تحديثات SUSE
1747تاريخ التحذير
مستوى الخطورة
رقم التحذير
القطاع المستهدف
17 يناير, 2021
● عالي
2021-2334
الكل
الوصف:
أصدرت SUSE عدّة تحديثات لمعالجة عددٍ من الثغرات في المنتجات التالية:
- nodejs14
- SUSE Linux Enterprise Module for Web Scripting 12
- Linux Kernel
- SUSE Linux Enterprise Module for Realtime 15-SP2
- SUSE Linux Enterprise Workstation Extension 15-SP2
- SUSE Linux Enterprise Module for Live Patching 15-SP2
- SUSE Linux Enterprise Module for Legacy Software 15-SP2
- SUSE Linux Enterprise Module for Development Tools 15-SP2
- SUSE Linux Enterprise Module for Basesystem 15-SP2
- SUSE Linux Enterprise High Availability 15-SP2
- SUSE Linux Enterprise Workstation Extension 15-SP1
- SUSE Linux Enterprise Module for Live Patching 15-SP1
- SUSE Linux Enterprise Module for Legacy Software 15-SP1
- SUSE Linux Enterprise Module for Development Tools 15-SP1
- SUSE Linux Enterprise Module for Basesystem 15-SP1
- SUSE Linux Enterprise High Availability 15-SP1
- SUSE Linux Enterprise Workstation Extension 12-SP5
- SUSE Linux Enterprise Software Development Kit 12-SP5
- SUSE Linux Enterprise Server 12-SP5
- SUSE Linux Enterprise Live Patching 12-SP5
- SUSE Linux Enterprise High Availability 12-SP5
- libzypp, zypper
- SUSE Linux Enterprise Module for Basesystem 15-SP2
- SUSE Linux Enterprise Installer 15-SP2
- rubygem-archive-tar-minitar
- SUSE Linux Enterprise Module for Containers 12
- nodejs8
- SUSE Linux Enterprise Module for Web Scripting 15-SP2
- MozillaThunderbird
- SUSE Linux Enterprise Workstation Extension 15-SP1
- SUSE Linux Enterprise Workstation Extension 15-SP2
- php7
- SUSE Linux Enterprise Module for Web Scripting 15-SP2
- SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP2
- php72
- SUSE Linux Enterprise Software Development Kit 12-SP5
- SUSE Linux Enterprise Module for Web Scripting 12
- php74
- SUSE Linux Enterprise Software Development Kit 12-SP5
- SUSE Linux Enterprise Module for Web Scripting 12
- open-iscsi
- SUSE Linux Enterprise Module for Basesystem 15-SP2
- openldap2
- SUSE Linux Enterprise Software Development Kit 12-SP5
- SUSE Linux Enterprise Server 12-SP5
- SUSE Linux Enterprise Module for Legacy Software 15-SP2
- SUSE Linux Enterprise Module for Development Tools 15-SP2
- SUSE Linux Enterprise Module for Basesystem 15-SP2
- SUSE Linux Enterprise Server 11-SECURITY
- SUSE Linux Enterprise Server for SAP 12-SP5
- SUSE Linux Enterprise Server for SAP 12-SP4
- SUSE Linux Enterprise Server for SAP 12-SP3
- SUSE Linux Enterprise Server for SAP 12-SP2
- SUSE Linux Enterprise Module for Legacy Software 12
- slurm_20_02
- SUSE Linux Enterprise Module for HPC 15-SP1
- tcmu-runner
- SUSE Enterprise Storage 6
- ImageMagick
- SUSE Linux Enterprise Server 11-SP4-LTSS
- SUSE Linux Enterprise Point of Sale 11-SP3
- SUSE Linux Enterprise Debuginfo 11-SP4
- SUSE Linux Enterprise Debuginfo 11-SP3
- SUSE Linux Enterprise Module for Development Tools 15-SP2
- SUSE Linux Enterprise Module for Desktop Applications 15-SP2
التهديدات:
يمكن للمهاجم استغلال الثغرات وتنفيذ ما يلي:
- الكشف والإفصاح عن المعلومات
- حجب الخدمة (DoS)
- تجاوز سعة مخزن الذاكرة (Buffer overflow)
- ترقية ورفع الصلاحيات
- تنفيذ برمجيات خبيثة عن بعد
الإجراءات الوقائية:
يوصي المركز بتحديث المنتجات المتأثرة، حيث أصدرت SUSE توضيحًا لهذه التحديثات:
- https://www.suse.com/support/update/announcement/2021/suse-su-20210107-1/
- https://www.suse.com/support/update/announcement/2021/suse-su-20210108-1/
- https://www.suse.com/support/update/announcement/2021/suse-su-20210109-1/
- https://www.suse.com/support/update/announcement/2021/suse-su-20210115-1/
- https://www.suse.com/support/update/announcement/2021/suse-su-20210117-1/
- https://www.suse.com/support/update/announcement/2021/suse-su-20210118-1/
- https://www.suse.com/support/update/announcement/2021/suse-su-20210121-1/
- https://www.suse.com/support/update/announcement/2021/suse-su-20210122-1/
- https://www.suse.com/support/update/announcement/2021/suse-su-20210123-1/
- https://www.suse.com/support/update/announcement/2021/suse-su-20210124-1/
- https://www.suse.com/support/update/announcement/2021/suse-su-20210125-1/
- https://www.suse.com/support/update/announcement/2021/suse-su-20210126-1/
- https://www.suse.com/support/update/announcement/2021/suse-su-20210127-1/
- https://www.suse.com/support/update/announcement/2021/suse-su-20210128-1/
- https://www.suse.com/support/update/announcement/2021/suse-su-20210129-1/
- https://www.suse.com/support/update/announcement/2021/suse-su-202114597-1/
- https://www.suse.com/support/update/announcement/2021/suse-su-20210133-1/
- https://www.suse.com/support/update/announcement/2021/suse-su-20210139-1/
- https://www.suse.com/support/update/announcement/2021/suse-su-20210142-1/
- https://www.suse.com/support/update/announcement/2021/suse-su-20210143-1/
- https://www.suse.com/support/update/announcement/2021/suse-su-202114598-1/
- https://www.suse.com/support/update/announcement/2021/suse-su-20210153-1/