Security update for sysstat SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2020:0026-2 Final 1 1 2022-07-04T15:04:08Z current 2022-07-04T15:04:08Z 2022-07-04T15:04:08Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for sysstat This update for sysstat fixes the following issues: Security issue fixed: - CVE-2019-19725: Fixed double free in check_file_actlst in sa_common.c (bsc#1159104). Bug fixes: - Enable log information of starting/stoping services. (bsc#1144923, jsc#SLE-5958) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). HPE-Helion-OpenStack-8-2022-2261,Image SLES12-SP5-Azure-SAP-BYOS-2020-26,Image SLES12-SP5-Azure-SAP-On-Demand-2020-26,Image SLES12-SP5-EC2-SAP-BYOS-2020-26,Image SLES12-SP5-EC2-SAP-On-Demand-2020-26,Image SLES12-SP5-GCE-SAP-BYOS-2020-26,Image SLES12-SP5-GCE-SAP-On-Demand-2020-26,Image SLES12-SP5-OCI-BYOS-SAP-BYOS-2020-26,Image SLES12-SP5-SAP-Azure-LI-BYOS-Production-2020-26,Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production-2020-26,SUSE-2020-26,SUSE-OpenStack-Cloud-8-2022-2261,SUSE-OpenStack-Cloud-9-2022-2261,SUSE-OpenStack-Cloud-Crowbar-8-2022-2261,SUSE-OpenStack-Cloud-Crowbar-9-2022-2261,SUSE-SLE-SAP-12-SP3-2022-2261,SUSE-SLE-SAP-12-SP4-2022-2261,SUSE-SLE-SERVER-12-SP2-BCL-2022-2261,SUSE-SLE-SERVER-12-SP3-2022-2261,SUSE-SLE-SERVER-12-SP3-BCL-2022-2261 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2020/suse-su-20200026-2/ Link for SUSE-SU-2020:0026-2 https://lists.suse.com/pipermail/sle-security-updates/2022-July/011392.html E-Mail link for SUSE-SU-2020:0026-2 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1144923 SUSE Bug 1144923 https://bugzilla.suse.com/1159104 SUSE Bug 1159104 https://www.suse.com/security/cve/CVE-2019-19725/ SUSE CVE CVE-2019-19725 page HPE Helion OpenStack 8 Image SLES12-SP5-Azure-SAP-BYOS Image SLES12-SP5-Azure-SAP-On-Demand Image SLES12-SP5-EC2-SAP-BYOS Image SLES12-SP5-EC2-SAP-On-Demand Image SLES12-SP5-GCE-SAP-BYOS Image SLES12-SP5-GCE-SAP-On-Demand Image SLES12-SP5-OCI-BYOS-SAP-BYOS Image SLES12-SP5-SAP-Azure-LI-BYOS-Production Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud 9 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 sysstat-12.0.2-10.36.1 sysstat-isag-12.0.2-10.36.1 sysstat-12.0.2-10.36.1 as a component of HPE Helion OpenStack 8 sysstat-isag-12.0.2-10.36.1 as a component of HPE Helion OpenStack 8 sysstat-12.0.2-10.36.1 as a component of Image SLES12-SP5-Azure-SAP-BYOS sysstat-12.0.2-10.36.1 as a component of Image SLES12-SP5-Azure-SAP-On-Demand sysstat-12.0.2-10.36.1 as a component of Image SLES12-SP5-EC2-SAP-BYOS sysstat-12.0.2-10.36.1 as a component of Image SLES12-SP5-EC2-SAP-On-Demand sysstat-12.0.2-10.36.1 as a component of Image SLES12-SP5-GCE-SAP-BYOS sysstat-12.0.2-10.36.1 as a component of Image SLES12-SP5-GCE-SAP-On-Demand sysstat-12.0.2-10.36.1 as a component of Image SLES12-SP5-OCI-BYOS-SAP-BYOS sysstat-12.0.2-10.36.1 as a component of Image SLES12-SP5-SAP-Azure-LI-BYOS-Production sysstat-12.0.2-10.36.1 as a component of Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production sysstat-12.0.2-10.36.1 as a component of SUSE Linux Enterprise Server 12 SP2-BCL sysstat-isag-12.0.2-10.36.1 as a component of SUSE Linux Enterprise Server 12 SP2-BCL sysstat-12.0.2-10.36.1 as a component of SUSE Linux Enterprise Server 12 SP3-BCL sysstat-isag-12.0.2-10.36.1 as a component of SUSE Linux Enterprise Server 12 SP3-BCL sysstat-12.0.2-10.36.1 as a component of SUSE Linux Enterprise Server 12 SP3-LTSS sysstat-isag-12.0.2-10.36.1 as a component of SUSE Linux Enterprise Server 12 SP3-LTSS sysstat-12.0.2-10.36.