主题 : openEuler update_2023 0920 版本发布公告 Dear all , 经社区 Release SIG 、 QA SIG 及 CICD SIG 评估, openEuler-20.03-LTS-SP1 、 openEuler-20.03-LTS-SP3 、 openEuler-22.03-LTS 、 openEuler-22.03-LTS-SP1 及 openEuler-22.03-LTS-SP2 update 版本满足版本出口质量,现进行发布公示。 本公示分为七部分: 1 、 openEuler-20.03-LTS-SP1 Update 2023 0920 发布情况及待修复缺陷 2 、 openEuler-20.03-LTS-SP3 Update 2023 0920 发布情况及待修复缺陷 3 、 openEuler-22.03-LTS Update 2023 0920 发布情况及待修复缺陷 4 、 openEuler-22.03-LTS-SP1 Update 2023 0920 发布情况及待修复缺陷 5 、 openEuler-22.03-LTS-SP2 Update 2023 0920 发布情况及待修复缺陷 6 、 openEuler 关键组件待修复 CVE 清单 7 、 openEuler 社区指导文档及开放平台链接 本次 update 版本发布后,下一个版本里程碑点(预计在 2023/09/28 )提供 update_20230926 版本。 openEuler-20.03-LTS-SP1 Update 2023 0920 经各 SIG 及社区开发者贡献,本周 openEuler-20.03-LTS-SP1 修复版本已知问题3个,已知漏洞13个。目前版本分支剩余待修复缺陷 21 个,缺陷 / 漏洞统计详见清单,缺陷 / 漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP1 Update 版本 CVE 修复 及 Bugfix list 公示链接: https://gitee.com/openeuler/release-management/issues/I8234T?from=project-is... CVE修复: CVE 仓库 score CVE-2023-4863 libwebp 9.6 CVE-2023-41915 pmix 8.1 CVE-2023-4921 kernel 7.8 CVE-2023-24537 skopeo 7.5 CVE-2023-4881 kernel 7.1 CVE-2023-21400 kernel 6.7 CVE-2023-4874 mutt 6.5 CVE-2023-41164 python-django 6.5 CVE-2023-4875 mutt 5.7 CVE-2023-20588 kernel 5.5 CVE-2023-39742 giflib 5.5 CVE-2023-40217 python3 5.3 CVE-2022-45887 kernel 4.7 Bugfix: issue 仓库 #I82QEQ:在链接 glibc库场景下,当nsswitch工具动态加载一个包含容器内容的chroot库时,代码注入可能会发生。 iSulad #I7XIHZ:安装libvirt*,ping操作提示“sendmsg: Operation not permitted” ebtables #I4YKIJ:【openEuler-1.0-LTS】加速器VF执行业务后或者当前正在执行业务,对PF进行FLR,均有可能触发QM的总线异常,需要驱动在复位之前停流踢cache kernel openEuler-20.03-LTS-SP1 版本编译构建信息查询链接: https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1 https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1:Epol openEuler-20.03-LTS-SP1 Update 版本 发布源链接: https://repo.openeuler.org/openEuler-20.03-LTS-SP1/update/ https://repo.openeuler.org/openEuler-20.03-LTS-SP1/EPOL/update/ https://repo.openeuler.org/openEuler-20.03-LTS-SP1/docker_img/update/ openEuler CVE 及安全公告公示链接: https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-20.03-LTS-SP1 Update 版本待修复问题清单公示 ( 任务 ID 标注红色的问题单优先级高 ) : 里程碑 任务ID 任务标题 优先级 sig组 关联仓库 任务路径 openEuler 20.03LTS SP1 update2103 I3E5C1 【20.03-SP1】【arm/x86】服务启动失败 主要 regression-failed src-openEuler/hadoop https://gitee.com/open_euler/dashboard?issue_id=I3E5C1 openEuler 20.03LTS SP1 update210901 I48GIM 【20.03LTS SP1 update 210901】ovirt-cockpit-sso.service服务启动失败 主要 sig-oVirt src-openEuler/ovirt-cockpit-sso https://gitee.com/open_euler/dashboard?issue_id=I48GIM openEuler 20.03-LTS-SP1 I4J0OY 【20.03 SP1】【arm/x86】安装好libdap后,getdap4命令的-i和-k参数使用异常 主要 sig/sig-recycle src-openEuler/libdap https://gitee.com/open_euler/dashboard?issue_id=I4J0OY openEuler 20.03-LTS-SP1 I4JMG4 【20.03 SP1】【arm/x86】robotframework包的三个命令:libdoc、rebot、robot执行--help/-h/-?