Описание
Security update for protobuf
This update for protobuf fixes the following issues:
- CVE-2021-22569: Fixed Denial of Service in protobuf-java in the parsing procedure for binary data (bsc#1194530).
- CVE-2022-1941: Fix a potential DoS issue in protobuf-cpp and protobuf-python (bsc#1203681)
- CVE-2022-3171: Fix a potential DoS issue when parsing with binary data in protobuf-java (bsc#1204256)
Список пакетов
Container bci/bci-init:15.3
libprotobuf-lite20-3.9.2-150200.4.19.2
Container bci/node:12
libprotobuf-lite20-3.9.2-150200.4.19.2
Container bci/python:3
libprotobuf-lite20-3.9.2-150200.4.19.2
Container ses/7.1/ceph/grafana:latest
libprotobuf-lite20-3.9.2-150200.4.19.2
Container ses/7.1/ceph/haproxy:latest
libprotobuf-lite20-3.9.2-150200.4.19.2
Container ses/7.1/ceph/keepalived:latest
libprotobuf-lite20-3.9.2-150200.4.19.2
Container ses/7.1/ceph/prometheus-alertmanager:latest
libprotobuf-lite20-3.9.2-150200.4.19.2
Container ses/7.1/ceph/prometheus-node-exporter:latest
libprotobuf-lite20-3.9.2-150200.4.19.2
Container ses/7.1/ceph/prometheus-server:latest
libprotobuf-lite20-3.9.2-150200.4.19.2
Container ses/7.1/ceph/prometheus-snmp_notifier:latest
libprotobuf-lite20-3.9.2-150200.4.19.2
Container ses/7.1/cephcsi/cephcsi:latest
libprotobuf-lite20-3.9.2-150200.4.19.2
Container ses/7.1/cephcsi/csi-attacher:v4.1.0
libprotobuf-lite20-3.9.2-150200.4.19.2
Container ses/7.1/cephcsi/csi-node-driver-registrar:v2.7.0
libprotobuf-lite20-3.9.2-150200.4.19.2
Container ses/7.1/cephcsi/csi-provisioner:v3.4.0
libprotobuf-lite20-3.9.2-150200.4.19.2
Container ses/7.1/cephcsi/csi-resizer:v1.7.0
libprotobuf-lite20-3.9.2-150200.4.19.2
Container ses/7.1/cephcsi/csi-snapshotter:v6.2.1
libprotobuf-lite20-3.9.2-150200.4.19.2
Container ses/7.1/rook/ceph:latest
libprotobuf-lite20-3.9.2-150200.4.19.2
Container suse/hpc/warewulf4-x86_64/sle-hpc-node:latest
libprotobuf-lite20-3.9.2-150200.4.19.2
Container suse/sle15:15.3
libprotobuf-lite20-3.9.2-150200.4.19.2
Container suse/sle15:15.4
libprotobuf-lite20-3.9.2-150200.4.19.2
Container suse/sles/15.5/libguestfs-tools:0.58.0
libprotobuf-lite20-3.9.2-150200.4.19.2
Image SLES15-SP2-BYOS-Azure
libprotobuf-lite20-3.9.2-150200.4.19.2
Image SLES15-SP2-BYOS-EC2-HVM
libprotobuf-lite20-3.9.2-150200.4.19.2
Image SLES15-SP2-HPC-BYOS-Azure
libprotobuf-lite20-3.9.2-150200.4.19.2
Image SLES15-SP2-HPC-BYOS-EC2-HVM
libprotobuf-lite20-3.9.2-150200.4.19.2
Image SLES15-SP2-SAP-Azure
libprotobuf-lite20-3.9.2-150200.4.19.2
Image SLES15-SP2-SAP-Azure-LI-BYOS-Production
libprotobuf-lite20-3.9.2-150200.4.19.2
Image SLES15-SP2-SAP-Azure-VLI-BYOS-Production
libprotobuf-lite20-3.9.2-150200.4.19.2
Image SLES15-SP2-SAP-BYOS-Azure
libprotobuf-lite20-3.9.2-150200.4.19.2
Image SLES15-SP2-SAP-BYOS-EC2-HVM
libprotobuf-lite20-3.9.2-150200.4.19.2
Image SLES15-SP2-SAP-BYOS-GCE
libprotobuf-lite20-3.9.2-150200.4.19.2
Image SLES15-SP2-SAP-EC2-HVM
libprotobuf-lite20-3.9.2-150200.4.19.2
Image SLES15-SP2-SAP-GCE
libprotobuf-lite20-3.9.2-150200.4.19.2
Image SLES15-SP3-BYOS-Azure
python3-protobuf-3.9.2-150200.4.19.2