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 sysstat-isag-12.0.2-10.36.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP3 sysstat-12.0.2-10.36.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 sysstat-isag-12.0.2-10.36.1 as a component of SUSE Linux Enterprise Server for SAP Applications 12 SP4 sysstat-12.0.2-10.36.1 as a component of SUSE OpenStack Cloud 8 sysstat-isag-12.0.2-10.36.1 as a component of SUSE OpenStack Cloud 8 sysstat-12.0.2-10.36.1 as a component of SUSE OpenStack Cloud 9 sysstat-isag-12.0.2-10.36.1 as a component of SUSE OpenStack Cloud 9 sysstat-12.0.2-10.36.1 as a component of SUSE OpenStack Cloud Crowbar 8 sysstat-isag-12.0.2-10.36.1 as a component of SUSE OpenStack Cloud Crowbar 8 sysstat-12.0.2-10.36.1 as a component of SUSE OpenStack Cloud Crowbar 9 sysstat-isag-12.0.2-10.36.1 as a component of SUSE OpenStack Cloud Crowbar 9 sysstat through 12.2.0 has a double free in check_file_actlst in sa_common.c. CVE-2019-19725 HPE Helion OpenStack 8:sysstat-12.0.2-10.36.1 HPE Helion OpenStack 8:sysstat-isag-12.0.2-10.36.1 Image SLES12-SP5-Azure-SAP-BYOS:sysstat-12.0.2-10.36.1 Image SLES12-SP5-Azure-SAP-On-Demand:sysstat-12.0.2-10.36.1 Image SLES12-SP5-EC2-SAP-BYOS:sysstat-12.0.2-10.36.1 Image SLES12-SP5-EC2-SAP-On-Demand:sysstat-12.0.2-10.36.1 Image SLES12-SP5-GCE-SAP-BYOS:sysstat-12.0.2-10.36.1 Image SLES12-SP5-GCE-SAP-On-Demand:sysstat-12.0.2-10.36.1 Image SLES12-SP5-OCI-BYOS-SAP-BYOS:sysstat-12.0.2-10.36.1 Image SLES12-SP5-SAP-Azure-LI-BYOS-Production:sysstat-12.0.2-10.36.1 Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production:sysstat-12.0.2-10.36.1 SUSE Linux Enterprise Server 12 SP2-BCL:sysstat-12.0.2-10.36.1 SUSE Linux Enterprise Server 12 SP2-BCL:sysstat-isag-12.0.2-10.36.1 SUSE Linux Enterprise Server 12 SP3-BCL:sysstat-12.0.2-10.36.1 SUSE Linux Enterprise Server 12 SP3-BCL:sysstat-isag-12.0.2-10.36.1 SUSE Linux Enterprise Server 12 SP3-LTSS:sysstat-12.0.2-10.36.1 SUSE Linux Enterprise Server 12 SP3-LTSS:sysstat-isag-12.0.2-10.36.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:sysstat-12.0.2-10.36.1 SUSE Linux Enterprise Server for SAP Applications 12 SP3:sysstat-isag-12.0.2-10.36.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:sysstat-12.0.2-10.36.1 SUSE Linux Enterprise Server for SAP Applications 12 SP4:sysstat-isag-12.0.2-10.36.1 SUSE OpenStack Cloud 8:sysstat-12.0.2-10.36.1 SUSE OpenStack Cloud 8:sysstat-isag-12.0.2-10.36.1 SUSE OpenStack Cloud 9:sysstat-12.0.2-10.36.1 SUSE OpenStack Cloud 9:sysstat-isag-12.0.2-10.36.1 SUSE OpenStack Cloud Crowbar 8:sysstat-12.0.2-10.36.1 SUSE OpenStack Cloud Crowbar 8:sysstat-isag-12.0.2-10.36.1 SUSE OpenStack Cloud Crowbar 9:sysstat-12.0.2-10.36.1 SUSE OpenStack Cloud Crowbar 9:sysstat-isag-12.0.2-10.36.1 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2020/suse-su-20200026-2/ https://www.suse.com/security/cve/CVE-2019-19725.html CVE-2019-19725 https://bugzilla.suse.com/1159104 SUSE Bug 1159104 https://bugzilla.suse.com/1201108 SUSE Bug 1201108