/--version,查看帮助信息和版本信息,返回值为251 主要 sig/sig-ROS src-openEuler/python-robotframework https://gitee.com/open_euler/dashboard?issue_id=I4JMG4 openEuler 20.03-LTS-SP1 I5DLX7 [20.03 22.03] 管理员指南操作文档mysql服务搭建指导文档有误 主要 sig/doc openEuler/docs https://gitee.com/open_euler/dashboard?issue_id=I5DLX7 openEuler 20.03-LTS-SP1 I6VFAE [20.03 SP1] [x86/arm] mariadb授权给远程用户,远程连接服务失败 次要 sig/DB src-openEuler/mariadb https://gitee.com/open_euler/dashboard?issue_id=I6VFAE openEuler 20.03-LTS-SP1 I7ZOX9 【20.03 LTS SP1】【arm/x86】 qdbuscpp2xml-qt5的help信息名称不一致 次要 sig/Programming-lang src-openEuler/qt5-qtbase https://gitee.com/open_euler/dashboard?issue_id=I7ZOX9 openEuler-20.03-LTS-SP1 I3QGU7 系统不支持GB18030 无优先级 sig/TC openEuler/community https://gitee.com/open_euler/dashboard?issue_id=I3QGU7 openEuler 20.03LTS SP1 update210926 I4CMSV 【20.03-LTS-SP1】【arm/x86】搭建Kubernetes 集群缺少包etcd 无优先级 sig/TC openEuler/community https://gitee.com/open_euler/dashboard?issue_id=I4CMSV openEuler 20.03-LTS-SP1 I4G4A5 Undefine-shift in _bfd_safe_read_leb128 无优先级 sig/Base-service src-openEuler/binutils https://gitee.com/open_euler/dashboard?issue_id=I4G4A5 openEuler 20.03-LTS-SP1 I4G4B1 Integer overflow in print_vms_time 无优先级 sig/Base-service src-openEuler/binutils https://gitee.com/open_euler/dashboard?issue_id=I4G4B1 openEuler 20.03-LTS-SP1 I4G4VY memleak in parse_gnu_debugaltlink 无优先级 sig/Base-service src-openEuler/binutils https://gitee.com/open_euler/dashboard?issue_id=I4G4VY openEuler 20.03-LTS-SP1 I4G4WF Heap-buffer-overflow in slurp_hppa_unwind_table 无优先级 sig/Base-service src-openEuler/binutils https://gitee.com/open_euler/dashboard?issue_id=I4G4WF openEuler 20.03-LTS-SP1 I4G4WW Use-after-free in make_qualified_name 无优先级 sig/Base-service src-openEuler/binutils https://gitee.com/open_euler/dashboard?issue_id=I4G4WW openEuler 20.03-LTS-SP1 I4G4X6 memleak in byte_get_little_endian 无优先级 sig/Base-service src-openEuler/binutils https://gitee.com/open_euler/dashboard?issue_id=I4G4X6 openEuler 20.03-LTS-SP1 I4G4XF memleak in process_mips_specific 无优先级 sig/Base-service src-openEuler/binutils https://gitee.com/open_euler/dashboard?issue_id=I4G4XF openEuler 20.03-LTS-SP1 I4G4Y0 out-of-memory in vms_lib_read_index 无优先级 sig/Base-service src-openEuler/binutils https://gitee.com/open_euler/dashboard?issue_id=I4G4Y0 openEuler 20.03-LTS-SP1 I4G4YJ Heap-buffer-overflow in bfd_getl16 无优先级 sig/Base-service src-openEuler/binutils https://gitee.com/open_euler/dashboard?issue_id=I4G4YJ openEuler 20.03-LTS-SP1 I4G4YV Floating point exception in _bfd_vms_slurp_etir 无优先级 sig/Base-service src-openEuler/binutils https://gitee.com/open_euler/dashboard?issue_id=I4G4YV openEuler 20.03LTS SP1 update220111 