Qa
Threads by month
- ----- 2025 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- 3 participants
- 639 discussions
主题: openEuler update_20230802版本发布公告
Dear all,
经社区Release SIG、QA SIG及 CICD SIG 评估,openEuler-20.03-LTS-SP1、openEuler-20.03-LTS-SP3、openEuler-22.03-LTS、openEuler-22.03-LTS-SP1及openEuler-22.03-LTS-SP2 update版本满足版本出口质量,现进行发布公示。
本公示分为七部分:
1、openEuler-20.03-LTS-SP1 Update 20230802发布情况及待修复缺陷
2、openEuler-20.03-LTS-SP3 Update 20230802发布情况及待修复缺陷
3、openEuler-22.03-LTS Update 20230802发布情况及待修复缺陷
4、openEuler-22.03-LTS-SP1 Update 20230802发布情况及待修复缺陷
5、openEuler-22.03-LTS-SP2 Update 20230802发布情况及待修复缺陷
6、openEuler 关键组件待修复CVE 清单
7、openEuler 社区指导文档及开放平台链接
本次update版本发布后,下一个版本里程碑点(预计在2023/08/13)提供 update_ 20230809 版本。
openEuler-20.03-LTS-SP1 Update 20230802
经各SIG及社区开发者贡献,本周openEuler-20.03-LTS-SP1修复版本已知问题1个,已知漏洞19个。目前版本分支剩余待修复缺陷20个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库
openEuler-20.03-LTS-SP1 Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7P5IR?from=project-i…
CVE修复:
CVE
仓库
score
CVE-2021-45960
firefox
8.8
CVE-2022-22825
firefox
8.8
CVE-2022-22826
firefox
8.8
CVE-2022-22827
firefox
8.8
CVE-2022-24834
redis
8.8
CVE-2021-46143
firefox
7.8
CVE-2023-3611
kernel
7.8
CVE-2023-0664
qemu
7.8
CVE-2023-21255
kernel
7.8
CVE-2023-3609
kernel
7.8
CVE-2023-3776
kernel
7.8
CVE-2023-3812
kernel
7.8
CVE-2023-38408
openssh
7.5
CVE-2022-23491
python-certifi
7.5
CVE-2023-37920
python-certifi
7.5
CVE-2023-2861
qemu
6.0
CVE-2023-3446
openssl
5.3
CVE-2023-38289
libtiff
3.3
CVE-2023-38288
libtiff
3.3
Bugfix:
issue
仓库
#I7OSIE:【openEuler-1.0-LTS】hns网卡收发包时反复修改tso,会触发网卡异常
kernel
openEuler-20.03-LTS-SP1版本编译构建信息查询链接:
https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1
https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1:Epol
openEuler-20.03-LTS-SP1 Update版本 发布源链接:
https://repo.openeuler.org/openEuler-20.03-LTS-SP1/update/
https://repo.openeuler.org/openEuler-20.03-LTS-SP1/EPOL/update/
openEuler CVE 及安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-20.03-LTS-SP1 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高):
里程碑
任务ID
任务标题
优先级
sig组
关联仓库
openEuler 20.03-LTS-SP1
I4J0OY
【20.03 SP1】【arm/x86】安装好libdap后,getdap4命令的-i和-k参数使用异常
主要
sig/sig-recycle
libdap
openEuler 20.03-LTS-SP1
I4JMG4
【20.03 SP1】【arm/x86】robotframework包的三个命令:libdoc、rebot、robot执行--help/-h/-?/--version,查看帮助信息和版本信息,返回值为251
主要
sig/sig-ROS
python-robotframework
openEuler 20.03-LTS-SP1
I5DLX7
[20.03 22.03] 管理员指南操作文档mysql服务搭建指导文档有误
主要
sig/doc
docs
openEuler 20.03LTS SP1 update2103
I3E5C1
【20.03-SP1】【arm/x86】服务启动失败
主要
sig/bigdata
hadoop
openEuler 20.03LTS SP1 update210901
I48GIM
【20.03LTS SP1 update 210901】ovirt-cockpit-sso.service服务启动失败
主要
sig/oVirt
ovirt-cockpit-sso
openEuler 20.03-LTS-SP1
