Security update for vte SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2024:2152-1 Final 1 1 2024-06-21T14:14:39Z current 2024-06-21T14:14:39Z 2024-06-21T14:14:39Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for vte This update for vte fixes the following issues: - CVE-2024-37535: Fixed a bug that allowed an attacker to cause a denial of service (memory consumption) via a window resize escape. (bsc#1226134) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2024-2152,SUSE-SLE-Product-HPC-15-SP2-LTSS-2024-2152,SUSE-SLE-Product-HPC-15-SP3-LTSS-2024-2152,SUSE-SLE-Product-SLES-15-SP2-LTSS-2024-2152,SUSE-SLE-Product-SLES-15-SP3-LTSS-2024-2152,SUSE-SLE-Product-SLES_SAP-15-SP2-2024-2152,SUSE-SLE-Product-SLES_SAP-15-SP3-2024-2152,SUSE-Storage-7.1-2024-2152 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2024/suse-su-20242152-1/ Link for SUSE-SU-2024:2152-1 https://lists.suse.com/pipermail/sle-updates/2024-June/035693.html E-Mail link for SUSE-SU-2024:2152-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1226134 SUSE Bug 1226134 https://www.suse.com/security/cve/CVE-2024-37535/ SUSE CVE CVE-2024-37535 page SUSE Enterprise Storage 7.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS SUSE Linux Enterprise Server 15 SP2-LTSS SUSE Linux Enterprise Server 15 SP3-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Linux Enterprise Server for SAP Applications 15 SP3 libvte-2_91-0-0.58.3-150200.3.3.1 typelib-1_0-Vte-2.91-0.58.3-150200.3.3.1 vte-devel-0.58.3-150200.3.3.1 vte-lang-0.58.3-150200.3.3.1 vte-tools-0.58.3-150200.3.3.1 libvte-2_91-0-0.58.3-150200.3.3.1 as a component of SUSE Enterprise Storage 7.1 typelib-1_0-Vte-2.91-0.58.3-150200.3.3.1 as a component of SUSE Enterprise Storage 7.1 vte-devel-0.58.3-150200.3.3.1 as a component of SUSE Enterprise Storage 7.1 vte-lang-0.58.3-150200.3.3.1 as a component of SUSE Enterprise Storage 7.1 libvte-2_91-0-0.58.3-150200.3.3.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS typelib-1_0-Vte-2.91-0.58.3-150200.3.3.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS vte-devel-0.58.3-150200.3.3.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS vte-lang-0.58.3-150200.3.3.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS libvte-2_91-0-0.58.3-150200.3.3.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS typelib-1_0-Vte-2.91-0.58.3-150200.3.3.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS vte-devel-0.58.3-150200.3.3.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS vte-lang-0.58.3-150200.3.3.1 as a component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS libvte-2_91-0-0.58.3-150200.3.3.1 as a component of SUSE Linux Enterprise Server 15 SP2-LTSS typelib-1_0-Vte-2.91-0.58.3-150200.3.3.1 as a component of SUSE Linux Enterprise Server 15 SP2-LTSS vte-devel-0.58.3-150200.3.3.1 as a component of SUSE Linux Enterprise Server 15 SP2-LTSS vte-lang-0.58.3-150200.3.3.1 as a component of SUSE Linux Enterprise Server 15 SP2-LTSS libvte-2_91-0-0.58.3-150200.3.3.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS typelib-1_0-Vte-2.91-0.58.3-150200.3.3.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS vte-devel-0.58.3-150200.3.3.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS vte-lang-0.58.3-150200.3.3.1 as a component of SUSE Linux Enterprise Server 15 SP3-LTSS libvte-2_91-0-0.58.3-150200.3.3.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP2 typelib-1_0-Vte-2.91-0.58.3-150200.3.3.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP2 vte-devel-0.58.3-150200.3.3.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP2 vte-lang-0.58.3-150200.3.3.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP2 libvte-2_91-0-0.58.3-150200.3.3.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 typelib-1_0-Vte-2.91-0.58.3-150200.3.3.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 vte-devel-0.58.3-150200.3.3.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 vte-lang-0.58.3-150200.3.3.1 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP3 GNOME VTE before 0.76.3 allows an attacker to cause a denial of service (memory consumption) via a window resize escape sequence, a related issue to CVE-2000-0476. CVE-2024-37535 SUSE Enterprise Storage 7.1:libvte-2_91-0-0.58.3-150200.3.3.1 SUSE Enterprise Storage 7.1:typelib-1_0-Vte-2.91-0.58.3-150200.3.3.1 SUSE Enterprise Storage 7.1:vte-devel-0.58.3-150200.3.3.1 SUSE Enterprise Storage 7.1:vte-lang-0.58.3-150200.3.3.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libvte-2_91-0-0.58.3-150200.3.3.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:typelib-1_0-Vte-2.91-0.58.3-150200.3.3.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:vte-devel-0.58.3-150200.3.3.1 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:vte-lang-0.58.3-150200.3.3.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:libvte-2_91-0-0.58.3-150200.3.3.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:typelib-1_0-Vte-2.91-0.58.3-150200.3.3.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:vte-devel-0.58.3-150200.3.3.1 SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:vte-lang-0.58.3-150200.3.3.1 SUSE Linux Enterprise Server 15 SP2-LTSS:libvte-2_91-0-0.58.3-150200.3.3.1 SUSE Linux Enterprise Server 15 SP2-LTSS:typelib-1_0-Vte-2.91-0.58.3-150200.3.3.1 SUSE Linux Enterprise Server 15 SP2-LTSS:vte-devel-0.58.3-150200.3.3.1 SUSE Linux Enterprise Server 15 SP2-LTSS:vte-lang-0.58.3-150200.3.3.1 SUSE Linux Enterprise Server 15 SP3-LTSS:libvte-2_91-0-0.58.3-150200.3.3.1 SUSE Linux Enterprise Server 15 SP3-LTSS:typelib-1_0-Vte-2.91-0.58.3-150200.3.3.1 SUSE Linux Enterprise Server 15 SP3-LTSS:vte-devel-0.58.3-150200.3.3.1 SUSE Linux Enterprise Server 15 SP3-LTSS:vte-lang-0.58.3-150200.3.3.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:libvte-2_91-0-0.58.3-150200.3.3.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:typelib-1_0-Vte-2.91-0.58.3-150200.3.3.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:vte-devel-0.58.3-150200.3.3.1 SUSE Linux Enterprise Server for SAP Applications 15 SP2:vte-lang-0.58.3-150200.3.3.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:libvte-2_91-0-0.58.3-150200.3.3.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:typelib-1_0-Vte-2.91-0.58.3-150200.3.3.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:vte-devel-0.58.3-150200.3.3.1 SUSE Linux Enterprise Server for SAP Applications 15 SP3:vte-lang-0.58.3-150200.3.3.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2024/suse-su-20242152-1/ https://www.suse.com/security/cve/CVE-2024-37535.html CVE-2024-37535 https://bugzilla.suse.com/1226134 SUSE Bug 1226134