I4QV6N 【openEuler-20.03-LTS-SP1】flink命令执行失败 无优先级 sig/sig-ai-bigdata src-openEuler/flink https://gitee.com/open_euler/dashboard?issue_id=I4QV6N openEuler-20.03-LTS-SP1-dailybuild I5Y99T mate-desktop install problem in openEuler:20:03:LTS:SP1 无优先级 sig/sig-mate-desktop src-openEuler/mate-desktop https://gitee.com/open_euler/dashboard?issue_id=I5Y99T openEuler-20.03-LTS-SP3 Update 2023 0920 经各 SIG 及社区开发者贡献,本周 openEuler-20.03-LTS-SP3 修复版本已知问7个,已知漏洞15个。目前版本分支剩余待修复缺陷 7 个,缺陷 / 漏洞统计详见清单,缺陷 / 漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP3 Update 版本 CVE 修复 及 Bugfix list 公示链接: https://gitee.com/openeuler/release-management/issues/I8234X?from=project-is... CVE修复: CVE 仓库 score CVE-2023-4863 libwebp 9.6 CVE-2023-41915 pmix 8.1 CVE-2023-4921 kernel 7.8 CVE-2023-24537 skopeo 7.5 CVE-2023-4785 grpc 7.5 CVE-2023-2977 opensc 7.1 CVE-2023-4881 kernel 7.1 CVE-2023-21400 kernel 6.7 CVE-2023-41164 python-django 6.5 CVE-2023-4874 mutt 6.5 CVE-2023-4875 mutt 5.7 CVE-2023-39742 giflib 5.5 CVE-2023-20588 kernel 5.5 CVE-2023-40217 python3 5.3 CVE-2022-45887 kernel 4.7 Bugfix: issue 仓库 #I828IW:【openEuler-20.03-LTS-SP3】【arm/x86 】units_cur部分参数执行报错 units #I82QJV:【20.03-lts-sp3_update 2023/09/19 release】update version to 2.0.18-13 iSulad #I82AZ2:调用lxc二进制前为打开LXC_MEMFD_REXEC属性,存在安全风险 lcr #I82QG4:clibcni中存在strerror函数调用,日志输出可能存在错误风险 clibcni #I82QT2:设备mount地址错误 lxc #I7XIHZ:安装libvirt*,ping操作提示“sendmsg: Operation not permitted” ebtables #I82LC6:【openEuler-1.0-LTS】关内核抢占场景,qm收包可能出现问题 kernel openEuler-20.03-LTS-SP3 版本编译构建信息查询链接: https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3 https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3:Epol openEuler-20.03-LTS-SP3 Update 版本 发布源链接: https://repo.openeuler.org/openEuler-20.03-LTS-SP3/update/ https://repo.openeuler.org/openEuler-20.03-LTS-SP3/EPOL/update/main/ https://repo.openeuler.org/openEuler-20.03-LTS-SP3/docker_img/update/ openEuler CVE 及安全公告公示链接: https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-20.03-LTS-SP3 Update 版本待修复问题清单公示 ( 任务 ID 标注红色的问题单优先级高 ) : 里程碑 任务ID 任务标题 优先级 sig组 关联仓库 任务路径 openEuler 20.03-LTS-SP3 I5KXUY 【20.03 LTS SP3 update 20220803】【arm/x86】ovirt-cockpit-sso.service服务启动失败 主要 sig/oVirt src-openEuler/ovirt-cockpit-sso https://gitee.com/open_euler/dashboard?issue_id=I5KXUY openEuler-20.03-LTS-SP3 I5KY4S 【20.03 LTS SP3 update 20220803】【arm/x86】vdsmd.service服务启动失败,导致mom-vdsm.service服务无法启动成功 主要 sig/oVirt src-openEuler/vdsm https://gitee.com/open_euler/dashboard?issue_id=I5KY4S openEuler-20.03-LTS-SP3 I6VFMI [20.03 SP3] [x86/arm] mariadb授权给远程用户,远程连接服务失败 次要 sig/DB src-openEuler/mariadb https://gitee.com/open_euler/dashboard?issue_id=I6VFMI openEuler-20.03-LTS-SP3 I72HWV 【20.03-lts-sp3】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败 次要 