Dear all,
经社区Release SIG、QA SIG及 CICD
SIG 评估,openEuler-20.03-LTS-SP1、openEuler-20.03-LTS-SP3、openEuler-22.03-LTS及openEuler-22.03-LTS-SP1
update版本满足版本出口质量,现进行发布公示。
本公示分为六部分:
1、openEuler-20.03-LTS-SP1 Update 20230621发布情况及待修复缺陷
2、openEuler-20.03-LTS-SP3 Update 20230621发布情况及待修复缺陷
3、openEuler-22.03-LTS Update 20230621发布情况及待修复缺陷
4、openEuler-22.03-LTS-SP1 Update 20230621发布情况及待修复缺陷
5、openEuler
关键组件待修复CVE 清单
6、openEuler
社区指导文档及开放平台链接
本次update版本发布后,下一个版本里程碑点(预计在2023/07/01)提供
update_ 20230628
版本。
openEuler-20.03-LTS-SP1 Update
20230621
经各SIG及社区开发者贡献,本周openEuler-20.03-LTS-SP1修复版本已知问题1个,已知漏洞4个。目前版本分支剩余待修复缺陷21个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库
openEuler-20.03-LTS-SP1 Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7EFEC?from=project-issue
CVE修复:
|
CVE |
软件包 |
优先级 |
|
CVE-2023-3138 |
libX11 |
5.5 |
|
CVE-2022-41946 |
postgresql-jdbc |
5.5 |
|
CVE-2023-34969 |
dbus |
4.7 |
|
CVE-2023-28370 |
python-tornado |
6.1 |
Bugfix:
|
issue |
仓库 |
|
#I7EEF3:【openEuler-1.0-LTS】
Adjust few parameters range for smart grid |
kernel |
openEuler-20.03-LTS-SP1版本编译构建信息查询链接:
https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1
https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1:Epol
openEuler-20.03-LTS-SP1 Update版本 发布源链接:
https://repo.openeuler.org/openEuler-20.03-LTS-SP1/update/
https://repo.openeuler.org/openEuler-20.03-LTS-SP1/EPOL/update/
openEuler CVE
及安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-20.03-LTS-SP1 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高):
|
里程碑 |
任务ID |
任务标题 |
优先级 |
sig组 |
关联仓库 |
|
openEuler-20.03-LTS-SP1 |
I3B5TJ |
在obs server环境上,配置rpm包签名,签名报错 |
无优先级 |
sig/Infrastructure |
infrastructure |
|
openEuler 20.03LTS SP1 update2103 |
I3E5C1 |
【20.03-SP1】【arm/x86】服务启动失败 |
主要 |
sig/bigdata |
hadoop |
|
openEuler-20.03-LTS-SP1 |
I3QGU7 |
系统不支持GB18030 |
无优先级 |
sig/TC |
community |
|
openEuler 20.03LTS SP1 update210901 |
I48GIM |
【20.03LTS SP1 update 210901】ovirt-cockpit-sso.service服务启动失败 |
主要 |
sig/oVirt |
ovirt-cockpit-sso |
|
openEuler 20.03LTS SP1 update210926 |
I4CMSV |
【20.03-LTS-SP1】【arm/x86】搭建Kubernetes
集群缺少包etcd |
无优先级 |
sig/TC |
community |
|
openEuler 20.03-LTS-SP1 |
I4G4A5 |
Undefine-shift in _bfd_safe_read_leb128 |
无优先级 |
sig/Base-service |
binutils |
|
openEuler 20.03-LTS-SP1 |
I4G4B1 |
Integer overflow in print_vms_time |
无优先级 |
sig/Base-service |
binutils |
|
openEuler 20.03-LTS-SP1 |
I4G4VY |
memleak in parse_gnu_debugaltlink |
无优先级 |
sig/Base-service |
binutils |
|
openEuler 20.03-LTS-SP1 |
I4G4WF |
Heap-buffer-overflow in slurp_hppa_unwind_table |
无优先级 |
sig/Base-service |
binutils |
|
openEuler 20.03-LTS-SP1 |
I4G4WW |
Use-after-free in make_qualified_name |
无优先级 |
