تحديثات SUSE
3386تاريخ التحذير
مستوى الخطورة
رقم التحذير
القطاع المستهدف
16 يناير, 2020
● عالي
2020-809
الكل
الوصف:
أصدرت SUSE عدة تحديثات لمعالجة عدد من الثغرات في المنتجات التالية:
- SUSE OpenStack Cloud Crowbar 8
- Virglrenderer
- java-1_8_0-ibm
- mariadb
- java-1_7_1-ibm
- log4j
- MozillaFirefox
- mozilla-nspr, mozilla-nss
- SUSE OpenStack Cloud 8
- Virglrenderer
- java-1_8_0-ibm
- mariadb
- java-1_7_1-ibm
- log4j
- MozillaFirefox
- mozilla-nspr, mozilla-nss
- SUSE OpenStack Cloud 7
- Virglrenderer
- java-1_8_0-ibm
- mariadb
- java-1_7_1-ibm
- log4j
- MozillaFirefox
- crowbar-core, crowbar-openstack, openstack-horizon-plugin-monasca-ui, openstack-monasca-api, openstack-monasca-log-api, openstack-neutron, rubygem-puma, rubygem-rest-client
- mozilla-nspr, mozilla-nss
- SUSE Linux Enterprise Software Development Kit 12-SP5
- Virglrenderer
- java-1_8_0-ibm
- openssl-1_0_0
- java-1_7_1-ibm
- log4j
- MozillaFirefox
- Libzypp
- mozilla-nspr, mozilla-nss
- openssl-1_1
- SUSE Linux Enterprise Software Development Kit 12-SP4
- Virglrenderer
- java-1_8_0-ibm
- openssl-1_0_0
- java-1_7_1-ibm
- log4j
- MozillaFirefox
- Libzypp
- mozilla-nspr, mozilla-nss
- openssl-1_1
- SUSE Linux Enterprise Server for SAP 12-SP3
- Virglrenderer
- java-1_8_0-ibm
- mariadb
- java-1_7_1-ibm
- log4j
- MozillaFirefox
- mozilla-nspr, mozilla-nss
- SUSE Linux Enterprise Server for SAP 12-SP2
- Virglrenderer
- java-1_8_0-ibm
- mariadb
- java-1_7_1-ibm
- log4j
- MozillaFirefox
- mozilla-nspr, mozilla-nss
- SUSE Linux Enterprise Server for SAP 12-SP1
- java-1_8_0-ibm
- mariadb
- java-1_7_1-ibm
- log4j
- MozillaFirefox
- mozilla-nspr, mozilla-nss
- SUSE Linux Enterprise Server 12-SP5
- Virglrenderer
- java-1_8_0-ibm
- java-1_8_0-openjdk
- sysstat
- openssl-1_0_0
- java-1_7_1-ibm
- log4j
- MozillaFirefox
- Libzypp
- mozilla-nspr, mozilla-nss
- Linux Kernel
- openssl-1_1
- SUSE Linux Enterprise Server 12-SP4
- Virglrenderer
- java-1_8_0-ibm
- java-1_8_0-openjdk
- sysstat
- openssl-1_0_0
- java-1_7_1-ibm
- log4j
- MozillaFirefox
- Libzypp
- mozilla-nspr, mozilla-nss
- openssl-1_1
- SUSE Linux Enterprise Server 12-SP3-LTSS
- Virglrenderer
- java-1_8_0-ibm
- mariadb
- java-1_7_1-ibm
- log4j
- MozillaFirefox
- mozilla-nspr, mozilla-nss
- SUSE Linux Enterprise Server 12-SP3-BCL
- Virglrenderer
- java-1_8_0-ibm
- mariadb
- java-1_7_1-ibm
- log4j
- MozillaFirefox
- mozilla-nspr, mozilla-nss
- SUSE Linux Enterprise Server 12-SP2-LTSS
- Virglrenderer
- java-1_8_0-ibm
- mariadb
- java-1_7_1-ibm
- log4j
- MozillaFirefox
- mozilla-nspr, mozilla-nss
- SUSE Linux Enterprise Server 12-SP2-BCL
- Virglrenderer
- java-1_8_0-ibm
- mariadb
- java-1_7_1-ibm
- log4j
- MozillaFirefox
- mozilla-nspr, mozilla-nss
- SUSE Linux Enterprise Server 12-SP1-LTSS
- java-1_8_0-ibm
- mariadb
- java-1_7_1-ibm
- log4j
- MozillaFirefox
- mozilla-nspr, mozilla-nss
- SUSE Linux Enterprise Server 11-SP4-LTSS
- java-1_7_1-ibm
- apache2-mod_perl
- log4j
- MozillaFirefox
- SUSE Linux Enterprise Desktop 12-SP4
- Virglrenderer
- java-1_8_0-openjdk
- sysstat
- openssl-1_0_0
- MozillaFirefox