sig/Base-service src-openEuler/php https://gitee.com/open_euler/dashboard?issue_id=I72HWV openEuler-20.03-LTS-SP3 I7QP67 [20.03-LTS-SP3]openssh自编译失败,提示缺少bc命令 次要 sig/Base-service src-openEuler/openEuler-release https://gitee.com/open_euler/dashboard?issue_id=I7QP67 openEuler-20.03-LTS-SP3 I7ZOZZ 【20.03 LTS SP3】【arm/x86】 qdbuscpp2xml-qt5的help信息名称不一致 次要 sig/Programming-lang src-openEuler/qt5-qtbase https://gitee.com/open_euler/dashboard?issue_id=I7ZOZZ openEuler 20.03LTS SP3 update220111 I4QV7S 【openEuler-20.03-LTS-SP3】flink run 命令执行失败 无优先级 sig/sig-ai-bigdata src-openEuler/flink https://gitee.com/open_euler/dashboard?issue_id=I4QV7S openEuler-22.03-LTS Update 2023 0920 经各 SIG 及社区开发者贡献,本周 openEuler-22.03-LTS 修复版本已知问题7个,已知漏洞17个。目前版本分支剩余待修复缺陷5个,缺陷 / 漏洞统计详见清单,缺陷 / 漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS Update 版本 CVE 修复 及 Bugfix list 公示链接: https://gitee.com/openeuler/release-management/issues/I82351?from=project-is... CVE修复: CVE 仓库 score CVE-2023-4863 libwebp 9.6 CVE-2023-41915 pmix 8.1 CVE-2023-32253 kernel 8.1 CVE-2023-32249 kernel 8.1 CVE-2023-4921 kernel 7.8 CVE-2023-28366 mosquitto 7.5 CVE-2023-4785 grpc 7.5 CVE-2023-4881 kernel 7.1 CVE-2023-21400 kernel 6.7 CVE-2023-41164 python-django 6.5 CVE-2023-4874 mutt 6.5 CVE-2023-4875 mutt 5.7 CVE-2023-39742 giflib 5.5 CVE-2023-20588 kernel 5.5 CVE-2023-40217 python3 5.3 CVE-2022-45887 kernel 4.7 CVE-2023-32251 kernel 0.0 Bugfix: issue 仓库 #I82AZ2:调用lxc二进制前为打开LXC_MEMFD_REXEC属性,存在安全风险 lcr #I82QGO:【22.03-lts_update 2023/09/19 release】update version to 2.0.18-13 iSulad #I82QG4:clibcni中存在strerror函数调用,日志输出可能存在错误风险 clibcni #I82QT2:设备mount地址错误 lxc #I7XIHZ:安装libvirt*,ping操作提示“sendmsg: Operation not permitted” ebtables #I80Y3R: grub2社区补丁回合 & SBAT元数据修正 grub2 #I828EV:日志重演EIO并发sync block_dev,数据丢失挂载仍然成功导致文件系统损坏 kernel openEuler-22.03-LTS 版本编译构建信息查询链接: https://build.openeuler.org/project/show/openEuler:22.03:LTS https://build.openeuler.org/project/show/openEuler:22.03:LTS:Epol openEuler-22.03-LTS Update 版本 发布源链接: https://repo.openeuler.org/openEuler-22.03-LTS/update/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/main/ https://repo.openeuler.org/openEuler-22.03-LTS/docker_img/update/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Ope... https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Ope... https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/obs... openEuler CVE 及 安全公告公示链接: https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-22.03-LTS Update 版本待修复问题清单公示 ( 任务 ID 标注红色的问题单优先级高 ) : 里程碑 任务ID 任务标题 优先级 sig组 关联仓库 任务路径 openEuler-22.03-LTS update20230726 I7ORCE 【22.03 LTS update20230726】【arm\x86】selinux-policy-base的版本不符合ceph子包的安装条件,ceph子包安装失败; cephadm卸载有异常打印 主要 sig/sig-SDS src-openEuler/ceph https://gitee.com/open_euler/dashboard?issue_id=I7ORCE