SUSE Updates

Your review has been sent successfully

SUSE Updates

2277

Classification

Security Alert

● Critical

● High

● Medium

● Low

Warning Date

Severity Level

Warning Number

Target Sector

23 February, 2020

● High

2020-942

All

Description:

SUSE has released security updates to address multiple vulnerabilities in the following products:

SUSE Linux Enterprise Module for Web Scripting 12
- nodejs10
- php72
SUSE Linux Enterprise Point of Sale 11-SP3
- java-1_7_0-ibm
SUSE Linux Enterprise Module for Packagehub Subpackages 15-SP1
- libsolv
- libzypp
- zypper
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1
- libsolv
- libzypp
- zypper
- sudo
SUSE Linux Enterprise Module for Development Tools 15-SP1
- libsolv
- libzypp
- zypper
SUSE Linux Enterprise Module for Basesystem 15-SP1
- libsolv
- libzypp
- zypper
- sudo
- ipmitool
SUSE Linux Enterprise Server 11-SP4-LTSS
- java-1_7_1-ibm
SUSE Linux Enterprise Module for HPC 12
- pdsh
- slurm
SUSE Linux Enterprise Server for SAP 12-SP1
- rsyslog
- gcc9
- sudo
SUSE Linux Enterprise Server 12-SP1-LTSS
- rsyslog
- gcc9
- sudo
SUSE OpenStack Cloud Crowbar 9
- dnsmasq
SUSE OpenStack Cloud Crowbar 8
- dnsmasq
- wicked
- sudo
- dbus-1
- gcc9
SUSE OpenStack Cloud 9
- dnsmasq
SUSE OpenStack Cloud 8
- dnsmasq
- wicked
- sudo
- dbus-1
- gcc9
SUSE OpenStack Cloud 7
- dnsmasq
- wicked
- sudo
- gcc9
SUSE Linux Enterprise Server 12-SP5
- dnsmasq
- dpdk
- ImageMagick
- sudo
- gcc9
SUSE Linux Enterprise Server 12-SP4
- dnsmasq
- ImageMagick
- sudo
- gcc9
SUSE Linux Enterprise Desktop 12-SP4
- dnsmasq
- ImageMagick
- sudo
HPE Helion Openstack 8
- dnsmasq
- wicked
- sudo
- dbus-1
- gcc9
SUSE Linux Enterprise Workstation Extension 15-SP1
- enigmail
SUSE Linux Enterprise Software Development Kit 12-SP5
- dpdk
- ImageMagick
- sudo
- php72
- fontforge
SUSE Linux Enterprise Workstation Extension 12-SP5
- ImageMagick
SUSE Linux Enterprise Workstation Extension 12-SP4
- ImageMagick
SUSE Linux Enterprise Software Development Kit 12-SP4
- ImageMagick
- sudo
- php72
- fontforge
SUSE Linux Enterprise Server for SAP 12-SP3
- wicked
- sudo
- dbus-1
- gcc9
SUSE Linux Enterprise Server for SAP 12-SP2
- wicked
- sudo
- gcc9
SUSE Linux Enterprise Server 12-SP3-LTSS
- wicked
- sudo
- gcc9
SUSE Linux Enterprise Server 12-SP3-BCL
- wicked
- sudo
- gcc9
SUSE Linux Enterprise Server 12-SP2-LTSS
- wicked
- sudo
- gcc9
SUSE Linux Enterprise Server 12-SP2-BCL
- wicked
- sudo
- gcc9
SUSE Enterprise Storage 5
- wicked
- sudo
- dbus-1
- gcc9
SUSE CaaS Platform 3.0
- wicked
- sudo
SUSE Linux Enterprise Server for SAP 15
- sudo
SUSE Linux Enterprise Server 15-LTSS
- sudo
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15
- sudo
SUSE Linux Enterprise Module for Basesystem 15
- sudo
SUSE Linux Enterprise High Performance Computing 15-LTSS
- sudo
SUSE Linux Enterprise High Performance Computing 15-ESPOS
- sudo
SUSE Linux Enterprise Module for Server Applications 15-SP1
- ipmitool
SUSE Linux Enterprise Module for Server Applications 15-SP1
- gcc9

Threats:

Attacker could exploit these vulnerabilities by doing the following:

Denial of service attack (DoS).
Privilege escalation.
Execute arbitrary code.

Best practice and Recommendations:

The CERT team encourages users to review SUSE security advisory and apply the necessary Updates:

https://www.suse.com/support/update/announcement/2020/suse-su-20200390-1/

Last updated at 23 February, 2020

SUSE Updates

Classification

Most Viewed Warnings