I6VFAE
[20.03 SP1] [x86/arm] mariadb授权给远程用户,远程连接服务失败
次要
sig/DB
mariadb
openEuler 20.03-LTS-SP1
I4G4A5
Undefine-shift in _bfd_safe_read_leb128
无优先级
sig/Base-service
binutils
openEuler 20.03-LTS-SP1
I4G4B1
Integer overflow in print_vms_time
无优先级
sig/Base-service
binutils
openEuler 20.03-LTS-SP1
I4G4VY
memleak in parse_gnu_debugaltlink
无优先级
sig/Base-service
binutils
openEuler 20.03-LTS-SP1
I4G4WF
Heap-buffer-overflow in slurp_hppa_unwind_table
无优先级
sig/Base-service
binutils
openEuler 20.03-LTS-SP1
I4G4WW
Use-after-free in make_qualified_name
无优先级
sig/Base-service
binutils
openEuler 20.03-LTS-SP1
I4G4X6
memleak in byte_get_little_endian
无优先级
sig/Base-service
binutils
openEuler 20.03-LTS-SP1
I4G4XF
memleak in process_mips_specific
无优先级
sig/Base-service
binutils
openEuler 20.03-LTS-SP1
I4G4Y0
out-of-memory in vms_lib_read_index
无优先级
sig/Base-service
binutils
openEuler 20.03-LTS-SP1
I4G4YJ
Heap-buffer-overflow in bfd_getl16
无优先级
sig/Base-service
binutils
openEuler 20.03-LTS-SP1
I4G4YV
Floating point exception in _bfd_vms_slurp_etir
无优先级
sig/Base-service
binutils
openEuler 20.03LTS SP1 update210926
I4CMSV
【20.03-LTS-SP1】【arm/x86】搭建Kubernetes 集群缺少包etcd
无优先级
sig/TC
community
openEuler 20.03LTS SP1 update220111
I4QV6N
【openEuler-20.03-LTS-SP1】flink命令执行失败
无优先级
sig/sig-ai-bigdata
flink
openEuler-20.03-LTS-SP1
I3QGU7
系统不支持GB18030
无优先级
sig/TC
community
openEuler-20.03-LTS-SP1-dailybuild
I5Y99T
mate-desktop install problem in openEuler:20:03:LTS:SP1
无优先级
sig/sig-mate-desktop
mate-desktop
openEuler-20.03-LTS-SP3 Update 20230802
经各SIG及社区开发者贡献,本周openEuler-20.03-LTS-SP3修复版本已知问1个,已知漏洞19个。目前版本分支剩余待修复缺陷 7个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库
openEuler-20.03-LTS-SP3 Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7P5IS?from=project-i…
CVE修复:
CVE
仓库
score
CVE-2021-45960
firefox
8.8
CVE-2022-22825
firefox
8.8
CVE-2022-22826
firefox
8.8
CVE-2022-22827
firefox
8.8
CVE-2022-24834
redis
8.8
CVE-2021-46143
firefox
7.8
CVE-2023-3611
kernel
7.8
CVE-2023-0664
qemu
7.8
CVE-2023-21255
kernel
7.8
CVE-2023-3609
kernel
7.8
CVE-2023-3776
kernel
7.8
CVE-2023-3812
kernel
7.8
CVE-2022-23491
python-certifi
7.5
CVE-2023-37920
python-certifi
7.5
CVE-2023-38408
openssh
7.5
CVE-2023-2861
qemu
6.0
CVE-2023-3446
openssl
5.3
CVE-2023-38289
libtiff
3.3
CVE-2023-38288
libtiff
3.3
Bugfix:
issue
仓库
#I7OSIE:【openEuler-1.0-LTS】hns网卡收发包时反复修改tso,会触发网卡异常
kernel
openEuler-20.03-LTS-SP3版本编译构建信息查询链接:
https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3
https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3:Epol
openEuler-20.03-LTS-SP3 Update版本 发布源链接:
https://repo.openeuler.org/openEuler-20.03-LTS-SP3/update/
https://repo.openeuler.org/openEuler-20.03-LTS-SP3/EPOL/update/main/
