{"affected":[{"ecosystem_specific":{"binaries":[{"warewulf4":"4.6.0-150500.6.34.1","warewulf4-dracut":"4.6.0-150500.6.34.1","warewulf4-man":"4.6.0-150500.6.34.1","warewulf4-overlay":"4.6.0-150500.6.34.1","warewulf4-overlay-slurm":"4.6.0-150500.6.34.1","warewulf4-reference-doc":"4.6.0-150500.6.34.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for HPC 15 SP6","name":"warewulf4","purl":"pkg:rpm/suse/warewulf4&distro=SUSE%20Linux%20Enterprise%20Module%20for%20HPC%2015%20SP6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.6.0-150500.6.34.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"warewulf4":"4.6.0-150500.6.34.1","warewulf4-dracut":"4.6.0-150500.6.34.1","warewulf4-man":"4.6.0-150500.6.34.1","warewulf4-overlay":"4.6.0-150500.6.34.1","warewulf4-overlay-slurm":"4.6.0-150500.6.34.1","warewulf4-reference-doc":"4.6.0-150500.6.34.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP5-ESPOS","name":"warewulf4","purl":"pkg:rpm/suse/warewulf4&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.6.0-150500.6.34.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"warewulf4":"4.6.0-150500.6.34.1","warewulf4-dracut":"4.6.0-150500.6.34.1","warewulf4-man":"4.6.0-150500.6.34.1","warewulf4-overlay":"4.6.0-150500.6.34.1","warewulf4-overlay-slurm":"4.6.0-150500.6.34.1","warewulf4-reference-doc":"4.6.0-150500.6.34.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP5-LTSS","name":"warewulf4","purl":"pkg:rpm/suse/warewulf4&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.6.0-150500.6.34.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"warewulf4":"4.6.0-150500.6.34.1","warewulf4-dracut":"4.6.0-150500.6.34.1","warewulf4-man":"4.6.0-150500.6.34.1","warewulf4-overlay":"4.6.0-150500.6.34.1","warewulf4-overlay-slurm":"4.6.0-150500.6.34.1","warewulf4-reference-doc":"4.6.0-150500.6.34.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.6","name":"warewulf4","purl":"pkg:rpm/opensuse/warewulf4&distro=openSUSE%20Leap%2015.6"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.6.0-150500.6.34.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for warewulf4 fixes the following issues:\n\nwarewulf4 was updated from version 4.5.8 to 4.6.0:\n\n- Security issues fixed for version 4.6.0:\n\n  * CVE-2025-22869: Fixed Denial of Service vulnerability in the Key Exchange of golang.org/x/crypto/ssh (bsc#1239322)\n  * CVE-2025-22870: Fixed proxy bypass using IPv6 zone IDs (bsc#1238611)\n\n- User visible changes:\n\n  * Default values `nodes.conf`:\n    \n    + The default values for `kernel command line`, `init parameters` and `root` are now set in the `default` profile\n      and this profileshould be included in every profile.\n      During the installation of an update an upgrade is done to `nodes.conf` which updates the database accordingly.\n\n  * Overlay split up:\n\n    + The overlays `wwinit` and `runtime` are now split up in different overlays named according to their role.\n      The upgrade process will update the node database and replace the overlays `wwinit` and `runtime` with a list\n      of overlays with same role.\n\n  * Site and distribution overlays:\n\n    + The overlays in `/var/lib/warewulf/overlays` should not be changed by the user any more. \n      Site specific overlays are now sorted under `/etc/warewulf/overlays`.\n      On upgrade, changed overlays are stored with the `rpmsave` suffix and move to \n      `/etc/warewulf/overlays/$OVERLAYNAME`.\n \n- Other changes and bugs fixed:\n\n  * Fixed udev issue with assigning device names (bsc#1226654)\n  * Implemented new package `warewulf-reference-doc` with the reference documentation for Warewulf 4 as PDF\n  * The configuation files nodes.conf and warewulf.conf will be updated on upgrade and the unmodified configuration\n    files will be saved as nodes.conf.4.5.x and warewulf.conf.4.5.x\n\n- Summary of upstream changes:\n\n  * New configuration upgrade system\n  * Changes to the default profile\n  * Renamed containers to (node) images\n  * New kernel management system\n  * Parallel overlay builds\n  * Sprig functions in overlay templates\n  * Improved network overlays\n  * Nested profiles\n  * Arbitrary 'resources' data in nodes.conf\n  * NFS client configuration in nodes.conf\n  * Emphatically optional syncuser\n  * Improved network boot observability\n  * Particularly significant changes, especially those affecting the user interface, \n    are described in the release notes:\n\n    + https://warewulf.org/docs/v4.6.x/release/v4.6.0.html\n  \n","id":"SUSE-SU-2025:1094-1","modified":"2025-04-02T03:37:36Z","published":"2025-04-02T03:37:36Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2025/suse-su-20251094-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1226654"},{"type":"REPORT","url":"https://bugzilla.suse.com/1238611"},{"type":"REPORT","url":"https://bugzilla.suse.com/1239322"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22869"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-22870"}],"related":["CVE-2025-22869","CVE-2025-22870"],"summary":"Security update for warewulf4","upstream":["CVE-2025-22869","CVE-2025-22870"]}