openEuler-22.03-LTS I596H5 openEuler官网中安全加固指南模块—>;加固指导—>;系统服务—>;ssh加固项说明:加固建议中多添加了@符号 次要 sig/doc openEuler/docs https://gitee.com/open_euler/dashboard?issue_id=I596H5 openEuler-22.03-LTS I6VFRX [22.03-LTS][x86/arm]mariadb授权给远程用户,远程连接服务失败 次要 sig/DB src-openEuler/mariadb https://gitee.com/open_euler/dashboard?issue_id=I6VFRX openEuler-22.03-LTS I72N5G 【22.03-lts】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败 次要 sig/Base-service src-openEuler/php https://gitee.com/open_euler/dashboard?issue_id=I72N5G openEuler-22.03-LTS I7ZP1J 【22.03 LTS】【arm/x86】 qdbuscpp2xml-qt5的help信息名称不一致 次要 sig/Programming-lang src-openEuler/qt5-qtbase https://gitee.com/open_euler/dashboard?issue_id=I7ZP1J openEuler-22.03-LTS-SP1 Update 2023 0920 经各 SIG 及社区开发者贡献,本周 openEuler-22.03-LTS-SP1 修复版本已知问题10个,已知漏洞17个。目前版本分支剩余待修复缺陷11个,缺陷 / 漏洞统计详见清单,缺陷 / 漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS SP1 Update 版本 CVE 修复 及 Bugfix list 公示链接: https://gitee.com/openeuler/release-management/issues/I8234M?from=project-is... CVE修复: CVE 仓库 score CVE-2023-4863 libwebp 9.6 CVE-2023-41915 pmix 8.1 CVE-2023-32253 kernel 8.1 CVE-2023-32249 kernel 8.1 CVE-2023-4921 kernel 7.8 CVE-2023-4785 grpc 7.5 CVE-2023-24537 skopeo 7.5 CVE-2023-4881 kernel 7.1 CVE-2023-21400 kernel 6.7 CVE-2023-4874 mutt 6.5 CVE-2023-41164 python-django 6.5 CVE-2023-4875 mutt 5.7 CVE-2023-39742 giflib 5.5 CVE-2023-20588 kernel 5.5 CVE-2023-40217 python3 5.3 CVE-2022-45887 kernel 4.7 CVE-2023-32251 kernel 0.0 Bugfix: issue 仓库 #I817RT:spec文件不完善,无法从rpm解压出源码 yaffs2 #I80WE9:BOLT优化Ceph报错 llvm-bolt #I82DMH:Add tinytoml rpm tinytoml #I82QK2:【22.03-lts-sp1_update 2023/09/19 release】update version to 2.0.18-13 iSulad #I82AZ2:调用lxc二进制前为打开LXC_MEMFD_REXEC属性,存在安全风险 lcr #I82QMR:freezing状态的容器也应该设置为unfreeze lxc #I82QG4:clibcni中存在strerror函数调用,日志输出可能存在错误风险 clibcni #I7XIHZ:安装libvirt*,ping操作提示“sendmsg: Operation not permitted” ebtables #I80Y3R: grub2社区补丁回合 & SBAT元数据修正 grub2 #I828EV:日志重演EIO并发sync block_dev,数据丢失挂载仍然成功导致文件系统损坏 kernel openEuler-22.03-LTS SP1 版本编译构建信息查询链接: https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP1 https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP1:Epo... openEuler-22.03-LTS SP1 Update 版本 发布源链接: https://repo.openeuler.org/openEuler-22.03-LTS-SP1/update/ https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/main/ https://repo.openeuler.org/openEuler-22.03-LTS-SP1/docker_img/update/ https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_version... https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_version... https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_version... openEuler CVE 及 安全公告公示链接: https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-22.03-LTS-SP1 Update 版本待修复问题清单公示 ( 任务 ID 