sig/Base-service |
binutils |
|
openEuler 20.03-LTS-SP1 |
I4G4X6 |
memleak in byte_get_little_endian |
无优先级 |
sig/Base-service |
binutils |
|
openEuler 20.03-LTS-SP1 |
I4G4XF |
memleak in process_mips_specific |
无优先级 |
sig/Base-service |
binutils |
|
openEuler 20.03-LTS-SP1 |
I4G4Y0 |
out-of-memory in vms_lib_read_index |
无优先级 |
sig/Base-service |
binutils |
|
openEuler 20.03-LTS-SP1 |
I4G4YJ |
Heap-buffer-overflow in bfd_getl16 |
无优先级 |
sig/Base-service |
binutils |
|
openEuler 20.03-LTS-SP1 |
I4G4YV |
Floating point exception in _bfd_vms_slurp_etir |
无优先级 |
sig/Base-service |
binutils |
|
openEuler 20.03-LTS-SP1 |
I4J0OY |
【20.03 SP1】【arm/x86】安装好libdap后,getdap4命令的-i和-k参数使用异常 |
主要 |
sig/sig-recycle |
libdap |
|
openEuler 20.03-LTS-SP1 |
I4JMG4 |
【20.03 SP1】【arm/x86】robotframework包的三个命令:libdoc、rebot、robot执行--help/-h/-?/--version,查看帮助信息和版本信息,返回值为251 |
主要 |
sig/sig-ROS |
python-robotframework |
|
openEuler 20.03LTS SP1 update220111 |
I4QV6N |
【openEuler-20.03-LTS-SP1】flink命令执行失败
|
无优先级 |
sig/bigdata |
flink |
|
openEuler 20.03-LTS-SP1 |
I5DLX7 |
[20.03 22.03]
管理员指南操作文档mysql服务搭建指导文档有误 |
主要 |
sig/doc |
docs |
|
openEuler-20.03-LTS-SP1-dailybuild |
I5Y99T |
mate-desktop install problem in openEuler:20:03:LTS:SP1 |
无优先级 |
sig/sig-mate-desktop |
mate-desktop |
|
openEuler 20.03-LTS-SP1 |
I6VFAE |
[20.03 SP1] [x86/arm] mariadb授权给远程用户,远程连接服务失败 |
次要 |
sig/DB |
mariadb |
openEuler-20.03-LTS-SP3 Update
20230621
经各SIG及社区开发者贡献,本周openEuler-20.03-LTS-SP3修复版本已知问题4个,已知漏洞6个。目前版本分支剩余待修复缺陷
9个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库
openEuler-20.03-LTS-SP3 Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7EFEE?from=project-issue
CVE修复:
|
CVE |
软件包 |
优先级 |
|
CVE-2022-41946 |
postgresql-jdbc |
5.5 |
|
CVE-2023-28370 |
python-tornado |
6.1 |
|
CVE-2023-3138 |
libX11 |
5.5 |
|
CVE-2023-34969 |
dbus |
4.7 |
|
CVE-2023-31084 |
kernel |
5.5 |
|
CVE-2023-2985 |
kernel |
5.5 |
Bugfix:
|
issue |
仓库 |
|
grub2 |
|
|
shim |
|
|
#I7EEF3:【openEuler-1.0-LTS】
Adjust few parameters range for smart grid |
kernel |
|
dpdk |
openEuler-20.03-LTS-SP3版本编译构建信息查询链接:
https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3
https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3:Epol
openEuler-20.03-LTS-SP3 Update版本 发布源链接:
https://repo.openeuler.org/openEuler-20.03-LTS-SP3/update/
https://repo.openeuler.org/openEuler-20.03-LTS-SP3/EPOL/update/main/
openEuler CVE及安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-20.03-LTS-SP3 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高):
|
里程碑 |
任务ID |
任务标题 |
优先级 |
sig组 |
关联仓库 |
|
openEuler 20.03LTS SP3 update220111 |
I4QV7S |
【openEuler-20.03-LTS-SP3】flink run
命令执行失败 |
无优先级 |
sig/bigdata |
flink |
|
