Security update for patch SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2022:1925-1 Final 1 1 2022-06-02T12:35:31Z current 2022-06-02T12:35:31Z 2022-06-02T12:35:31Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for patch This update for patch fixes the following issues: Security issues fixed: - CVE-2019-13636: Fixed follow symlinks unless --follow-symlinks is given. This increases the security against malicious patches (bsc#1142041). - CVE-2018-6952: Fixed swapping fakelines in pch_swap. This bug was causing a double free leading to a crash (bsc#1080985). Bugfixes: - Abort when cleaning up fails. This bug could cause an infinite loop when a patch wouldn't apply, leading to a segmentation fault (bsc#1111572). - Pass the correct stat to backup files. This bug would occasionally cause backup files to be missing when all hunks failed to apply (bsc#1198106). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Container bci/bci-sle15-kernel-module-devel:15.5-2022-1925,Container bci/spack:0.23-2022-1925,Container suse/manager/5.0/x86_64/server:latest-2022-1925,Container suse/multi-linux-manager/5.1/x86_64/server:latest-2022-1925,Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure-2022-1925,Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM-2022-1925,Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE-2022-1925,Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure-2022-1925,Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM-2022-1925,Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE-2022-1925,Image SLES15-SP3-SAPCAL-Azure-2022-1925,Image SLES15-SP3-SAPCAL-EC2-HVM-2022-1925,Image SLES15-SP3-SAPCAL-GCE-2022-1925,Image SLES15-SP4-Manager-Proxy-4-3-BYOS-2022-1925,Image SLES15-SP4-Manager-Proxy-4-3-BYOS-Azure-2022-1925,Image SLES15-SP4-Manager-Proxy-4-3-BYOS-EC2-2022-1925,Image SLES15-SP4-Manager-Proxy-4-3-BYOS-GCE-2022-1925,Image SLES15-SP4-Manager-Server-4-3-2022-1925,Image SLES15-SP4-Manager-Server-4-3-Azure-llc-2022-1925,Image SLES15-SP4-Manager-Server-4-3-Azure-ltd-2022-1925,Image SLES15-SP4-Manager-Server-4-3-BYOS-2022-1925,Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure-2022-1925,Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2-2022-1925,Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE-2022-1925,Image SLES15-SP4-Manager-Server-4-3-EC2-llc-2022-1925,Image SLES15-SP4-Manager-Server-4-3-EC2-ltd-2022-1925,Image SLES15-SP4-SAP-2022-1925,Image SLES15-SP4-SAP-Azure-2022-1925,Image SLES15-SP4-SAP-EC2-2022-1925,Image SLES15-SP4-SAP-GCE-2022-1925,Image SLES15-SP4-SAPCAL-2022-1925,Image SLES15-SP4-SAPCAL-Azure-2022-1925,Image SLES15-SP4-SAPCAL-EC2-2022-1925,Image SLES15-SP4-SAPCAL-GCE-2022-1925,Image SLES15-SP5-SAP-Azure-2022-1925,Image SLES15-SP5-SAP-EC2-2022-1925,Image SLES15-SP5-SAP-GCE-2022-1925,Image SLES15-SP5-SAPCAL-Azure-2022-1925,Image SLES15-SP5-SAPCAL-EC2-2022-1925,Image SLES15-SP5-SAPCAL-GCE-2022-1925,Image SLES15-SP6-SAP-2022-1925,Image SLES15-SP6-SAP-Azure-2022-1925,Image SLES15-SP6-SAP-EC2-2022-1925,Image SLES15-SP6-SAP-GCE-2022-1925,Image SLES15-SP6-SAPCAL-2022-1925,Image SLES15-SP6-SAPCAL-Azure-2022-1925,Image SLES15-SP6-SAPCAL-EC2-2022-1925,Image SLES15-SP6-SAPCAL-GCE-2022-1925,Image SLES15-SP7-SAPCAL-Azure-2022-1925,Image SLES15-SP7-SAPCAL-EC2-2022-1925,Image SLES15-SP7-SAPCAL-GCE-2022-1925,Image