Image SLES15-SP3-CHOST-BYOS-SAP-CCloud
libprotobuf-lite20-3.9.2-150200.4.19.2
Image SLES15-SP3-HPC-BYOS-Azure
python3-protobuf-3.9.2-150200.4.19.2
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure
libprotobuf-lite20-3.9.2-150200.4.19.2
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM
libprotobuf-lite20-3.9.2-150200.4.19.2
Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE
libprotobuf-lite20-3.9.2-150200.4.19.2
Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure
libprotobuf-lite20-3.9.2-150200.4.19.2
protobuf-java-3.9.2-150200.4.19.2
Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM
libprotobuf-lite20-3.9.2-150200.4.19.2
protobuf-java-3.9.2-150200.4.19.2
Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE
libprotobuf-lite20-3.9.2-150200.4.19.2
protobuf-java-3.9.2-150200.4.19.2
Image SLES15-SP3-SAP-BYOS-Azure
python3-protobuf-3.9.2-150200.4.19.2
Image SLES15-SP3-SAPCAL-Azure
python3-protobuf-3.9.2-150200.4.19.2
Image SLES15-SP4
libprotobuf-lite20-3.9.2-150200.4.19.2
Image SLES15-SP4-Azure-Basic
libprotobuf-lite20-3.9.2-150200.4.19.2
Image SLES15-SP4-Azure-Standard
libprotobuf-lite20-3.9.2-150200.4.19.2
Image SLES15-SP4-EC2
libprotobuf-lite20-3.9.2-150200.4.19.2
Image SLES15-SP4-EC2-ECS-HVM
libprotobuf-lite20-3.9.2-150200.4.19.2
Image SLES15-SP4-GCE
libprotobuf-lite20-3.9.2-150200.4.19.2
Image SLES15-SP4-HPC
libprotobuf-lite20-3.9.2-150200.4.19.2
Image SLES15-SP4-HPC-Azure
libprotobuf-lite20-3.9.2-150200.4.19.2
Image SLES15-SP4-Micro-5-3-Azure
libprotobuf-lite20-3.9.2-150200.4.19.2
Image SLES15-SP4-Micro-5-3-GCE
libprotobuf-lite20-3.9.2-150200.4.19.2
Image SLES15-SP4-Micro-5-4-Azure
libprotobuf-lite20-3.9.2-150200.4.19.2
Image SLES15-SP4-SAP-Hardened-EC2
libprotobuf-lite20-3.9.2-150200.4.19.2
Image SLES15-SP4-SUSE-Rancher-Setup-BYOS
libprotobuf-lite20-3.9.2-150200.4.19.2
Image SLES15-SP4-SUSE-Rancher-Setup-BYOS-EC2
libprotobuf-lite20-3.9.2-150200.4.19.2
Image SLES15-SP5-EC2-ECS-HVM
libprotobuf-lite20-3.9.2-150200.4.19.2
Image SLES15-SP5-HPC-EC2
libprotobuf-lite20-3.9.2-150200.4.19.2
Image SLES15-SP5-HPC-GCE
libprotobuf-lite20-3.9.2-150200.4.19.2
Image SLES15-SP5-SAP-Azure
libprotobuf-lite20-3.9.2-150200.4.19.2
Image SLES15-SP5-SAP-EC2
libprotobuf-lite20-3.9.2-150200.4.19.2
Image SLES15-SP5-SAP-GCE
libprotobuf-lite20-3.9.2-150200.4.19.2
Image SLES15-SP5-SAP-Hardened-EC2
libprotobuf-lite20-3.9.2-150200.4.19.2
SUSE Enterprise Storage 7
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf20-3.9.2-150200.4.19.2
libprotoc20-3.9.2-150200.4.19.2
protobuf-devel-3.9.2-150200.4.19.2
SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf20-3.9.2-150200.4.19.2
libprotoc20-3.9.2-150200.4.19.2
protobuf-devel-3.9.2-150200.4.19.2
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf20-3.9.2-150200.4.19.2
libprotoc20-3.9.2-150200.4.19.2
protobuf-devel-3.9.2-150200.4.19.2
SUSE Linux Enterprise Installer Updates 15 SP2
libprotobuf-lite20-3.9.2-150200.4.19.2
SUSE Linux Enterprise Micro 5.1
libprotobuf-lite20-3.9.2-150200.4.19.2
SUSE Linux Enterprise Micro 5.2
libprotobuf-lite20-3.9.2-150200.4.19.2
