الوصف:

أصدرت SUSE عدة تحديثات لمعالجة عدد من الثغرات في المنتجات التالية:

• ovmf
  • SUSE Linux Enterprise Module for Server Applications 15-SP1
• libpng16
  • SUSE OpenStack Cloud 8
  • SUSE OpenStack Cloud 7
  • SUSE Linux Enterprise Server for SAP 12-SP3
  • SUSE Linux Enterprise Server for SAP 12-SP2
  • SUSE Linux Enterprise Server for SAP 12-SP1
  • SUSE Linux Enterprise Server 12-SP3-LTSS
  • SUSE Linux Enterprise Server 12-SP3-BCL
  • SUSE Linux Enterprise Server 12-SP2-LTSS
  • SUSE Linux Enterprise Server 12-SP2-BCL
  • SUSE Linux Enterprise Server 12-SP1-LTSS
  • SUSE Enterprise Storage 5
• compat-openssl098
  • SUSE Linux Enterprise Server for SAP 12-SP5
  • SUSE Linux Enterprise Server for SAP 12-SP4
  • SUSE Linux Enterprise Server for SAP 12-SP3
  • SUSE Linux Enterprise Server for SAP 12-SP2
  • SUSE Linux Enterprise Server for SAP 12-SP1
  • SUSE Linux Enterprise Module for Legacy Software 12
• python
  • SUSE Linux Enterprise Server 11-SP4-LTSS
  • SUSE Linux Enterprise Point of Sale 11-SP3
  • SUSE Linux Enterprise Debuginfo 11-SP4
  • SUSE Linux Enterprise Debuginfo 11-SP3
• yast2-rmt
  • SUSE Linux Enterprise Module for Server Applications 15-SP1
• Linux Kernel
  • SUSE Linux Enterprise High Availability 12-SP4
  • SUSE Linux Enterprise High Availability 12-SP5
  • SUSE Linux Enterprise Live Patching 12-SP4
  • SUSE Linux Enterprise Live Patching 12-SP5
  • SUSE Linux Enterprise Server 12-SP4
  • SUSE Linux Enterprise Server 12-SP5
  • SUSE Linux Enterprise Software Development Kit 12-SP4
  • SUSE Linux Enterprise Software Development Kit 12-SP5
  • SUSE Linux Enterprise Workstation Extension 12-SP4
  • SUSE Linux Enterprise Workstation Extension 12-SP5
  • SUSE Linux Enterprise Real Time Extension 12-SP4

• • SUSE Linux Enterprise Real Time Extension 12-SP5
• cloud-init
  • SUSE Linux Enterprise Module for Public Cloud 15
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15
• postgresql96
  • SUSE OpenStack Cloud Crowbar 8
  • SUSE OpenStack Cloud 8
  • SUSE OpenStack Cloud 7
  • SUSE Linux Enterprise Server for SAP 12-SP3
  • SUSE Linux Enterprise Server for SAP 12-SP2
  • SUSE Linux Enterprise Server for SAP 12-SP1
  • SUSE Linux Enterprise Server 12-SP3-LTSS
  • SUSE Linux Enterprise Server 12-SP3-BCL
  • SUSE Linux Enterprise Server 12-SP2-LTSS
  • SUSE Linux Enterprise Server 12-SP2-BCL
  • SUSE Linux Enterprise Server 12-SP1-LTSS
  • SUSE Enterprise Storage 5
  • HPE Helion Openstack 8
• postgresql10
  • SUSE Linux Enterprise Server for SAP 15
  • SUSE Linux Enterprise Server 15-LTSS
  • SUSE Linux Enterprise Module for Server Applications 15
  • SUSE Linux Enterprise Module for Packagehub Subpackages 15
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15
  • SUSE Linux Enterprise Module for Basesystem 15
  • SUSE Linux Enterprise High Performance Computing 15-LTSS
  • SUSE Linux Enterprise High Performance Computing 15-ESPOS
• gd
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1
  • SUSE Linux Enterprise Module for Desktop Applications 15-SP1
  • SUSE Linux Enterprise Module for Basesystem 15-SP1
• tomcat
  • SUSE Linux Enterprise Server for SAP 15
  • SUSE Linux Enterprise Server 15-LTSS
  • SUSE Linux Enterprise High Performance Computing 15-LTSS
  • SUSE Linux Enterprise High Performance Computing 15-ESPOS
• gimp
  • SUSE Linux Enterprise Workstation Extension 12-SP5
  • SUSE Linux Enterprise Workstation Extension 12-SP4
  • SUSE Linux Enterprise Software Development Kit 12-SP5
  • SUSE Linux Enterprise Software Development Kit 12-SP4
  • SUSE Linux Enterprise Desktop 12-SP4
• librsvg
  • SUSE Linux Enterprise Software Development Kit 12-SP5
  • SUSE Linux Enterprise Software Development Kit 12-SP4
  • SUSE Linux Enterprise Server 12-SP5
  • SUSE Linux Enterprise Server 12-SP4

التهديدات:

يمكن للمهاجم استغلال الثغرات وتنفيذ ما يلي:

• هجمة حجب الخدمة (DoS attack)
• الكشف والإفصاح غير المصرح به للمعلومات
• تنفيذ برمجيات خبيثة

الإجراءات الوقائية:

يوصي المركز بتحديث النسخ المتأثرة حيث أصدرتSUSE توضيحًا لهذه التحديثات:

• https://www.suse.com/support/update/announcement/2020/suse-su-20200568-1/
• https://www.suse.com/support/update/announcement/2020/suse-su-20193060-2/
• https://www.suse.com/support/update/announcement/2020/suse-su-20200576-1/
• https://www.suse.com/support/update/announcement/2020/suse-su-202014306-1/
• https://www.suse.com/support/update/announcement/2020/suse-su-20200578-1/
• https://www.suse.com/support/update/announcement/2020/suse-su-20200580-1/
• https://www.suse.com/support/update/announcement/2020/suse-su-20200584-1/
• https://www.suse.com/support/update/announcement/2020/suse-su-20200585-1/
• https://www.suse.com/support/update/announcement/2020/suse-su-20200586-1/
• https://www.suse.com/support/update/announcement/2020/suse-su-20200589-1/
• https://www.suse.com/support/update/announcement/2020/suse-su-20200594-1/
• https://www.suse.com/support/update/announcement/2020/suse-su-20200598-1/
• https://www.suse.com/support/update/announcement/2020/suse-su-20200599-1/
• https://www.suse.com/support/update/announcement/2020/suse-su-20200601-1/
• https://www.suse.com/support/update/announcement/2020/suse-su-20200604-1/
• https://www.suse.com/support/update/announcement/2020/suse-su-20200605-1/