server-image-2022-1925,SUSE-2022-1925,SUSE-SLE-Module-Basesystem-15-SP3-2022-1925,SUSE-SLE-Module-Basesystem-15-SP4-2022-1925,openSUSE-SLE-15.3-2022-1925,openSUSE-SLE-15.4-2022-1925 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2022/suse-su-20221925-1/ Link for SUSE-SU-2022:1925-1 https://lists.suse.com/pipermail/sle-security-updates/2022-June/011225.html E-Mail link for SUSE-SU-2022:1925-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1080985 SUSE Bug 1080985 https://bugzilla.suse.com/1111572 SUSE Bug 1111572 https://bugzilla.suse.com/1142041 SUSE Bug 1142041 https://bugzilla.suse.com/1198106 SUSE Bug 1198106 https://www.suse.com/security/cve/CVE-2018-6952/ SUSE CVE CVE-2018-6952 page https://www.suse.com/security/cve/CVE-2019-13636/ SUSE CVE CVE-2019-13636 page Container bci/bci-sle15-kernel-module-devel:15.5 Container bci/spack:0.23 Container suse/manager/5.0/x86_64/server:latest Container suse/multi-linux-manager/5.1/x86_64/server:latest Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE Image SLES15-SP3-SAPCAL-Azure Image SLES15-SP3-SAPCAL-EC2-HVM Image SLES15-SP3-SAPCAL-GCE Image SLES15-SP4-Manager-Proxy-4-3-BYOS Image SLES15-SP4-Manager-Proxy-4-3-BYOS-Azure Image SLES15-SP4-Manager-Proxy-4-3-BYOS-EC2 Image SLES15-SP4-Manager-Proxy-4-3-BYOS-GCE Image SLES15-SP4-Manager-Server-4-3 Image SLES15-SP4-Manager-Server-4-3-Azure-llc Image SLES15-SP4-Manager-Server-4-3-Azure-ltd Image SLES15-SP4-Manager-Server-4-3-BYOS Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2 Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE Image SLES15-SP4-Manager-Server-4-3-EC2-llc Image SLES15-SP4-Manager-Server-4-3-EC2-ltd Image SLES15-SP4-SAP Image SLES15-SP4-SAP-Azure Image SLES15-SP4-SAP-EC2 Image SLES15-SP4-SAP-GCE Image SLES15-SP4-SAPCAL Image SLES15-SP4-SAPCAL-Azure Image SLES15-SP4-SAPCAL-EC2 Image SLES15-SP4-SAPCAL-GCE Image SLES15-SP5-SAP-Azure Image SLES15-SP5-SAP-EC2 Image SLES15-SP5-SAP-GCE Image SLES15-SP5-SAPCAL-Azure Image SLES15-SP5-SAPCAL-EC2 Image SLES15-SP5-SAPCAL-GCE Image SLES15-SP6-SAP Image SLES15-SP6-SAP-Azure Image SLES15-SP6-SAP-EC2 Image SLES15-SP6-SAP-GCE Image SLES15-SP6-SAPCAL Image SLES15-SP6-SAPCAL-Azure Image SLES15-SP6-SAPCAL-EC2 Image SLES15-SP6-SAPCAL-GCE Image SLES15-SP7-SAPCAL-Azure Image SLES15-SP7-SAPCAL-EC2 Image SLES15-SP7-SAPCAL-GCE Image server-image SUSE Linux Enterprise Module for Basesystem 15 SP3 SUSE Linux Enterprise Module for Basesystem 15 SP4 openSUSE Leap 15.3 openSUSE Leap 15.4 patch-2.7.6-150000.5.3.1 patch-2.7.6-150000.5.3.1 as a component of Container bci/bci-sle15-kernel-module-devel:15.5 patch-2.7.6-150000.5.3.1 as a component of Container bci/spack:0.23 patch-2.7.6-150000.5.3.1 as a component of Container suse/manager/5.0/x86_64/server:latest patch-2.7.6-150000.5.3.1 as a component of Container suse/multi-linux-manager/5.1/x86_64/server:latest patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP3-SAPCAL-Azure patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP3-SAPCAL-EC2-HVM patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP3-SAPCAL-GCE patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP4-Manager-Proxy-4-3-BYOS patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP4-Manager-Proxy-4-3-BYOS-Azure patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP4-Manager-Proxy-4-3-BYOS-EC2 patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP4-Manager-Proxy-4-3-BYOS-GCE patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP4-Manager-Server-4-3 patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP4-Manager-Server-4-3-Azure-llc patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP4-Manager-Server-4-3-Azure-ltd patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP4-Manager-Server-4-3-BYOS patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2 patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP4-Manager-Server-4-3-EC2-llc patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP4-Manager-Server-4-3-EC2-ltd patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP4-SAP patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP4-SAP-Azure patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP4-SAP-EC2 patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP4-SAP-GCE patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP4-SAPCAL patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP4-SAPCAL-Azure patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP4-SAPCAL-EC2 patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP4-SAPCAL-GCE patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP5-SAP-Azure patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP5-SAP-EC2 patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP5-SAP-GCE patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP5-SAPCAL-Azure patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP5-SAPCAL-EC2 patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP5-SAPCAL-GCE patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP6-SAP patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP6-SAP-Azure patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP6-SAP-EC2 patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP6-SAP-GCE patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP6-SAPCAL patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP6-SAPCAL-Azure patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP6-SAPCAL-EC2 patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP6-SAPCAL-GCE patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP7-SAPCAL-Azure patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP7-SAPCAL-EC2 patch-2.7.6-150000.5.3.1 as a component of Image SLES15-SP7-SAPCAL-GCE patch-2.7.6-150000.5.3.1 as a component of Image server-image patch-2.7.6-150000.5.3.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP3 patch-2.7.6-150000.5.3.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP4 patch-2.7.6-150000.5.3.1 as a component of openSUSE Leap 15.3 patch-2.7.6-150000.5.3.1 as a component of openSUSE Leap 15.4 A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6. CVE-2018-6952 Container bci/bci-sle15-kernel-module-devel:15.5:patch-2.7.6-150000.5.3.1 Container bci/spack:0.23:patch-2.7.6-150000.5.3.1 Container suse/manager/5.0/x86_64/server:latest:patch-2.7.6-150000.5.3.1 Container suse/multi-linux-manager/5.1/x86_64/server:latest:patch-2.7.6-150000.5.3.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:patch-2.7.6-150000.5.3.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:patch-2.7.6-150000.5.3.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:patch-2.7.6-150000.5.3.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:patch-2.7.6-150000.5.3.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:patch-2.7.6-150000.5.3.