SUSE Linux Enterprise Micro 5.3
libprotobuf-lite20-3.9.2-150200.4.19.2
SUSE Linux Enterprise Module for Basesystem 15 SP3
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf20-3.9.2-150200.4.19.2
SUSE Linux Enterprise Module for Basesystem 15 SP4
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf20-3.9.2-150200.4.19.2
SUSE Linux Enterprise Module for Development Tools 15 SP3
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotoc20-3.9.2-150200.4.19.2
protobuf-devel-3.9.2-150200.4.19.2
SUSE Linux Enterprise Module for Development Tools 15 SP4
libprotoc20-3.9.2-150200.4.19.2
protobuf-devel-3.9.2-150200.4.19.2
SUSE Linux Enterprise Module for Package Hub 15 SP3
python2-protobuf-3.9.2-150200.4.19.2
python3-protobuf-3.9.2-150200.4.19.2
SUSE Linux Enterprise Module for Package Hub 15 SP4
python2-protobuf-3.9.2-150200.4.19.2
python3-protobuf-3.9.2-150200.4.19.2
SUSE Linux Enterprise Module for Public Cloud 15 SP2
python3-protobuf-3.9.2-150200.4.19.2
SUSE Linux Enterprise Module for Public Cloud 15 SP3
python3-protobuf-3.9.2-150200.4.19.2
SUSE Linux Enterprise Module for Public Cloud 15 SP4
python3-protobuf-3.9.2-150200.4.19.2
SUSE Linux Enterprise Server 15 SP2-BCL
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf20-3.9.2-150200.4.19.2
libprotoc20-3.9.2-150200.4.19.2
protobuf-devel-3.9.2-150200.4.19.2
SUSE Linux Enterprise Server 15 SP2-LTSS
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf20-3.9.2-150200.4.19.2
libprotoc20-3.9.2-150200.4.19.2
protobuf-devel-3.9.2-150200.4.19.2
SUSE Linux Enterprise Server for SAP Applications 15 SP2
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf20-3.9.2-150200.4.19.2
libprotoc20-3.9.2-150200.4.19.2
protobuf-devel-3.9.2-150200.4.19.2
SUSE Manager Proxy 4.1
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf20-3.9.2-150200.4.19.2
libprotoc20-3.9.2-150200.4.19.2
protobuf-devel-3.9.2-150200.4.19.2
SUSE Manager Retail Branch Server 4.1
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf20-3.9.2-150200.4.19.2
libprotoc20-3.9.2-150200.4.19.2
protobuf-devel-3.9.2-150200.4.19.2
SUSE Manager Server 4.1
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf20-3.9.2-150200.4.19.2
libprotoc20-3.9.2-150200.4.19.2
protobuf-devel-3.9.2-150200.4.19.2
SUSE Manager Server Module 4.1
protobuf-java-3.9.2-150200.4.19.2
SUSE Manager Server Module 4.2
protobuf-java-3.9.2-150200.4.19.2
SUSE Manager Server Module 4.3
protobuf-java-3.9.2-150200.4.19.2
openSUSE Leap 15.3
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf-lite20-32bit-3.9.2-150200.4.19.2
libprotobuf20-3.9.2-150200.4.19.2
libprotobuf20-32bit-3.9.2-150200.4.19.2
libprotoc20-3.9.2-150200.4.19.2
libprotoc20-32bit-3.9.2-150200.4.19.2
protobuf-devel-3.9.2-150200.4.19.2
protobuf-java-3.9.2-150200.4.19.2
protobuf-source-3.9.2-150200.4.19.2
python2-protobuf-3.9.2-150200.4.19.2
python3-protobuf-3.9.2-150200.4.19.2
openSUSE Leap 15.4
libprotobuf-lite20-3.9.2-150200.4.19.2
libprotobuf-lite20-32bit-3.9.2-150200.4.19.2
libprotobuf20-3.9.2-150200.4.19.2
libprotobuf20-32bit-3.9.2-150200.4.19.2
libprotoc20-3.9.2-150200.4.19.2