标注红色的问题单优先级高 ) : 里程碑 任务ID 任务标题 优先级 sig组 关联仓库 任务路径 openEuler 22.03-SP1 I6B4V1 【22.03 SP1 update 20230118】【arm】libhdfs在arm架构降级失败,x86正常 主要 sig/bigdata src-openEuler/hadoop https://gitee.com/open_euler/dashboard?issue_id=I6B4V1 openEuler-22.03-LTS-SP1 I7LW30 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during IPA pass: struct_reorg(in wide_int_to_tree_1, at tree.c:1575) 主要 sig/Compiler openEuler/gcc https://gitee.com/open_euler/dashboard?issue_id=I7LW30 openEuler-22.03-LTS-SP1 I7LWCW 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:internal compiler error: Segmentation fault 主要 sig/Compiler openEuler/gcc https://gitee.com/open_euler/dashboard?issue_id=I7LWCW openEuler-22.03-LTS-SP1 I7LWK7 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during IPA pass: struct_reorg(in get_type_field, at ipa-struct-reorg/ipa-struct-reorg.c:4394) 主要 sig/Compiler openEuler/gcc https://gitee.com/open_euler/dashboard?issue_id=I7LWK7 openEuler-22.03-LTS-SP1 I7LWO1 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during RTL pass: expand(in convert_move, at expr.c:219) 主要 sig/Compiler openEuler/gcc https://gitee.com/open_euler/dashboard?issue_id=I7LWO1 openEuler-22.03-LTS-SP1 I7LX07 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during IPA pass: struct_reorg(in get_type_field, at ipa-struct-reorg/ipa-struct-reorg.c:4379) 主要 sig/Compiler openEuler/gcc https://gitee.com/open_euler/dashboard?issue_id=I7LX07 openEuler-22.03-LTS-SP1 update20230726 I7OR2I 【22.03 LTS SP1 update20230726】【arm\x86】selinux-policy-base的版本不符合ceph子包的安装条件,ceph子包安装失败 主要 sig/sig-SDS src-openEuler/ceph https://gitee.com/open_euler/dashboard?issue_id=I7OR2I openEuler-22.03-LTS-SP1 I6VFV6 [22.03 SP1] [x86/arm] mariadb授权给远程用户,远程连接服务失败 次要 sig/DB src-openEuler/mariadb https://gitee.com/open_euler/dashboard?issue_id=I6VFV6 openEuler-22.03-LTS-SP1 I73CKF 【22.03-lts-sp1】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败 次要 sig/Base-service src-openEuler/php https://gitee.com/open_euler/dashboard?issue_id=I73CKF openEuler-22.03-LTS-SP1 I7ZP3M 【22.03 LTS SP1】【arm/x86】 qdbuscpp2xml-qt5的help信息名称不一致 次要 sig/Programming-lang src-openEuler/qt5-qtbase https://gitee.com/open_euler/dashboard?issue_id=I7ZP3M openEuler-20.03-LTS-SP1-dailybuild I5Y99T mate-desktop install problem in openEuler:20:03:LTS:SP1 无优先级 sig/sig-mate-desktop src-openEuler/mate-desktop https://gitee.com/open_euler/dashboard?issue_id=I5Y99T openEuler-22.03-LTS-SP2 Update 2023 0920 经各 SIG 及社区开发者贡献,本周 openEuler-22.03-LTS-SP2 修复版本已知问题6个,已知漏洞32个。