SUSE-SU-2021:4191-1

Опубликовано: 27 дек. 2021

Источник: suse-cvrf

Описание

Security update for net-snmp

This update for net-snmp fixes the following issues:

CVE-2020-15862: Make extended MIB read-only (bsc#1174961)

Список пакетов

Image SLES15-SAP-Azure

libsnmp30-5.7.3-7.13.1

net-snmp-5.7.3-7.13.1

perl-SNMP-5.7.3-7.13.1

snmp-mibs-5.7.3-7.13.1

Image SLES15-SAP-Azure-BYOS

libsnmp30-5.7.3-7.13.1

net-snmp-5.7.3-7.13.1

perl-SNMP-5.7.3-7.13.1

snmp-mibs-5.7.3-7.13.1

Image SLES15-SAP-Azure-LI-BYOS-Production

libsnmp30-5.7.3-7.13.1

net-snmp-5.7.3-7.13.1

perl-SNMP-5.7.3-7.13.1

snmp-mibs-5.7.3-7.13.1

Image SLES15-SAP-Azure-VLI-BYOS-Production

libsnmp30-5.7.3-7.13.1

net-snmp-5.7.3-7.13.1

perl-SNMP-5.7.3-7.13.1

snmp-mibs-5.7.3-7.13.1

Image SLES15-SAP-EC2-HVM

libsnmp30-5.7.3-7.13.1

net-snmp-5.7.3-7.13.1

perl-SNMP-5.7.3-7.13.1

snmp-mibs-5.7.3-7.13.1

Image SLES15-SAP-EC2-HVM-BYOS

libsnmp30-5.7.3-7.13.1

net-snmp-5.7.3-7.13.1

perl-SNMP-5.7.3-7.13.1

snmp-mibs-5.7.3-7.13.1

Image SLES15-SAP-GCE

libsnmp30-5.7.3-7.13.1

net-snmp-5.7.3-7.13.1

perl-SNMP-5.7.3-7.13.1

snmp-mibs-5.7.3-7.13.1

Image SLES15-SAP-GCE-BYOS

libsnmp30-5.7.3-7.13.1

net-snmp-5.7.3-7.13.1

perl-SNMP-5.7.3-7.13.1

snmp-mibs-5.7.3-7.13.1

SUSE Linux Enterprise High Performance Computing 15-ESPOS

libsnmp30-5.7.3-7.13.1

net-snmp-5.7.3-7.13.1

net-snmp-devel-5.7.3-7.13.1

perl-SNMP-5.7.3-7.13.1

snmp-mibs-5.7.3-7.13.1

SUSE Linux Enterprise High Performance Computing 15-LTSS

libsnmp30-5.7.3-7.13.1

net-snmp-5.7.3-7.13.1

net-snmp-devel-5.7.3-7.13.1

perl-SNMP-5.7.3-7.13.1

snmp-mibs-5.7.3-7.13.1

SUSE Linux Enterprise Server 15-LTSS

libsnmp30-5.7.3-7.13.1

net-snmp-5.7.3-7.13.1

net-snmp-devel-5.7.3-7.13.1

perl-SNMP-5.7.3-7.13.1

snmp-mibs-5.7.3-7.13.1

SUSE Linux Enterprise Server for SAP Applications 15

libsnmp30-5.7.3-7.13.1

net-snmp-5.7.3-7.13.1

net-snmp-devel-5.7.3-7.13.1

perl-SNMP-5.7.3-7.13.1

snmp-mibs-5.7.3-7.13.1

Ссылки

https://www.suse.com/support/update/announcement/2021/suse-su-20214191-1/
Link for SUSE-SU-2021:4191-1
https://lists.suse.com/pipermail/sle-security-updates/2021-December/009952.html
E-Mail link for SUSE-SU-2021:4191-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1152968
SUSE Bug 1152968
https://bugzilla.suse.com/1174961
SUSE Bug 1174961
https://www.suse.com/security/cve/CVE-2020-15862/
SUSE CVE CVE-2020-15862 page

Описание

Net-SNMP through 5.8 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root.

Затронутые продукты

Image SLES15-SAP-Azure-BYOS:libsnmp30-5.7.3-7.13.1

Image SLES15-SAP-Azure-BYOS:net-snmp-5.7.3-7.13.1

Image SLES15-SAP-Azure-BYOS:perl-SNMP-5.7.3-7.13.1

Image SLES15-SAP-Azure-BYOS:snmp-mibs-5.7.3-7.13.1

Ссылки

https://www.suse.com/security/cve/CVE-2020-15862.html
CVE-2020-15862
https://bugzilla.suse.com/1174961
SUSE Bug 1174961
https://bugzilla.suse.com/1193875
SUSE Bug 1193875
https://bugzilla.suse.com/1196341
SUSE Bug 1196341

SUSE-SU-2021:4191-1

Описание

Список пакетов

Image SLES15-SAP-Azure

Image SLES15-SAP-Azure-BYOS

Image SLES15-SAP-Azure-LI-BYOS-Production

Image SLES15-SAP-Azure-VLI-BYOS-Production

Image SLES15-SAP-EC2-HVM

Image SLES15-SAP-EC2-HVM-BYOS

Image SLES15-SAP-GCE

Image SLES15-SAP-GCE-BYOS

SUSE Linux Enterprise High Performance Computing 15-ESPOS

SUSE Linux Enterprise High Performance Computing 15-LTSS

SUSE Linux Enterprise Server 15-LTSS

SUSE Linux Enterprise Server for SAP Applications 15

Ссылки

Уязвимость: CVE-2020-15862

Описание

Затронутые продукты

Ссылки