openEuler CVE及安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-20.03-LTS-SP3 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高):
里程碑
任务ID
任务标题
优先级
sig组
关联仓库
openEuler 20.03 LTS SP3 update20220801
I5LYJK
【20.03-sp3_update20220801】【x86】对内核版进行升级后,TCP_option_address安装异常
主要
sig/Kernel
TCP_option_address
openEuler 20.03-LTS-SP3
I5KXUY
【20.03 LTS SP3 update 20220803】【arm/x86】ovirt-cockpit-sso.service服务启动失败
主要
sig/oVirt
ovirt-cockpit-sso
openEuler-20.03-LTS-SP3
I5KY4S
【20.03 LTS SP3 update 20220803】【arm/x86】vdsmd.service服务启动失败,导致mom-vdsm.service服务无法启动成功
主要
sig/oVirt
vdsm
openEuler-20.03-LTS-SP3
I72EAT
【20.03 SP3】php相关包在20.03 LTS SP3降级失败
主要
sig/Base-service
php
openEuler 20.03LTS SP3 update220111
I4QV7S
【openEuler-20.03-LTS-SP3】flink run 命令执行失败
无优先级
sig/sig-ai-bigdata
flink
openEuler-20.03-LTS-SP3
I6VFMI
[20.03 SP3] [x86/arm] mariadb授权给远程用户,远程连接服务失败
次要
sig/DB
mariadb
openEuler-20.03-LTS-SP3
I72HWV
【20.03-lts-sp3】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败
次要
sig/Base-service
php
openEuler-22.03-LTS Update 20230802
经各SIG及社区开发者贡献,本周openEuler-22.03-LTS修复版本已知问题2个,已知漏洞19个。目前版本分支剩余待修复缺陷3个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库
openEuler-22.03-LTS Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7P5IT?from=project-i…
CVE修复:
CVE
仓库
score
CVE-2023-38426
kernel
9.1
CVE-2022-24834
redis
8.8
CVE-2022-1050
qemu
8.8
CVE-2023-0664
qemu
7.8
CVE-2023-3610
kernel
7.8
CVE-2023-3611
kernel
7.8
CVE-2023-3812
kernel
7.8
CVE-2022-23491
python-certifi
7.5
CVE-2023-37920
python-certifi
7.5
CVE-2023-38408
openssh
7.5
CVE-2023-32248
kernel
7.5
CVE-2023-3567
kernel
6.7
CVE-2023-2163
kernel
6.3
CVE-2023-2861
qemu
6.0
CVE-2022-40896
python-pygments
5.5
CVE-2023-32255
kernel
5.3
CVE-2023-3446
openssl
5.3
CVE-2023-38289
libtiff
3.3
CVE-2023-38288
libtiff
3.3
Bugfix:
issue
仓库
#I5M4N4:【22.03 LTS update 20220811】【arm/x86】openstack-ironic-inspector-conductor.service服务start失败
openstack-ironic-inspector
#I7PO2D:sysmaster新增到openEuler-22.03-LTS Update 和 openEuler-22.03-LTS-SP1 Update发布
sysmaster
openEuler-22.03-LTS版本编译构建信息查询链接:
https://build.openeuler.org/project/show/openEuler:22.03:LTS
https://build.openeuler.org/project/show/openEuler:22.03:LTS:Epol
openEuler-22.03-LTS Update版本 发布源链接:
https://repo.openeuler.org/openEuler-22.03-LTS/update/
https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/main/
https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op…
https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op…
https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/ob…
openEuler CVE 及 安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-22.03-LTS Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高):
里程碑
任务ID
任务标题
优先级
sig
关联仓库
openEuler-22.03-LTS