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:patch-2.7.6-150000.5.3.1 Image SLES15-SP3-SAPCAL-Azure:patch-2.7.6-150000.5.3.1 Image SLES15-SP3-SAPCAL-EC2-HVM:patch-2.7.6-150000.5.3.1 Image SLES15-SP3-SAPCAL-GCE:patch-2.7.6-150000.5.3.1 Image SLES15-SP4-Manager-Proxy-4-3-BYOS-Azure:patch-2.7.6-150000.5.3.1 Image SLES15-SP4-Manager-Proxy-4-3-BYOS-EC2:patch-2.7.6-150000.5.3.1 Image SLES15-SP4-Manager-Proxy-4-3-BYOS-GCE:patch-2.7.6-150000.5.3.1 Image SLES15-SP4-Manager-Proxy-4-3-BYOS:patch-2.7.6-150000.5.3.1 Image SLES15-SP4-Manager-Server-4-3-Azure-llc:patch-2.7.6-150000.5.3.1 Image SLES15-SP4-Manager-Server-4-3-Azure-ltd:patch-2.7.6-150000.5.3.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure:patch-2.7.6-150000.5.3.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2:patch-2.7.6-150000.5.3.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE:patch-2.7.6-150000.5.3.1 Image SLES15-SP4-Manager-Server-4-3-BYOS:patch-2.7.6-150000.5.3.1 Image SLES15-SP4-Manager-Server-4-3-EC2-llc:patch-2.7.6-150000.5.3.1 Image SLES15-SP4-Manager-Server-4-3-EC2-ltd:patch-2.7.6-150000.5.3.1 Image SLES15-SP4-Manager-Server-4-3:patch-2.7.6-150000.5.3.1 Image SLES15-SP4-SAP-Azure:patch-2.7.6-150000.5.3.1 Image SLES15-SP4-SAP-EC2:patch-2.7.6-150000.5.3.1 Image SLES15-SP4-SAP-GCE:patch-2.7.6-150000.5.3.1 Image SLES15-SP4-SAP:patch-2.7.6-150000.5.3.1 Image SLES15-SP4-SAPCAL-Azure:patch-2.7.6-150000.5.3.1 Image SLES15-SP4-SAPCAL-EC2:patch-2.7.6-150000.5.3.1 Image SLES15-SP4-SAPCAL-GCE:patch-2.7.6-150000.5.3.1 Image SLES15-SP4-SAPCAL:patch-2.7.6-150000.5.3.1 Image SLES15-SP5-SAP-Azure:patch-2.7.6-150000.5.3.1 Image SLES15-SP5-SAP-EC2:patch-2.7.6-150000.5.3.1 Image SLES15-SP5-SAP-GCE:patch-2.7.6-150000.5.3.1 Image SLES15-SP5-SAPCAL-Azure:patch-2.7.6-150000.5.3.1 Image SLES15-SP5-SAPCAL-EC2:patch-2.7.6-150000.5.3.1 Image SLES15-SP5-SAPCAL-GCE:patch-2.7.6-150000.5.3.1 Image SLES15-SP6-SAP-Azure:patch-2.7.6-150000.5.3.1 Image SLES15-SP6-SAP-EC2:patch-2.7.6-150000.5.3.1 Image SLES15-SP6-SAP-GCE:patch-2.7.6-150000.5.3.1 Image SLES15-SP6-SAP:patch-2.7.6-150000.5.3.1 Image SLES15-SP6-SAPCAL-Azure:patch-2.7.6-150000.5.3.1 Image SLES15-SP6-SAPCAL-EC2:patch-2.7.6-150000.5.3.1 Image SLES15-SP6-SAPCAL-GCE:patch-2.7.6-150000.5.3.1 Image SLES15-SP6-SAPCAL:patch-2.7.6-150000.5.3.1 Image SLES15-SP7-SAPCAL-Azure:patch-2.7.6-150000.5.3.1 Image SLES15-SP7-SAPCAL-EC2:patch-2.7.6-150000.5.3.1 Image SLES15-SP7-SAPCAL-GCE:patch-2.7.6-150000.5.3.1 Image server-image:patch-2.7.6-150000.5.3.1 SUSE Linux Enterprise Module for Basesystem 15 SP3:patch-2.7.6-150000.5.3.1 SUSE Linux Enterprise Module for Basesystem 15 SP4:patch-2.7.6-150000.5.3.1 openSUSE Leap 15.3:patch-2.7.6-150000.5.3.1 openSUSE Leap 15.4:patch-2.7.6-150000.5.3.1 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20221925-1/ https://www.suse.com/security/cve/CVE-2018-6952.html CVE-2018-6952 https://bugzilla.suse.com/1080985 SUSE Bug 1080985 https://bugzilla.suse.com/1167721 SUSE Bug 1167721 In GNU patch through 2.7.6, the following of symlinks is mishandled in certain cases other than input files. This affects inp.c and util.c. CVE-2019-13636 Container bci/bci-sle15-kernel-module-devel:15.5:patch-2.7.6-150000.5.3.1 Container bci/spack:0.23:patch-2.7.6-150000.5.3.1 Container suse/manager/5.0/x86_64/server:latest:patch-2.7.6-150000.5.3.1 Container suse/multi-linux-manager/5.1/x86_64/server:latest:patch-2.7.6-150000.5.3.