الوصف:

أصدرت SUSE عدّة تحديثات لمعالجة عددٍ من الثغرات في المنتجات التالية:

• python-cryptography
  • SUSE Linux Enterprise Module for Python2 15-SP2
  • SUSE Linux Enterprise Module for Basesystem 15-SP2
• rpmlint
  • SUSE Linux Enterprise Module for Development Tools 15-SP2
• postgresql-jdbc
  • SUSE Linux Enterprise Server 12-SP5
• ImageMagick
  • SUSE Linux Enterprise Workstation Extension 12-SP5
  • SUSE Linux Enterprise Software Development Kit 12-SP5
  • SUSE Linux Enterprise Server 12-SP5
  • SUSE Linux Enterprise Module for Development Tools 15-SP2
  • SUSE Linux Enterprise Module for Desktop Applications 15-SP2
• python-Jinja2
  • SUSE OpenStack Cloud 7
  • SUSE Linux Enterprise Point of Sale 12-SP2
  • SUSE OpenStack Cloud Crowbar 9
  • SUSE OpenStack Cloud 9
  • SUSE OpenStack Cloud Crowbar 8
  • SUSE OpenStack Cloud 8
  • HPE Helion Openstack 8
  • SUSE Linux Enterprise Server 11-SP4-CLIENT-TOOLS
  • SUSE Linux Enterprise Server 11-SP3-CLIENT-TOOLS
  • SUSE Linux Enterprise Server 11-PUBCLOUD
  • SUSE Manager Tools 12
  • SUSE Linux Enterprise Module for Public Cloud 12
  • SUSE Linux Enterprise Module for Advanced Systems Management 12
  • SUSE Manager Server 4.0
  • SUSE Manager Retail Branch Server 4.0
  • SUSE Manager Proxy 4.0
  • SUSE Linux Enterprise Server for SAP 15-SP1
  • SUSE Linux Enterprise Server for SAP 15
  • SUSE Linux Enterprise Server 15-SP1-LTSS
  • SUSE Linux Enterprise Server 15-SP1-BCL
  • SUSE Linux Enterprise Server 15-LTSS
  • SUSE Linux Enterprise Module for Python2 15-SP3
  • SUSE Linux Enterprise Module for Python2 15-SP2
  • SUSE Linux Enterprise Module for Basesystem 15-SP3
  • SUSE Linux Enterprise Module for Basesystem 15-SP2
  • SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
  • SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
  • SUSE Linux Enterprise High Performance Computing 15-LTSS
  • SUSE Linux Enterprise High Performance Computing 15-ESPOS
  • SUSE Enterprise Storage 6
  • SUSE CaaS Platform 4.0
• glibc
  • SUSE Linux Enterprise Software Development Kit 12-SP5
  • SUSE Linux Enterprise Server 12-SP5
  • SUSE Manager Server 4.0
  • SUSE Manager Retail Branch Server 4.0
  • SUSE Manager Proxy 4.0
  • SUSE Linux Enterprise Server for SAP 15-SP1
  • SUSE Linux Enterprise Server for SAP 15
  • SUSE Linux Enterprise Server 15-SP1-LTSS
  • SUSE Linux Enterprise Server 15-SP1-BCL
  • SUSE Linux Enterprise Server 15-LTSS
  • SUSE Linux Enterprise Module for Development Tools 15-SP2
  • SUSE Linux Enterprise Module for Basesystem 15-SP2
  • SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
  • SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
  • SUSE Linux Enterprise High Performance Computing 15-LTSS
  • SUSE Linux Enterprise High Performance Computing 15-ESPOS
  • SUSE Enterprise Storage 6
  • SUSE CaaS Platform 4.0
• salt
  • SUSE Manager Ubuntu 20.04-CLIENT-TOOLS
  • SUSE Manager Debian 9.0-CLIENT-TOOLS
  • SUSE Manager Ubuntu 16.04-CLIENT-TOOLS
  • SUSE Manager Ubuntu 18.04-CLIENT-TOOLS
  • SUSE Manager Debian 10-CLIENT-TOOLS
  • SUSE Manager Tools 12
  • SUSE Linux Enterprise Point of Sale 12-SP2
  • SUSE Linux Enterprise Module for Advanced Systems Management 12
  • SUSE Linux Enterprise Server for SAP 15
  • SUSE Linux Enterprise Server 15-LTSS
  • SUSE Linux Enterprise High Performance Computing 15-LTSS
  • SUSE Linux Enterprise High Performance Computing 15-ESPOS
  • SUSE Linux Enterprise Server 11-SP4-CLIENT-TOOLS
  • SUSE Linux Enterprise Server 11-SP3-CLIENT-TOOLS
  • SUSE Linux Enterprise Module for Server Applications 15-SP2
  • SUSE Linux Enterprise Module for Python2 15-SP2
  • SUSE Linux Enterprise Module for Basesystem 15-SP2
  • SUSE Manager Server 4.0
  • SUSE Manager Retail Branch Server 4.0
  • SUSE Manager Proxy 4.0
  • SUSE Linux Enterprise Server for SAP 15-SP1
  • SUSE Linux Enterprise Server 15-SP1-LTSS
  • SUSE Linux Enterprise Server 15-SP1-BCL
  • SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS
  • SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS
  • SUSE Enterprise Storage 6
  • SUSE CaaS Platform 4.0
• py26-compat-salt
  • SUSE Linux Enterprise Module for SUSE Manager Server 4.1
  • SUSE Linux Enterprise Module for SUSE Manager Server 4.0
• csync2
  • SUSE Linux Enterprise High Availability 12-SP5
  • SUSE Linux Enterprise High Availability 12-SP4
  • SUSE Linux Enterprise High Availability 12-SP3
• nodejs14
  • SUSE Linux Enterprise Module for Web Scripting 15-SP2
  • SUSE Linux Enterprise Module for Web Scripting 12
• nodejs12
  • SUSE Linux Enterprise Module for Web Scripting 12
  • SUSE Linux Enterprise Module for Web Scripting 15-SP2
• java-1_8_0-ibm
  • SUSE OpenStack Cloud Crowbar 9
  • SUSE OpenStack Cloud Crowbar 8
  • SUSE OpenStack Cloud 9
  • SUSE OpenStack Cloud 8
  • SUSE OpenStack Cloud 7
  • SUSE Linux Enterprise Software Development Kit 12-SP5
  • SUSE Linux Enterprise Server for SAP 12-SP4
  • SUSE Linux Enterprise Server for SAP 12-SP3
  • SUSE Linux Enterprise Server for SAP 12-SP2
  • SUSE Linux Enterprise Server 12-SP5
  • SUSE Linux Enterprise Server 12-SP4-LTSS
  • SUSE Linux Enterprise Server 12-SP3-LTSS
  • SUSE Linux Enterprise Server 12-SP3-BCL
  • SUSE Linux Enterprise Server 12-SP2-LTSS
  • SUSE Linux Enterprise Server 12-SP2-BCL
  • HPE Helion Openstack 8

