SUSE-SU-2021:0109-1

Опубликовано: 13 янв. 2021

Источник: suse-cvrf

Описание

Security update for libzypp, zypper

This update for libzypp, zypper fixes the following issues:

Update zypper to version 1.14.41

Update libzypp to 17.25.4

CVE-2017-9271: Fixed information leak in the log file (bsc#1050625 bsc#1177583)
RepoManager: Force refresh if repo url has changed (bsc#1174016)
RepoManager: Carefully tidy up the caches. Remove non-directory entries. (bsc#1178966)
RepoInfo: ignore legacy type= in a .repo file and let RepoManager probe (bsc#1177427).
RpmDb: If no database exists use the _dbpath configured in rpm. Still makes sure a compat symlink at /var/lib/rpm exists in case the configures _dbpath is elsewhere. (bsc#1178910)
Fixed update of gpg keys with elongated expire date (bsc#179222)
needreboot: remove udev from the list (bsc#1179083)
Fix lsof monitoring (bsc#1179909)

yast-installation was updated to 4.2.48:

Do not cleanup the libzypp cache when the system has low memory, incomplete cache confuses libzypp later (bsc#1179415)

Список пакетов

Container bci/bci-init:15.3

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container bci/golang:1.16

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container bci/golang:1.17

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container bci/golang:latest

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container bci/node:12

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container bci/node:14

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container bci/nodejs:latest

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container bci/openjdk-devel:11

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container bci/openjdk:latest

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container bci/python:3

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container bci/ruby:latest

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container ses/7.1/ceph/grafana:latest

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container ses/7.1/ceph/haproxy:latest

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container ses/7.1/ceph/keepalived:latest

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container ses/7.1/ceph/prometheus-alertmanager:latest

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container ses/7.1/ceph/prometheus-node-exporter:latest

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container ses/7.1/ceph/prometheus-server:latest

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container ses/7.1/ceph/prometheus-snmp_notifier:latest

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container ses/7.1/cephcsi/cephcsi:latest

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container ses/7.1/cephcsi/csi-attacher:v4.1.0

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container ses/7.1/cephcsi/csi-node-driver-registrar:v2.7.0

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container ses/7.1/cephcsi/csi-provisioner:v3.4.0

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container ses/7.1/cephcsi/csi-resizer:v1.7.0

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container ses/7.1/cephcsi/csi-snapshotter:v6.2.1

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container ses/7.1/rook/ceph:latest

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container ses/7/ceph/grafana:latest

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container ses/7/ceph/prometheus-alertmanager:latest

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container ses/7/ceph/prometheus-node-exporter:latest

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container ses/7/ceph/prometheus-server:latest

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container ses/7/cephcsi/cephcsi:latest

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container ses/7/cephcsi/csi-attacher:v3.3.0

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container ses/7/cephcsi/csi-livenessprobe:v1.1.0

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container ses/7/cephcsi/csi-node-driver-registrar:v2.3.0

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container ses/7/cephcsi/csi-provisioner:v3.0.0

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container ses/7/cephcsi/csi-resizer:v1.3.0

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container ses/7/cephcsi/csi-snapshotter:v2.1.0

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container ses/7/cephcsi/csi-snapshotter:v4.2.0

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container ses/7/prometheus-webhook-snmp:latest

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container ses/7/rook/ceph:latest

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container suse/sle-micro-rancher/5.2:latest

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container suse/sle-micro/5.0/toolbox:latest

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container suse/sle-micro/5.1/toolbox:latest

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container suse/sle-micro/5.2/toolbox:latest

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container suse/sle15:15.2

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container suse/sle15:15.3

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Container suse/sles/15.3/libguestfs-tools:0.45.0

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Image SLES15-SP2-Azure-Basic

libzypp-17.25.5-3.25.6

yast2-installation-4.2.48-3.16.1

zypper-1.14.41-3.14.10

Image SLES15-SP2-Azure-Standard

libzypp-17.25.5-3.25.6

yast2-installation-4.2.48-3.16.1

zypper-1.14.41-3.14.10

Image SLES15-SP2-BYOS-Azure

libzypp-17.25.5-3.25.6

yast2-installation-4.2.48-3.16.1

zypper-1.14.41-3.14.10

Image SLES15-SP2-BYOS-EC2-HVM

libzypp-17.25.5-3.25.6

yast2-installation-4.2.48-3.16.1

zypper-1.14.41-3.14.10

Image SLES15-SP2-BYOS-GCE

libzypp-17.25.5-3.25.6

yast2-installation-4.2.48-3.16.1

zypper-1.14.41-3.14.10

Image SLES15-SP2-CHOST-BYOS-Aliyun

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Image SLES15-SP2-CHOST-BYOS-Azure