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure:patch-2.7.6-150000.5.3.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM:patch-2.7.6-150000.5.3.1 Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE:patch-2.7.6-150000.5.3.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure:patch-2.7.6-150000.5.3.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM:patch-2.7.6-150000.5.3.1 Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE:patch-2.7.6-150000.5.3.1 Image SLES15-SP3-SAPCAL-Azure:patch-2.7.6-150000.5.3.1 Image SLES15-SP3-SAPCAL-EC2-HVM:patch-2.7.6-150000.5.3.1 Image SLES15-SP3-SAPCAL-GCE:patch-2.7.6-150000.5.3.1 Image SLES15-SP4-Manager-Proxy-4-3-BYOS-Azure:patch-2.7.6-150000.5.3.1 Image SLES15-SP4-Manager-Proxy-4-3-BYOS-EC2:patch-2.7.6-150000.5.3.1 Image SLES15-SP4-Manager-Proxy-4-3-BYOS-GCE:patch-2.7.6-150000.5.3.1 Image SLES15-SP4-Manager-Proxy-4-3-BYOS:patch-2.7.6-150000.5.3.1 Image SLES15-SP4-Manager-Server-4-3-Azure-llc:patch-2.7.6-150000.5.3.1 Image SLES15-SP4-Manager-Server-4-3-Azure-ltd:patch-2.7.6-150000.5.3.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure:patch-2.7.6-150000.5.3.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2:patch-2.7.6-150000.5.3.1 Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE:patch-2.7.6-150000.5.3.1 Image SLES15-SP4-Manager-Server-4-3-BYOS:patch-2.7.6-150000.5.3.1 Image SLES15-SP4-Manager-Server-4-3-EC2-llc:patch-2.7.6-150000.5.3.1 Image SLES15-SP4-Manager-Server-4-3-EC2-ltd:patch-2.7.6-150000.5.3.1 Image SLES15-SP4-Manager-Server-4-3:patch-2.7.6-150000.5.3.1 Image SLES15-SP4-SAP-Azure:patch-2.7.6-150000.5.3.1 Image SLES15-SP4-SAP-EC2:patch-2.7.6-150000.5.3.1 Image SLES15-SP4-SAP-GCE:patch-2.7.6-150000.5.3.1 Image SLES15-SP4-SAP:patch-2.7.6-150000.5.3.1 Image SLES15-SP4-SAPCAL-Azure:patch-2.7.6-150000.5.3.1 Image SLES15-SP4-SAPCAL-EC2:patch-2.7.6-150000.5.3.1 Image SLES15-SP4-SAPCAL-GCE:patch-2.7.6-150000.5.3.1 Image SLES15-SP4-SAPCAL:patch-2.7.6-150000.5.3.1 Image SLES15-SP5-SAP-Azure:patch-2.7.6-150000.5.3.1 Image SLES15-SP5-SAP-EC2:patch-2.7.6-150000.5.3.1 Image SLES15-SP5-SAP-GCE:patch-2.7.6-150000.5.3.1 Image SLES15-SP5-SAPCAL-Azure:patch-2.7.6-150000.5.3.1 Image SLES15-SP5-SAPCAL-EC2:patch-2.7.6-150000.5.3.1 Image SLES15-SP5-SAPCAL-GCE:patch-2.7.6-150000.5.3.1 Image SLES15-SP6-SAP-Azure:patch-2.7.6-150000.5.3.1 Image SLES15-SP6-SAP-EC2:patch-2.7.6-150000.5.3.1 Image SLES15-SP6-SAP-GCE:patch-2.7.6-150000.5.3.1 Image SLES15-SP6-SAP:patch-2.7.6-150000.5.3.1 Image SLES15-SP6-SAPCAL-Azure:patch-2.7.6-150000.5.3.1 Image SLES15-SP6-SAPCAL-EC2:patch-2.7.6-150000.5.3.1 Image SLES15-SP6-SAPCAL-GCE:patch-2.7.6-150000.5.3.1 Image SLES15-SP6-SAPCAL:patch-2.7.6-150000.5.3.1 Image SLES15-SP7-SAPCAL-Azure:patch-2.7.6-150000.5.3.1 Image SLES15-SP7-SAPCAL-EC2:patch-2.7.6-150000.5.3.1 Image SLES15-SP7-SAPCAL-GCE:patch-2.7.6-150000.5.3.1 Image server-image:patch-2.7.6-150000.5.3.1 SUSE Linux Enterprise Module for Basesystem 15 SP3:patch-2.7.6-150000.5.3.1 SUSE Linux Enterprise Module for Basesystem 15 SP4:patch-2.7.6-150000.5.3.1 openSUSE Leap 15.3:patch-2.7.6-150000.5.3.1 openSUSE Leap 15.4:patch-2.7.6-150000.5.3.1 moderate 5.8 AV:N/AC:M/Au:N/C:N/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2022/suse-su-20221925-1/ https://www.suse.com/security/cve/CVE-2019-13636.html CVE-2019-13636 https://bugzilla.suse.com/1142041 SUSE Bug 1142041