I6VFRX
[22.03-LTS][x86/arm]mariadb授权给远程用户,远程连接服务失败
次要
sig/DB
mariadb
openEuler-22.03-LTS
I72N5G
【22.03-lts】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败
次要
sig/Base-service
php
openEuler-22.03-LTS update20230726
I7ORCE
【arm\x86】selinux-policy-base的版本不符合ceph子包的安装条件,ceph子包安装失败; cephadm卸载有异常打印
主要
sig/SDS
ceph
openEuler-22.03-LTS-SP1 Update 20230802
经各SIG及社区开发者贡献,本周openEuler-22.03-LTS-SP1修复版本已知问题4个,已知漏洞17个。目前版本分支剩余待修复缺陷9个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库
openEuler-22.03-LTS SP1 Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7P5IQ?from=project-i…
CVE修复:
CVE
仓库
score
CVE-2023-38426
kernel
9.1
CVE-2022-24834
redis
8.8
CVE-2023-0664
qemu
7.8
CVE-2023-3611
kernel
7.8
CVE-2023-3610
kernel
7.8
CVE-2022-23491
python-certifi
7.5
CVE-2023-37920
python-certifi
7.5
CVE-2023-38408
openssh
7.5
CVE-2023-32248
kernel
7.5
CVE-2023-3567
kernel
6.7
CVE-2023-2163
kernel
6.3
CVE-2023-2861
qemu
6.0
CVE-2022-40896
python-pygments
5.5
CVE-2023-3446
openssl
5.3
CVE-2023-32255
kernel
5.3
CVE-2023-38289
libtiff
3.3
CVE-2023-38288
libtiff
3.3
Bugfix:
issue
仓库
#I7PO4V:openEuler-22.03-LTS-SP1 Update引入gcc-7
gcc-7
#I7PO37:openEuler-22.03-LTS-SP1 Update引入lld
lld
#I7PO1C:openEuler-22.03-LTS-SP1 Update引入openmp
openmp
#I7PO2D:sysmaster新增到openEuler-22.03-LTS Update 和 openEuler-22.03-LTS-SP1 Update发布
sysmaster
openEuler-22.03-LTS SP1版本编译构建信息查询链接:
https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP1
https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP1:Ep…
openEuler-22.03-LTS SP1 Update版本 发布源链接:
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/update/
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/main/
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_versio…
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_versio…
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_versio…
openEuler CVE 及 安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-22.03-LTS-SP1 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高):
里程碑
任务ID
任务标题
优先级
标签
关联仓库
openEuler-22.03-LTS-SP1
I7LW30
【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during IPA pass: struct_reorg(in wide_int_to_tree_1, at tree.c:1575)
主要
sig/Compiler
gcc
openEuler-22.03-LTS-SP1
I7LWCW
【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:internal compiler error: Segmentation fault
主要
sig/Compiler
gcc
openEuler-22.03-LTS-SP1
I7LWK7
【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during IPA pass: struct_reorg(in get_type_field, at ipa-struct-reorg/ipa-struct-reorg.c:4394)
主要
sig/Compiler
gcc
openEuler-22.03-LTS-SP1
I7LWO1
【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during RTL pass: expand(in convert_move, at expr.c:219)
主要
sig/Compiler
gcc
openEuler-22.03-LTS-SP1