التهديدات:

يمكن للمهاجم استغلال هذه الثغرات وتنفيذ ما يلي:

• حجب الخدمة (DoS)
• تجاوز سعة مخزن الذاكرة المؤقت
• تنفيذ برمجيات خبيثة

الإجراءات الوقائية:

يوصي المركز بتحديث المنتجات المتأثرة، حيث أصدرت SUSE توضيحًا لهذه التحديثات:

• https://www.suse.com/support/update/announcement/2021/suse-su-20210594-1/
• https://www.suse.com/support/update/announcement/2021/suse-su-20210597-1/
• https://www.suse.com/support/update/announcement/2021/suse-su-20210599-1
• https://www.suse.com/support/update/announcement/2021/suse-su-20210600-1/
• https://www.suse.com/support/update/announcement/2021/suse-su-20210601-1/
• https://www.suse.com/support/update/announcement/2021/suse-su-20210602-1/
• https://www.suse.com/support/update/announcement/2021/suse-su-20210603-1/
• https://www.suse.com/support/update/announcement/2021/suse-su-20210605-1/
• https://www.suse.com/support/update/announcement/2021/suse-su-202114644-1/
• https://www.suse.com/support/update/announcement/2021/suse-su-20210607-1/
• https://www.suse.com/support/update/announcement/2021/suse-su-20210608-1/
• https://www.suse.com/support/update/announcement/2021/suse-su-202114646-1/
• https://www.suse.com/support/update/announcement/2021/suse-su-20210619-1/
• https://www.suse.com/support/update/announcement/2021/suse-su-202114647-1/
• https://www.suse.com/support/update/announcement/2021/suse-su-202114649-1/
• https://www.suse.com/support/update/announcement/2021/suse-su-20210624-1/
• https://www.suse.com/support/update/announcement/2021/suse-su-20210625-1/
• https://www.suse.com/support/update/announcement/2021/suse-su-20210626-1/
• https://www.suse.com/support/update/announcement/2021/suse-su-20210627-1/
• https://www.suse.com/support/update/announcement/2021/suse-su-20210628-1/
• https://www.suse.com/support/update/announcement/2021/suse-su-202114650-1/
• https://www.suse.com/support/update/announcement/2021/suse-su-20210630-1/
• https://www.suse.com/support/update/announcement/2021/suse-su-20210631-1/
• https://www.suse.com/support/update/announcement/2021/suse-su-20210647-1/
• https://www.suse.com/support/update/announcement/2021/suse-su-20210648-1/
• https://www.suse.com/support/update/announcement/2021/suse-su-20210649-1/
• https://www.suse.com/support/update/announcement/2021/suse-su-20210650-1/
• https://www.suse.com/support/update/announcement/2021/suse-su-20210651-1
• https://www.suse.com/support/update/announcement/2021/suse-su-20210652-1/
• https://www.suse.com/support/update/announcement/2021/suse-su-20210653-1/
• https://www.suse.com/support/update/announcement/2021/suse-su-20210654-1/