The official site for Saudi CERT
SUSE Updates
2636
Warning Date
Severity Level
Warning Number
Target Sector
13 September, 2020
● Medium
2020-1758
All
Description:
SUSE has released security updates to address multiple vulnerabilities in the following products:
- libxml2
- SUSE Linux Enterprise Module for Python2 15-SP2
- SUSE Linux Enterprise Module for Python2 15-SP1
- SUSE Linux Enterprise Module for Basesystem 15-SP2
- SUSE Linux Enterprise Module for Basesystem 15-SP1
- tomcat
- SUSE OpenStack Cloud Crowbar 8
- SUSE OpenStack Cloud 8
- SUSE OpenStack Cloud 7
- SUSE Linux Enterprise Server for SAP 12-SP3
- SUSE Linux Enterprise Server for SAP 12-SP2
- SUSE Linux Enterprise Server 12-SP3-LTSS
- SUSE Linux Enterprise Server 12-SP3-BCL
- SUSE Linux Enterprise Server 12-SP2-LTSS
- SUSE Linux Enterprise Server 12-SP2-BCL
- SUSE Enterprise Storage 5
- HPE Helion Openstack 8
- Linux Kernel
- SUSE Linux Enterprise Server for SAP 15
- SUSE Linux Enterprise Server 15-LTSS
- SUSE Linux Enterprise Module for Live Patching 15
- SUSE Linux Enterprise High Performance Computing 15-LTSS
- SUSE Linux Enterprise High Performance Computing 15-ESPOS
- SUSE Linux Enterprise High Availability 15
- SUSE Linux Enterprise Real Time Extension 12-SP5
- libxml2
- SUSE Linux Enterprise Software Development Kit 12-SP5
- SUSE Linux Enterprise Server 12-SP5
- pdsh, slurm_20_02
- SUSE Linux Enterprise Module for HPC 12
- golang-github-prometheus-prometheus
- SUSE Enterprise Storage 6
- gimp
- SUSE Linux Enterprise Workstation Extension 15-SP1
- SUSE Linux Enterprise Workstation Extension 12-SP5
- SUSE Linux Enterprise Software Development Kit 12-SP5
- slurm
- SUSE Linux Enterprise Module for HPC 15-SP1
- SUSE Linux Enterprise High Performance Computing 15-LTSS
- SUSE Linux Enterprise High Performance Computing 15-ESPOS
- SUSE Linux Enterprise Module for HPC 12
- SUSE Linux Enterprise Module for HPC 15-SP1
- slurm_18_08
- SUSE Linux Enterprise Module for HPC 12
- SUSE Linux Enterprise High Performance Computing 15-LTSS
- SUSE Linux Enterprise High Performance Computing 15-ESPOS
Threats:
Attacker could exploit these vulnerabilities by doing the following:
- Obtain sensitive information.
- Privilege escalation.
- Memory crupption
- Bypass security restrictions
Best practice and Recommendations:
The CERT team encourages users to review SUSE security advisory and apply the necessary updates:
- https://www.suse.com/support/update/announcement/2020/suse-su-20202612-1/
- https://www.suse.com/support/update/announcement/2020/suse-su-20202611-1/
- https://www.suse.com/support/update/announcement/2020/suse-su-20202610-1/
- https://www.suse.com/support/update/announcement/2020/suse-su-20202609-1/
- https://www.suse.com/support/update/announcement/2020/suse-su-20202609-1/
- https://www.suse.com/support/update/announcement/2020/suse-su-20202607-1/
- https://www.suse.com/support/update/announcement/2020/suse-su-20202606-1/
- https://www.suse.com/support/update/announcement/2020/suse-su-20202605-1/
- https://www.suse.com/support/update/announcement/2020/suse-su-20202604-1/
- https://www.suse.com/support/update/announcement/2020/suse-su-20202603-1/
- https://www.suse.com/support/update/announcement/2020/suse-su-20202602-1/
- https://www.suse.com/support/update/announcement/2020/suse-su-20202601-1/
- https://www.suse.com/support/update/announcement/2020/suse-su-20202600-1/
- https://www.suse.com/support/update/announcement/2020/suse-su-20202599-1/
- https://www.suse.com/support/update/announcement/2020/suse-su-20202598-1/
Rate the content
Share the page