openEuler 20.03-LTS-SP3 |
I5KXUY |
【20.03 LTS SP3 update 20220803】【arm/x86】ovirt-cockpit-sso.service服务启动失败 |
主要 |
sig/oVirt |
ovirt-cockpit-sso |
|
openEuler-20.03-LTS-SP3 |
I5KY4S |
【20.03 LTS SP3 update 20220803】【arm/x86】vdsmd.service服务启动失败,导致mom-vdsm.service服务无法启动成功 |
主要 |
sig/oVirt |
vdsm |
|
openEuler 20.03 LTS SP3 update20220801 |
I5LYJK |
【20.03-sp3_update20220801】【x86】对内核版进行升级后,TCP_option_address安装异常 |
主要 |
sig/Kernel |
TCP_option_address |
|
openEuler 20.03-LTS-SP3 |
I613DI |
【20.03 SP3】当前最新版本的kernel、
oec-hardware、 openEuler-release三个包同时安装,虚拟机启动失败 |
次要 |
sig/Base-service |
openEuler-release |
|
openEuler-20.03-LTS-SP3 |
I6VFMI |
[20.03 SP3] [x86/arm] mariadb授权给远程用户,远程连接服务失败 |
次要 |
sig/DB |
mariadb |
|
openEuler-20.03-LTS-SP3 |
I72EAT |
【20.03 SP3】php相关包在20.03 LTS SP3降级失败 |
主要 |
sig/Base-service |
php |
|
openEuler-20.03-LTS-SP3 |
I72HWV |
【20.03-lts-sp3】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败 |
次要 |
sig/Base-service |
php |
|
openEuler-20.03-LTS-SP3 |
I73YJO |
20.03-LTS-SP3 mellanox网卡无法用ethtool
工具配置速率 |
无优先级 |
sig/Kernel |
kernel |
openEuler-22.03-LTS
Update
20230621
经各SIG及社区开发者贡献,本周openEuler-22.03-LTS修复版本已知问题1个,已知漏洞8个。目前版本分支剩余待修复缺陷3个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库
openEuler-22.03-LTS Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7EFEF?from=project-issue
CVE修复:
|
CVE |
仓库 |
score |
|
CVE-2023-3138 |
libX11 |
5.5 |
|
CVE-2022-41946 |
postgresql-jdbc |
5.5 |
|
CVE-2023-28370 |
python-tornado |
6.1 |
|
CVE-2023-2952 |
wireshark |
6.5 |
|
CVE-2023-33288 |
kernel |
4.7 |
|
CVE-2023-2985 |
kernel |
5.5 |
|
CVE-2023-26130 |
cpp-httplib |
8.8 |
|
CVE-2023-34969 |
dbus |
4.7 |
Bugfix:
|
issue |
仓库 |
|
kernel |
openEuler-22.03-LTS版本编译构建信息查询链接:
https://build.openeuler.org/project/show/openEuler:22.03:LTS
https://build.openeuler.org/project/show/openEuler:22.03:LTS:Epol
openEuler-22.03-LTS Update版本 发布源链接:
https://repo.openeuler.org/openEuler-22.03-LTS/update/
https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/main/
https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/OpenStack/Train/
https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/OpenStack/Wallaby/
https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/obs-server/2.10.11/
openEuler CVE
及 安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-22.03-LTS Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高):
|
里程碑 |
任务ID |
任务标题 |
优先级 |
sig |
关联仓库 |
|
openEuler-22.03-LTS |
I6VFRX |
[22.03-LTS][x86/arm]mariadb授权给远程用户,远程连接服务失败 |
次要 |
sig/DB |
mariadb |
|
openEuler-22.03-LTS |
I72N5G |
【22.03-lts】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败 |
次要 |
sig/Base-service |
php |
|
openEuler-22.03-LTS |
I7CQNF |