目前版本分支剩余待修复缺陷3个,缺陷 / 漏洞统计详见清单,缺陷 / 漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS-SP2 Update 版本 CVE 修复 及 Bugfix list 公示链接: https://gitee.com/openeuler/release-management/issues/I8234M?from=project-is... CVE修复: CVE 仓库 score CVE-2023-4056 firefox 9.8 CVE-2023-4863 libwebp 9.6 CVE-2023-37201 firefox 8.8 CVE-2023-37202 firefox 8.8 CVE-2023-37211 firefox 8.8 CVE-2023-4047 firefox 8.8 CVE-2023-41915 pmix 8.1 CVE-2023-32253 kernel 8.1 CVE-2023-32249 kernel 8.1 CVE-2023-37208 firefox 7.8 CVE-2023-4921 kernel 7.8 CVE-2023-24537 skopeo 7.5 CVE-2023-4785 grpc 7.5 CVE-2023-4050 firefox 7.5 CVE-2023-4055 firefox 7.5 CVE-2023-4048 firefox 7.5 CVE-2023-2977 opensc 7.1 CVE-2023-4881 kernel 7.1 CVE-2023-21400 kernel 6.7 CVE-2023-4874 mutt 6.5 CVE-2023-41164 python-django 6.5 CVE-2023-37207 firefox 6.5 CVE-2023-4049 firefox 5.9 CVE-2023-4875 mutt 5.7 CVE-2023-39742 giflib 5.5 CVE-2023-4054 firefox 5.5 CVE-2023-20588 kernel 5.5 CVE-2023-40217 python3 5.3 CVE-2023-4045 firefox 5.3 CVE-2023-4046 firefox 5.3 CVE-2022-45887 kernel 4.7 CVE-2023-32251 kernel 0.0 Bugfix: issue 仓库 #I7WHE3:修复组bond后,删除bond异常错误 kernel #I82QKA:【22.03-lts-sp2_update 2023/09/19 release】update version to 2.1.3-6 iSulad #I82AZ2:调用lxc二进制前为打开LXC_MEMFD_REXEC属性,存在安全风险 lcr #I82QMR:freezing状态的容器也应该设置为unfreeze lxc #I80Y3R: grub2社区补丁回合 & SBAT元数据修正 grub2 #I828EV:日志重演EIO并发sync block_dev,数据丢失挂载仍然成功导致文件系统损坏 kernel openEuler-22.03-LTS SP2 版本编译构建信息查询链接: https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP2 https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP2:Epo... openEuler-22.03-LTS SP2 Update 版本 发布源链接: https://repo.openeuler.org/openEuler-22.03-LTS-SP2/update/ https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/main/ https://repo.openeuler.org/openEuler-22.03-LTS-SP2/hotpatch_update/ https://repo.openeuler.org/openEuler-22.03-LTS-SP2/docker_img/update/ https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/multi_version... https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/multi_version... openEuler CVE 及 安全公告公示链接: https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ https://repo.openeuler.org/security/data/hotpatch_cvrf/ openEuler-22.03-LTS-SP2 Update 版本待修复问题清单公示 ( 任务 ID 标注红色的问题单优先级高 ) : 里程碑 任务ID 任务标题 优先级 sig组 关联仓库 任务路径 openEuler-22.03-LTS-SP2-round-2 I795G3 【22.03-LTS-SP2 round2】本次转测源中出现多个版本的containers-common 主要 sig/sig-CloudNative src-openEuler/skopeo https://gitee.com/open_euler/dashboard?issue_id=I795G3 openEuler-22.03-LTS-SP2-SEC I7AFIR 【22.03-LTS-SP2 round2】【x86/arm】libkae-1.2.10-6.oe2203sp2安全编译选项Rpath/Runpath不满足 主要 sig-AccLib src-openEuler/libkae https://gitee.com/open_euler/dashboard?issue_id=I7AFIR openEuler-22.03-LTS-SP2 I7ZP4V 【22.03 LTS SP2】【arm/x86】 qdbuscpp2xml-qt5的help信息名称不一致 次要 sig/Programming-lang src-openEuler/qt5-qtbase https://gitee.com/open_euler/dashboard?issue_id=I7ZP4V 社区待修复漏洞: openEuler 社区根据漏洞严重等级采取差异化的修复策略,请各个 SIG 关注涉及 CVE 组件的修复情况。 