- Libzypp
- mozilla-nspr, mozilla-nss
- openssl-1_1
- SUSE Enterprise Storage 6
- openssl-1_0_0
- SUSE Enterprise Storage 5
- Virglrenderer
- java-1_8_0-ibm
- mariadb
- java-1_7_1-ibm
- log4j
- MozillaFirefox
- mozilla-nspr, mozilla-nss
- HPE Helion Openstack 8
- virglrenderer
- java-1_8_0-ibm
- mariadb
- java-1_7_1-ibm
- log4j
- MozillaFirefox
- mozilla-nspr, mozilla-nss
- SUSE Linux Enterprise Module for Server Applications 15-SP1
- virglrenderer
- SUSE Linux Enterprise Module for Server Applications 15
- virglrenderer
- SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1
- Virglrenderer
- Tomcat
- containerd, docker, docker-runc, golang-github-docker-libnetwork
- git
- log4j
- openssl-1_0_0
- openssl-1_1
- MozillaFirefox
- libsolv, libzypp, zypper
- php7
- SUSE Linux Enterprise Module for Open Buildservice Development Tools 15
- Virglrenderer
- containerd, docker, docker-runc, golang-github-docker-libnetwork
- git
- log4j
- openssl-1_0_0
- MozillaFirefox
- libsolv, libzypp, zipper
- php7
- SUSE CaaS Platform 3.0
- Libzypp
- containerd, docker, docker-runc, golang-github-docker-libnetwork
- e2fsprogs
- mozilla-nspr, mozilla-nss
- SUSE Linux Enterprise Module for Web Scripting 15-SP1
- Tomcat
- nodejs8
- php7
- nodejs10
- SUSE Linux Enterprise Module for Web Scripting 15
- nodejs8
- php7
- nodejs10
- SUSE Linux Enterprise Module for Web Scripting 12
- nodejs12
- nodejs10
- SUSE Linux Enterprise Module for Containers 15-SP1
- containerd, docker, docker-runc, golang-github-docker-libnetwork
- SUSE Linux Enterprise Module for Containers 15
- containerd, docker, docker-runc, golang-github-docker-libnetwork
- SUSE Linux Enterprise Module for Containers 12
- containerd, docker, docker-runc, golang-github-docker-libnetwork
- SUSE Linux Enterprise Module for Development Tools 15-SP1
- Git
- log4j
- SUSE Linux Enterprise Module for Development Tools 15
- Git
- log4j
- libsolv, libzypp, zypper
- SUSE Linux Enterprise Module for Basesystem 15-SP1
- Git
- log4j
- openssl-1_1
- SUSE Linux Enterprise Module for Basesystem 15
- Git
- log4j
- libsolv, libzypp, zypper
- SUSE Linux Enterprise Point of Sale 11-SP3
- java-1_7_0-ibm
- apache2-mod_perl
- log4j
- SUSE Linux Enterprise Debuginfo 11-SP4
- apache2-mod_perl
- SUSE Linux Enterprise Debuginfo 11-SP3
- apache2-mod_perl
- SUSE Linux Enterprise Module for Legacy Software 15-SP1
- openssl-1_0_0
- SUSE Linux Enterprise Module for Legacy Software 15
- openssl-1_0_0
- SUSE Linux Enterprise Module for Desktop Applications 15-SP1
- MozillaFirefox
- SUSE Linux Enterprise Module for Desktop Applications 15
- MozillaFirefox
- SUSE Linux Enterprise Installer 15
- libsolv, libzypp, zipper
- SUSE Linux Enterprise Module for Packagehub Subpackages 15
- php7
التهديدات:
يمكن للمهاجم استغلال الثغرات وتنفيذ ما يلي:
- هجمة حجب الخدمة (DoS attack) عن بعد
- تنفيذ برمجيات خبيثة عن بعد
- الكشف والإفصاح غير المصرح به للمعلومات
- تجاوز آلية الحماية
الإجراءات الوقائية:
يوصي المركز بتحديث النسخ المتأثرة، حيث أصدرت SUSE توضيحًا لهذه التحديثات:
https://www.suse.com/support/update/