【22.03-LTS】【arm/x86】卸载cephadm时报错:"userdel:cephadm
信件池 (/var/spool/mail/cephadm) 未找到" |
次要 |
sig/sig-SDS |
ceph |
openEuler-22.03-LTS-SP1
Update
20230621
经各SIG及社区开发者贡献,本周openEuler-22.03-LTS-SP1修复版本已知问题4个,已知漏洞9个。目前版本分支剩余待修复缺陷4个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库
openEuler-22.03-LTS SP1 Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7EFEA?from=project-issue
CVE修复:
|
CVE |
软件包 |
优先级 |
|
CVE-2023-28370 |
python-tornado |
6.1 |
|
CVE-2023-26130 |
cpp-httplib |
8.8 |
|
CVE-2023-34969 |
dbus |
4.7 |
|
CVE-2023-2952 |
wireshark |
6.5 |
|
CVE-2023-2650 |
openssl |
7.5 |
|
CVE-2023-33288 |
kernel |
4.7 |
|
CVE-2023-3138 |
libX11 |
5.5 |
|
CVE-2022-41946 |
postgresql-jdbc |
5.5 |
|
CVE-2015-8863 |
jq |
1 |
Bugfix:
|
issue |
仓库 |
|
#I7C788:使用gcc-cross-1.0-4.oe2203sp1.x86_64rpm下面的gcc_arm64le.tar.gz的编译链交叉编译报错 |
gcc-cross |
|
openjfx8 |
|
|
openjdk-17 |
|
|
kernel |
openEuler-22.03-LTS SP1版本编译构建信息查询链接:
https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP1
https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP1:Epol
openEuler-22.03-LTS SP1 Update版本 发布源链接:
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/update/
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/main/
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_version/OpenStack/Train/
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_version/OpenStack/Wallaby/
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_version/obs-server/2.10.11/
openEuler CVE
及 安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-22.03-LTS SP1 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高):
|
里程碑 |
任务ID |
任务标题 |
优先级 |
sig组 |
关联仓库 |
|
openEuler 22.03-SP1 |
I6B4V1 |
【22.03 SP1 update 20230118】【arm】libhdfs在arm架构降级失败,x86正常 |
主要 |
sig/bigdata |
hadoop |
|
openEuler-22.03-LTS-SP1 |
I6VFV6 |
[22.03 SP1] [x86/arm] mariadb授权给远程用户,远程连接服务失败 |
次要 |
sig/DB |
mariadb |
|
openEuler-22.03-LTS-SP1 |
I73CKF |
【22.03-lts-sp1】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败 |
次要 |
sig/Base-service |
php |
|
openEuler-22.03-LTS-SP1 |
I7CGIU |
【22.03-LTS-SP1】【arm/x86】opengauss与libcgroup存在安装冲突 |
主要 |
sig/DB |
opengauss-server |
社区待修复漏洞:
openEuler社区根据漏洞严重等级采取差异化的修复策略,请各个SIG
关注涉及CVE组件的修复情况。
|
严重等级(Severity Rating) |
漏洞修复时长 |
|
致命(Critical) |
7天 |
|
高(High) |
14天 |
|
中(Medium) |
30天 |
|
低(Low) |
30天 |
可参考社区安全委员会漏洞:https://gitee.com/openeuler/security-committee/wikis/%E7%A4%BE%E5%8C%BA%E6%BC%8F%E6%B4%9E%E7%AE%A1%E7%90%86
近14天将超期CVE(6.27日数据):
|
漏洞编号 |
Issue ID |
剩余天数 |
CVSS评分 |
软件包 |
责任SIG |
|
CVE-2023-27530 |
I7D51N |
0.71 |
7.5 |
rubygem-rack |
sig-ruby |
|
CVE-2023-27530 |
I7D2G8 |
0.71 |
7.5 |
pcs |
sig-Ha |
|
CVE-2023-29405 |
I7F7JG |
1.63 |
9.8 |
golang |
sig-golang |