I7LX07
【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during IPA pass: struct_reorg(in get_type_field, at ipa-struct-reorg/ipa-struct-reorg.c:4379)
主要
sig/Compiler
gcc
openEuler 22.03-SP1
I6B4V1
【22.03 SP1 update 20230118】【arm】libhdfs在arm架构降级失败,x86正常
主要
sig/bigdata
hadoop
openEuler-22.03-LTS-SP1
I6VFV6
[22.03 SP1] [x86/arm] mariadb授权给远程用户,远程连接服务失败
次要
sig/DB
mariadb
openEuler-22.03-LTS-SP1
I73CKF
【22.03-lts-sp1】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败
次要
sig/Base-service
php
openEuler-22.03-LTS-SP1 update20230726
I7OR2I
【22.03 LTS SP1 update20230726】【arm\x86】selinux-policy-base的版本不符合ceph子包的安装条件,ceph子包安装失败
主要
sig/SDS
ceph
openEuler-22.03-LTS-SP2 Update 20230802
经各SIG及社区开发者贡献,本周openEuler-22.03-LTS-SP2修复版本已知问题2个,已知漏洞17个。目前版本分支剩余待修复缺陷2个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库
openEuler-22.03-LTS-SP2 Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7P66G?from=project-i…
CVE修复:
CVE
仓库
score
CVE-2023-38426
kernel
9.1
CVE-2022-24834
redis
8.8
CVE-2023-0664
qemu
7.8
CVE-2023-3611
kernel
7.8
CVE-2023-3610
kernel
7.8
CVE-2022-23491
python-certifi
7.5
CVE-2023-37920
python-certifi
7.5
CVE-2023-38408
openssh
7.5
CVE-2023-32248
kernel
7.5
CVE-2023-3567
kernel
6.7
CVE-2023-2163
kernel
6.3
CVE-2023-2861
qemu
6.0
CVE-2022-40896
python-pygments
5.5
CVE-2023-3446
openssl
5.3
CVE-2023-32255
kernel
5.3
CVE-2023-38289
libtiff
3.3
CVE-2023-38288
libtiff
3.3
Bugfix:
issue
仓库
#I7NQLN:安装UKUI后无法重新生成grub配置
ukui-themes
#I7L3KF:【22.03 -LTS-SP2】安装libvirt软件包后,启动libvirtd有报错,并且会导致环境网络不通
ebtables
openEuler-22.03-LTS SP2版本编译构建信息查询链接:
https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP2
https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP2:Ep…
openEuler-22.03-LTS SP2 Update版本 发布源链接:
https://repo.openeuler.org/openEuler-22.03-LTS-SP2/update/
https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/main/
https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/multi_versio…
https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/multi_versio…
openEuler CVE 及 安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-22.03-LTS-SP2 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高):
里程碑
任务ID
任务标题
优先级
标签
关联仓库
openEuler-22.03-LTS-SP2-round-2
I795G3
【22.03-LTS-SP2 round2】本次转测源中出现多个版本的containers-common
主要
sig/sig-CloudNative
skopeo
openEuler-22.03-LTS-SP2-SEC
I7AFIR
【22.03-LTS-SP2 round2】【x86/arm】libkae-1.2.10-6.oe2203sp2安全编译选项Rpath/Runpath不满足
主要
sig/sig-AccLib
libkae
社区待修复漏洞:
openEuler社区根据漏洞严重等级采取差异化的修复策略,请各个SIG 关注涉及CVE组件的修复情况。
严重等级(Severity Rating)
漏洞修复时长
致命(Critical)
7天
高(High)
14天
中(Medium)
30天
低(Low)
30天
可参考社区安全委员会漏洞:https://gitee.com/openeuler/security-committee/wikis/%E7%A4%BE…
近14天将超期CVE(8.6日数据):
漏洞编号
Issue ID
剩余天数
CVSS评分