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Image SLES15-SP2-CHOST-BYOS-EC2

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Image SLES15-SP2-CHOST-BYOS-GCE

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Image SLES15-SP2-EC2-ECS-HVM

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Image SLES15-SP2-EC2-HVM

libzypp-17.25.5-3.25.6

yast2-installation-4.2.48-3.16.1

zypper-1.14.41-3.14.10

Image SLES15-SP2-GCE

libzypp-17.25.5-3.25.6

yast2-installation-4.2.48-3.16.1

zypper-1.14.41-3.14.10

Image SLES15-SP2-HPC-Azure

libzypp-17.25.5-3.25.6

yast2-installation-4.2.48-3.16.1

zypper-1.14.41-3.14.10

Image SLES15-SP2-HPC-BYOS-Azure

libzypp-17.25.5-3.25.6

yast2-installation-4.2.48-3.16.1

zypper-1.14.41-3.14.10

Image SLES15-SP2-HPC-BYOS-EC2-HVM

libzypp-17.25.5-3.25.6

yast2-installation-4.2.48-3.16.1

zypper-1.14.41-3.14.10

Image SLES15-SP2-Manager-4-1-Proxy-BYOS-Azure

libzypp-17.25.5-3.25.6

yast2-installation-4.2.48-3.16.1

zypper-1.14.41-3.14.10

Image SLES15-SP2-Manager-4-1-Proxy-BYOS-EC2-HVM

libzypp-17.25.5-3.25.6

yast2-installation-4.2.48-3.16.1

zypper-1.14.41-3.14.10

Image SLES15-SP2-Manager-4-1-Proxy-BYOS-GCE

libzypp-17.25.5-3.25.6

yast2-installation-4.2.48-3.16.1

zypper-1.14.41-3.14.10

Image SLES15-SP2-Manager-4-1-Server-BYOS-Azure

libzypp-17.25.5-3.25.6

yast2-installation-4.2.48-3.16.1

zypper-1.14.41-3.14.10

Image SLES15-SP2-Manager-4-1-Server-BYOS-EC2-HVM

libzypp-17.25.5-3.25.6

yast2-installation-4.2.48-3.16.1

zypper-1.14.41-3.14.10

Image SLES15-SP2-Manager-4-1-Server-BYOS-GCE

libzypp-17.25.5-3.25.6

yast2-installation-4.2.48-3.16.1

zypper-1.14.41-3.14.10

Image SLES15-SP2-SAP-Azure

libzypp-17.25.5-3.25.6

yast2-installation-4.2.48-3.16.1

zypper-1.14.41-3.14.10

Image SLES15-SP2-SAP-Azure-LI-BYOS-Production

libzypp-17.25.5-3.25.6

yast2-installation-4.2.48-3.16.1

zypper-1.14.41-3.14.10

Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production

libzypp-17.25.5-3.25.6

yast2-installation-4.2.48-3.16.1

zypper-1.14.41-3.14.10

Image SLES15-SP2-SAP-BYOS-Azure

libzypp-17.25.5-3.25.6

yast2-installation-4.2.48-3.16.1

zypper-1.14.41-3.14.10

Image SLES15-SP2-SAP-BYOS-EC2-HVM

libzypp-17.25.5-3.25.6

yast2-installation-4.2.48-3.16.1

zypper-1.14.41-3.14.10

Image SLES15-SP2-SAP-BYOS-GCE

libzypp-17.25.5-3.25.6

yast2-installation-4.2.48-3.16.1

zypper-1.14.41-3.14.10

Image SLES15-SP2-SAP-EC2-HVM

libzypp-17.25.5-3.25.6

yast2-installation-4.2.48-3.16.1

zypper-1.14.41-3.14.10

Image SLES15-SP2-SAP-GCE

libzypp-17.25.5-3.25.6

yast2-installation-4.2.48-3.16.1

zypper-1.14.41-3.14.10

Image SLES15-SP3-BYOS-Azure

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Image SLES15-SP3-BYOS-EC2-HVM

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Image SLES15-SP3-BYOS-GCE

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Image SLES15-SP3-CHOST-BYOS-Aliyun

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Image SLES15-SP3-CHOST-BYOS-Azure

