 0.21.1 through 0.23.21. Multiple integer overflows have been discovered in the array allocations in the p11-kit library and the p11-kit list command, where overflow checks are missing before calling realloc or calloc. CVE-2020-29361 important 5 AV:N/AC:L/Au:N/C:N/I:N/A:P A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli library to 1.0.8 or later. If one cannot update, we recommend to use the "streaming" API as opposed to the "one-shot" API, and impose chunk size limits. CVE-2020-8927 moderate 6.4 AV:N/AC:L/Au:N/C:N/I:P/A:P Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP. CVE-2021-33560 important 5 AV:N/AC:L/Au:N/C:P/I:N/A:N There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability, with some potential impact to confidentiality and integrity as well. CVE-2021-3520 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service. CVE-2021-3580 important 5 AV:N/AC:L/Au:N/C:N/I:N/A:P A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were introduced in response to CVE-2017-7500 and CVE-2017-7501, potentially gaining root privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. CVE-2021-35937 moderate A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. CVE-2021-35938 moderate GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c ds_fgetstr integer overflow that triggers an out-of-bounds heap write. NOTE: it is unclear whether there are common cases where the pattern file, associated with the -E option, is untrusted data. CVE-2021-38185 important 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P An arbitrary file write vulnerability was found in GNU gzip's zgrep utility. When zgrep is applied on the attacker's chosen file name (for example, a crafted file name), this can overwrite an attacker's content to an arbitrary attacker-selected file. This flaw occurs due to insufficient validation when processing filenames with two or more newlines where selected content and the target file names are embedded in crafted multi-line file names. This flaw allows a remote, low privileged attacker to force zgrep to write arbitrary files on the system. CVE-2022-1271 important An out-of-bounds read vulnerability was discovered in the PCRE2 library in the compile_xclass_matchingpath() function of the pcre2_jit_compile.c file. This involves a unicode property matching issue in JIT-compiled regular expressions. The issue occurs because the character was not fully read in case-less matching within JIT. CVE-2022-1586 important 6.4 AV:N/AC:L/Au:N/C:P/I:N/A:P In Cyrus SASL 2.1.17 through 2.1.27 before 2.1.28, plugins/sql.c does not escape the password for a SQL INSERT or UPDATE statement. CVE-2022-24407 important 6.5 AV:N/AC:L/Au:S/C:P/I:P/A:P GnuPG through 2.3.6, in unusual situations where an attacker possesses any secret-key information from a victim's keyring and other constraints (e.g., use of GPGME) are met, allows signature forgery via injection into the status line. CVE-2022-34903 moderate 5.8 AV:N/AC:M/Au:N/C:P/I:P/A:N In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the function fails, which leads to a resultant NULL pointer dereference. NOTE: the discoverer cites this CWE-476 remark but third parties dispute the code-execution impact: "In rare circumstances, when NULL is equivalent to the 0x0 memory address and privileged code can access it, then writing or reading memory is possible, which may lead to code execution." CVE-2022-36227 low Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py. CVE-2022-40897 moderate Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser. CVE-2022-47629 important GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters. CVE-2022-48303 moderate close_altfile in filename.c in less before 606 omits shell_quote calls for LESSCLOSE. CVE-2022-48624 important A vulnerability was found in the pthread_create() function in libcap. This issue may allow a malicious actor to use cause __real_pthread_create() to return an error, which can exhaust the process memory. CVE-2023-2602 low A vulnerability was found in libcap. This issue occurs in the _libcap_strdup() function and can lead to an integer overflow if the input string is close to 4GiB. CVE-2023-2603 moderate The email module of Python through 3.11.3 incorrectly parses e-mail addresses that contain a special character. The wrong portion of an RFC2822 header is identified as the value of the addr-spec. In some applications, an attacker can bypass a protection mechanism in which application access is granted only after verifying receipt of e-mail to a specific domain (e.g., only @company.example.com addresses may be used for signup). This occurs in email/_parseaddr.py in recent versions of Python. CVE-2023-27043 moderate Sudo before 1.9.13 does not escape control characters in log messages. CVE-2023-28486 moderate Sudo before 1.9.13 does not escape control characters in sudoreplay output. CVE-2023-28487 moderate ncurses before 6.4 20230408, when used by a setuid application, allows local users to trigger security-relevant memory corruption via malformed data in a terminfo database file that is found in $HOME/.terminfo or reached via the TERMINFO or TERM environment variable. CVE-2023-29491 moderate D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the org.freedesktop.DBus.Monitoring interface to monitor message bus traffic, then an unprivileged user with the ability to connect to the same dbus-daemon can cause a dbus-daemon crash under some circumstances via an unreplyable message. When done on the well-known system bus, this is a denial-of-service vulnerability. The fixed versions are 1.12.28, 1.14.8, and 1.15.6. CVE-2023-34969 moderate Under some circumstances, this weakness allows a user who has access to run the "ps" utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap. CVE-2023-4016 low Sudo before 1.9.15 might allow row hammer attacks (for authentication bypass or privilege escalation) because application logic sometimes is based on not equaling an error value (instead of equaling a success value), and because the values do not resist flips of a single bit. CVE-2023-42465 moderate The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. CVE-2023-44487 important The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted (from the extension negotiation message), and a client and server may consequently end up with a connection for which some security features have been downgraded or disabled, aka a Terrapin attack. This occurs because the SSH Binary Packet Protocol (BPP), implemented by these extensions, mishandles the handshake phase and mishandles use of sequence numbers. For example, there is an effective attack against SSH's use of ChaCha20-Poly1305 (and CBC with Encrypt-then-MAC). The bypass occurs in chacha20-poly1305@openssh.com and (if CBC is used) the -etm@openssh.com MAC algorithms. This also affects Maverick Synergy Java SSH API before 3.1.0-SNAPSHOT, Dropbear through 2022.83, Ssh before 5.1.1 in Erlang/OTP, PuTTY before 0.80, AsyncSSH before 2.14.2, golang.org/x/crypto before 0.17.0, libssh before 0.10.6, libssh2 through 1.11.0, Thorn Tech SFTP Gateway before 3.4.6, Tera Term before 5.1, Paramiko before 3.4.0, jsch before 0.2.15, SFTPGo before 2.5.6, Netgate pfSense Plus through 23.09.1, Netgate pfSense CE through 2.7.2, HPN-SSH through 18.2.0, ProFTPD before 1.3.8b (and before 1.3.9rc2), ORYX CycloneSSH before 2.3.4, NetSarang XShell 7 before Build 0144, CrushFTP before 10.6.0, ConnectBot SSH library before 2.2.22, Apache MINA sshd through 2.11.0, sshj through 0.37.0, TinySSH through 20230101, trilead-ssh2 6401, LANCOM LCOS and LANconfig, FileZilla before 3.66.4, Nova before 11.8, PKIX-SSH before 14.4, SecureCRT before 9.4.3, Transmit5 before 5.10.4, Win32-OpenSSH before 9.5.0.0p1-Beta, WinSCP before 6.2.2, Bitvise SSH Server before 9.32, Bitvise SSH Client before 9.33, KiTTY through 0.76.1.13, the net-ssh gem 7.2.0 for Ruby, the mscdex ssh2 module before 1.15.0 for Node.js, the thrussh library before 0.35.1 for Rust, and the Russh crate before 0.40.2 for Rust. CVE-2023-48795 important libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed. CVE-2023-52425 moderate A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-248999. CVE-2023-7104 moderate