严重等级(Severity Rating) 漏洞修复时长 致命(Critical) 7天 高(High) 14天 中(Medium) 30天 低(Low) 30天 可参考社区安全委员会漏洞: https://gitee.com/openeuler/security-committee/wikis/%E7%A4%BE%E5%8C%BA%E6%B... 近 14 天将超期 CVE ( 9.22 日数据) : 漏洞编号 Issue ID 剩余天数 CVSS评分 软件包 责任SIG CVE-2023-43115 I82DIG 6.87 9.8 ghostscript Base-service CVE-2023-32215 I71R4G 5.79 8.8 firefox Application CVE-2023-32213 I71R3Y 5.79 8.8 firefox Application CVE-2023-32207 I71R3W 5.79 8.8 firefox Application CVE-2023-29536 I6UVEI 5.79 8.8 firefox Application CVE-2023-29541 I6UVDN 5.79 8.8 firefox Application CVE-2023-29539 I6UVDJ 5.79 8.8 firefox Application CVE-2023-29550 I6UVCU 5.79 8.8 firefox Application CVE-2023-4863 I82PC7 11.29 8.8 firefox Application CVE-2023-4504 I837XU 13.87 8.8 cups Desktop CVE-2023-30362 I81897 5.57 7.5 dsoftbus distributed-middleware CVE-2023-32214 I71R4A 5.79 7.5 firefox Application CVE-2023-1999 I6VVSM 5.79 7.5 firefox Application CVE-2023-4813 I80UPG 10.29 7.5 glibc Computing CVE-2023-3341 I832LT 12.29 7.5 bind Networking CVE-2023-4314 I80IPE 11.29 7.2 which Base-service CVE-2022-22753 I5TUFV 5.7 7.1 firefox Application CVE-2023-39615 I7XAOY 8.72 6.5 libxml2 Base-service CVE-2023-32206 I71R4I 21.79 6.5 firefox Application CVE-2023-32211 I71R41 21.79 6.5 firefox Application CVE-2023-29545 I6UVEO 21.79 6.5 firefox Application CVE-2023-29535 I6UVDZ 21.79 6.5 firefox Application CVE-2023-29548 I6UVDO 21.79 6.5 firefox Application CVE-2023-4611 I7WZK1 9.7 6.3 kernel Kernel CVE-2020-18770 I7V70M 4.51 5.5 zziplib Base-service CVE-2020-18781 I7V6ZA 4.51 5.5 audiofile Base-service CVE-2023-4569 I7WN6T 9.29 5.5 kernel Kernel CVE-2023-42467 I809YE 21.29 5.5 qemu Virt CVE-2023-40612 I7VHLO 0.98 5.3 openstack-horizon sig-openstack CVE-2023-37453 I819LJ 21.61 4.6 kernel Kernel CVE-2023-32212 I71RAD 21.79 4.3 firefox Application CVE-2023-32205 I71R4D 21.79 4.3 firefox Application CVE-2023-29533 I6UVER 21.79 4.3 firefox Application CVE-2023-41053 I7Z7QU 14.7 3.3 redis6 sig-bigdata CVE-2023-41053 I7Z7QT 14.7 3.3 redis5 sig-bigdata CVE-2023-34414 I7BFX6 21.79 3.1 firefox Application CVE-2023-4732 I7Y1UL 10.17 0.0 kernel Kernel CVE-2023-3995 I7YIXN 12.19 0.0 kernel Kernel CVE-2023-3592 I7Z2PQ 13.82 0.0 mosquitto Application CVE-2023-4806 I80UPC 20.18 0.0 glibc Computing CVE-2023-37154 I813NN 20.86 0.0 nagios-plugins Networking CVE-2023-4421 I8155B 20.92 0.0 nss sig-security-facility CVE-2005-3660 I818Y1 21.59 0.0 kernel Kernel openEuler 社区指导文档及开放平台链接: openEuler 版本分支维护规范: https://gitee.com/openeuler/release-management/blob/master/openEuler%E7%89%8... openEuler release-management 版本分支 PR 指导: https://gitee.com/openeuler/release-management/blob/master/openEuler%E5%BC%8... 社区 QA 版本测试提单规范 https://gitee.com/openeuler/QA/blob/master/%E7%A4%BE%E5%8C%BA%E7%89%88%E6%9C... 社区 QA 测试平台 radiates https://radiatest.openeuler.org