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Image SLES15-SP3-CHOST-BYOS-EC2

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Image SLES15-SP3-CHOST-BYOS-GCE

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Image SLES15-SP3-CHOST-BYOS-SAP-CCloud

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Image SLES15-SP3-EC2-ECS-HVM

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Image SLES15-SP3-EC2-HVM

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Image SLES15-SP3-GCE

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Image SLES15-SP3-HPC-Azure

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Image SLES15-SP3-HPC-BYOS-Azure

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Image SLES15-SP3-HPC-BYOS-EC2-HVM

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Image SLES15-SP3-HPC-BYOS-GCE

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Image SLES15-SP3-Micro-5-1-BYOS-Azure

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

zypper-needs-restarting-1.14.41-3.14.10

Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

zypper-needs-restarting-1.14.41-3.14.10

Image SLES15-SP3-Micro-5-1-BYOS-GCE

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

zypper-needs-restarting-1.14.41-3.14.10

Image SLES15-SP3-Micro-5-2-BYOS-Azure

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

zypper-needs-restarting-1.14.41-3.14.10

Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

zypper-needs-restarting-1.14.41-3.14.10

Image SLES15-SP3-Micro-5-2-BYOS-GCE

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

zypper-needs-restarting-1.14.41-3.14.10

Image SLES15-SP3-Micro-BYOS-GCE

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

zypper-needs-restarting-1.14.41-3.14.10

Image SLES15-SP3-SAP-Azure

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Image SLES15-SP3-SAP-Azure-LI-BYOS-Production

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Image SLES15-SP3-SAP-BYOS-Azure

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Image SLES15-SP3-SAP-BYOS-EC2-HVM

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Image SLES15-SP3-SAP-BYOS-GCE

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Image SLES15-SP3-SAP-EC2-HVM

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Image SLES15-SP3-SAP-GCE

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Image SLES15-SP3-SAPCAL-Azure

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Image SLES15-SP3-SAPCAL-EC2-HVM

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

Image SLES15-SP3-SAPCAL-GCE

libzypp-17.25.5-3.25.6

zypper-1.14.41-3.14.10

SUSE Linux Enterprise Installer Updates 15 SP2

libzypp-17.25.5-3.25.6

yast2-installation-4.2.48-3.16.1

SUSE Linux Enterprise Module for Basesystem 15 SP2

libzypp-17.25.5-3.25.6

libzypp-devel-17.25.5-3.25.6

yast2-installation-4.2.48-3.16.1

zypper-1.14.41-3.14.10

zypper-log-1.14.41-3.14.10

zypper-needs-restarting-1.14.41-3.14.10

Ссылки

https://www.suse.com/support/update/announcement/2021/suse-su-20210109-1/
Link for SUSE-SU-2021:0109-1
https://lists.suse.com/pipermail/sle-security-updates/2021-January/008193.html
E-Mail link for SUSE-SU-2021:0109-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1050625
SUSE Bug 1050625
https://bugzilla.suse.com/1174016
SUSE Bug 1174016
https://bugzilla.suse.com/1177238
SUSE Bug 1177238
https://bugzilla.suse.com/1177275
SUSE Bug 1177275
https://bugzilla.suse.com/1177427
SUSE Bug 1177427
https://bugzilla.suse.com/1177583
SUSE Bug 1177583
https://bugzilla.suse.com/1178910
SUSE Bug 1178910
https://bugzilla.suse.com/1178966
SUSE Bug 1178966
https://bugzilla.suse.com/1179083
SUSE Bug 1179083
https://bugzilla.suse.com/1179222
SUSE Bug 1179222
https://bugzilla.suse.com/1179415
SUSE Bug 1179415
https://bugzilla.suse.com/1179909
SUSE Bug 1179909
https://www.suse.com/security/cve/CVE-2017-9271/
SUSE CVE CVE-2017-9271 page

Описание

The commandline package update tool zypper writes HTTP proxy credentials into its logfile, allowing local attackers to gain access to proxies used.

Затронутые продукты

Container bci/bci-init:15.3:libzypp-17.25.5-3.25.6

Container bci/bci-init:15.3:zypper-1.14.41-3.14.10

Container bci/golang:1.16:libzypp-17.25.5-3.25.6

Container bci/golang:1.16:zypper-1.14.41-3.14.10

Ссылки

https://www.suse.com/security/cve/CVE-2017-9271.html
CVE-2017-9271
https://bugzilla.suse.com/1050625
SUSE Bug 1050625