libprotoc20-32bit-3.9.2-150200.4.19.2
protobuf-devel-3.9.2-150200.4.19.2
protobuf-java-3.9.2-150200.4.19.2
protobuf-source-3.9.2-150200.4.19.2
python3-protobuf-3.9.2-150200.4.19.2
openSUSE Leap Micro 5.2
libprotobuf-lite20-3.9.2-150200.4.19.2
Ссылки
- Link for SUSE-SU-2022:3922-1
- E-Mail link for SUSE-SU-2022:3922-1
- SUSE Security Ratings
- SUSE Bug 1194530
- SUSE Bug 1203681
- SUSE Bug 1204256
- SUSE CVE CVE-2021-22569 page
- SUSE CVE CVE-2022-1941 page
- SUSE CVE CVE-2022-3171 page
Описание
An issue in protobuf-java allowed the interleaving of com.google.protobuf.UnknownFieldSet fields in such a way that would be processed out of order. A small malicious payload can occupy the parser for several minutes by creating large numbers of short-lived objects that cause frequent, repeated pauses. We recommend upgrading libraries beyond the vulnerable versions.
Затронутые продукты
Container bci/bci-init:15.3:libprotobuf-lite20-3.9.2-150200.4.19.2
Container bci/node:12:libprotobuf-lite20-3.9.2-150200.4.19.2
Container bci/python:3:libprotobuf-lite20-3.9.2-150200.4.19.2
Container ses/7.1/ceph/grafana:latest:libprotobuf-lite20-3.9.2-150200.4.19.2
Ссылки
- CVE-2021-22569
- SUSE Bug 1194530
Описание
A parsing vulnerability for the MessageSet type in the ProtocolBuffers versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 3.21.5 for protobuf-cpp, and versions prior to and including 3.16.1, 3.17.3, 3.18.2, 3.19.4, 3.20.1 and 4.21.5 for protobuf-python can lead to out of memory failures. A specially crafted message with multiple key-value per elements creates parsing issues, and can lead to a Denial of Service against services receiving unsanitized input. We recommend upgrading to versions 3.18.3, 3.19.5, 3.20.2, 3.21.6 for protobuf-cpp and 3.18.3, 3.19.5, 3.20.2, 4.21.6 for protobuf-python. Versions for 3.16 and 3.17 are no longer updated.
Затронутые продукты
Container bci/bci-init:15.3:libprotobuf-lite20-3.9.2-150200.4.19.2
Container bci/node:12:libprotobuf-lite20-3.9.2-150200.4.19.2
Container bci/python:3:libprotobuf-lite20-3.9.2-150200.4.19.2
Container ses/7.1/ceph/grafana:latest:libprotobuf-lite20-3.9.2-150200.4.19.2
Ссылки
- CVE-2022-1941
- SUSE Bug 1203681
- SUSE Bug 1205141
Описание
A parsing issue with binary data in protobuf-java core and lite versions prior to 3.21.7, 3.20.3, 3.19.6 and 3.16.3 can lead to a denial of service attack. Inputs containing multiple instances of non-repeated embedded messages with repeated or unknown fields causes objects to be converted back-n-forth between mutable and immutable forms, resulting in potentially long garbage collection pauses. We recommend updating to the versions mentioned above.
Затронутые продукты
Container bci/bci-init:15.3:libprotobuf-lite20-3.9.2-150200.4.19.2
Container bci/node:12:libprotobuf-lite20-3.9.2-150200.4.19.2
Container bci/python:3:libprotobuf-lite20-3.9.2-150200.4.19.2
Container ses/7.1/ceph/grafana:latest:libprotobuf-lite20-3.9.2-150200.4.19.2
Ссылки
- CVE-2022-3171
- SUSE Bug 1204256
- SUSE Bug 1206544
- SUSE Bug 1206545