|
CVE-2023-29404 |
I7F7HH |
1.63 |
9.8 |
golang |
sig-golang |
|
CVE-2023-33533 |
I7BG5B |
2.13 |
8.8 |
raspberrypi-firmware |
sig-RaspberryPi |
|
CVE-2023-32697 |
I7DOYI |
2.71 |
8.8 |
sqlite |
DB |
|
CVE-2022-25834 |
I7BIEM |
3.13 |
7.8 |
percona-xtrabackup |
DB |
|
CVE-2023-3022 |
I79X7Y |
3.67 |
0.0 |
risc-v-kernel |
sig-RISC-V |
|
CVE-2023-34255 |
I79X89 |
3.71 |
0.0 |
risc-v-kernel |
sig-RISC-V |
|
CVE-2023-3141 |
I7BRI9 |
3.96 |
7.1 |
risc-v-kernel |
sig-RISC-V |
|
CVE-2023-3141 |
I7BRI7 |
4.13 |
7.1 |
kernel |
Kernel |
|
CVE-2023-2454 |
I72FSJ |
4.13 |
7.2 |
libpq |
DB |
|
CVE-2023-2454 |
I72FSE |
4.13 |
7.2 |
postgresql |
DB |
|
CVE-2023-2898 |
I78FS2 |
5.13 |
4.7 |
risc-v-kernel |
sig-RISC-V |
|
CVE-2023-29499 |
I7AI3W |
5.29 |
0.0 |
perl-Glib |
sig-mate-desktop |
|
CVE-2023-32611 |
I7AI3T |
5.29 |
0.0 |
perl-Glib |
sig-mate-desktop |
|
CVE-2023-32643 |
I7AI3Q |
5.29 |
0.0 |
perl-Glib |
sig-mate-desktop |
|
CVE-2023-32636 |
I7AI3N |
5.29 |
0.0 |
perl-Glib |
sig-mate-desktop |
|
CVE-2023-32665 |
I7AJ2H |
5.42 |
0.0 |
perl-Glib |
sig-mate-desktop |
|
CVE-2023-32762 |
I76JBM |
6.63 |
5.3 |
qt5-qtbase |
Programming-language |
|
CVE-2023-29403 |
I7F7GM |
8.63 |
7.8 |
golang |
sig-golang |
|
CVE-2023-33187 |
I78R5I |
8.63 |
6.5 |
highlight |
oVirt |
|
CVE-2023-31486 |
I7FDBC |
9.63 |
8.1 |
perl |
Base-service |
|
CVE-2023-34256 |
I79X8A |
10.63 |
5.5 |
risc-v-kernel |
sig-RISC-V |
|
CVE-2023-34256 |
I79X88 |
10.63 |
5.5 |
kernel |
Kernel |
|
CVE-2023-0568 |
I6FMFH |
10.71 |
8.1 |
php |
Base-service |
|
CVE-2023-35788 |
I7E6MM |
11.13 |
7.8 |
risc-v-kernel |
sig-RISC-V |
|
CVE-2023-35788 |
I7E6ML |
11.13 |
7.8 |
kernel |
Kernel |
|
CVE-2023-3006 |
I79V94 |
11.13 |
5.5 |
risc-v-kernel |
sig-RISC-V |
|
CVE-2023-3006 |
I79V8S |
11.13 |
5.5 |
kernel |
Kernel |
|
CVE-2023-2985 |
I79LIR |
11.13 |
5.5 |
risc-v-kernel |
sig-RISC-V |
|
CVE-2023-2002 |
I6WHKR |
11.63 |
6.8 |
risc-v-kernel |
sig-RISC-V |
|
CVE-2023-33546 |
I7A80T |
12.13 |
5.5 |
janino |
sig-Java |
|
CVE-2023-0662 |
I6FWA8 |
12.13 |
7.5 |
php |
Base-service |
|
CVE-2023-0616 |
I6FOOO |
12.13 |
6.5 |
thunderbird |
sig-desktop-apps |
|
CVE-2023-0430 |
I6C6UA |
12.63 |
6.5 |
thunderbird |
sig-desktop-apps |
|
CVE-2023-32700 |
I7FY1O |
12.95 |
7.4 |
texlive |
Application |
openEuler
社区指导文档及开放平台链接:
openEuler
版本分支维护规范:
openEuler release-management
版本分支PR指导:
社区QA
版本测试提单规范
社区QA
测试平台 radiates
https://radiatest.openeuler.org
车明道(openEuler Release SIG)
Mobile: +86 15345431107
中国(China)-杭州(Hangzhou)-滨江区江淑路360号华为杭州研发中心
HUAWEI , Jiangshu Road., Binjiang District, Hangzhou, P.R.China
E-mail:
chemingdao@huawei.com
Open
Source OS for Digital Infrastructure
participants (1)
-
chemingdao