软件包
责任SIG
CVE-2023-39017
I7QM67
5
9.8
quartz
sig/sig-Java
CVE-2023-4058
I7PRWB
3
9.8
firefox
sig/Application
CVE-2023-4057
I7PRWR
3
9.8
firefox
sig/Application
CVE-2023-4056
I7PRX5
3
9.8
firefox
sig/Application
CVE-2019-9641
I7PDC3
2
9.8
php
sig/Base-service
CVE-2022-0323
I7Q15A
10
8.8
php
sig/Base-service
CVE-2023-37268
I7LBRP
8
8.8
mysql
sig/Others
CVE-2023-37268
I7LBRR
8
8.8
mysql5
sig/DB
CVE-2023-2234
I7K4AU
4
8.8
zephyr
sig/sig-Zephyr
CVE-2022-45855
I7K4B5
4
8.8
ambari
sig/bigdata
CVE-2022-42009
I7K4BF
4
8.8
ambari
sig/bigdata
CVE-2023-4004
I7P3TK
7
7.8
kernel
sig/Kernel
CVE-2023-30577
I7OB1W
4
7.8
amanda
sig/Application
CVE-2023-4051
I7PRX1
10
7.5
firefox
sig/Application
CVE-2019-9640
I7PDBJ
8
7.5
php
sig/Base-service
CVE-2019-9638
I7PDDJ
8
7.5
php
sig/Base-service
CVE-2019-9639
I7PDDO
8
7.5
php
sig/Base-service
CVE-2019-9637
I7PDHZ
8
7.5
php
sig/Base-service
CVE-2023-37463
I7L1Z0
7
7.5
cmark
sig/GNOME
CVE-2023-29458
I7L0C0
6
7.5
duktape
sig/Base-service
CVE-2023-0359
I7K4AV
4
7.5
zephyr
sig/sig-Zephyr
CVE-2023-38285
I7OLHN
4
7.5
mod_security
sig/System-tool
CVE-2023-29451
I7NYXP
3
7.5
zabbix
sig/Base-service
CVE-2023-38633
I7N7UT
1
7.5
librsvg2
sig/Desktop
CVE-2023-29406
I7KG3Q
5
6.5
perl-Net-HTTP
sig/Programming-lang
CVE-2023-29455
I7L0C8
6
6.1
zabbix
sig/Base-service
CVE-2023-29457
I7L0CB
6
6.1
zabbix
sig/Base-service
CVE-2023-36942
I7OM6K
5
6.1
mysql
sig/Others
CVE-2023-36942
I7OM6L
5
6.1
mysql5
sig/DB
CVE-2023-22053
I7M5UJ
12
5.9
mysql5
sig/DB
CVE-2023-22043
I7M5V2
12
5.9
openjdk-latest
sig/Compiler
CVE-2023-22053
I7M5V8
12
5.9
mysql
sig/Others
CVE-2023-22043
I7M5VN
12
5.9
openjdk-1.8.0
sig/Compiler
CVE-2023-22043
I7M5VO
12
5.9
openjdk-11
sig/Compiler
CVE-2023-38403
I7LTYL
11
5.5
iperf3
sig/Application
CVE-2023-3648
I7KXE5
6
5.5
wireshark
sig/Application
CVE-2023-3649
I7KXEB
6
5.5
wireshark
sig/Application
CVE-2023-25399
I7KM76
5
5.5
scipy
sig/Computing
CVE-2023-34036
I7LSFV
10
5.3
springframework-hateoas
sig/sig-Java
CVE-2023-33008
I7LDU0
8
5.3
johnzon
sig/sig-Java
CVE-2023-22041
I7M5V1
12
5.1
openjdk-latest
sig/Compiler
CVE-2023-22041
I7M5VL
12
5.1
openjdk-1.8.0
sig/Compiler
CVE-2023-22041
I7M5VM
12
5.1
openjdk-11
sig/Compiler
CVE-2023-22007
I7M5U1
12
4.9
mysql
sig/Others
CVE-2023-22056
I7M5UF
12
4.9
mysql
sig/Others
CVE-2023-22054
I7M5UR
12
4.9
mysql
sig/Others
CVE-2023-22046
I7M5US
12
4.9
mysql5
sig/DB
CVE-2023-22057
I7M5UV
12
4.9
mysql
sig/Others
CVE-2023-21950
I7M5UW
12
4.9
mysql
sig/Others
CVE-2023-22008
I7M5V3
12
4.9
mysql
sig/Others
CVE-2023-22007
I7M5V4
12
4.9
mysql5
sig/DB
CVE-2023-22056
I7M5V5
12
4.9
mysql5
sig/DB
CVE-2023-22054
I7M5VB
12
4.9
mysql5
sig/DB
CVE-2023-22046
I7M5VC
12
4.9
mysql
sig/Others
CVE-2023-22057
I7M5VF
12
4.9
mysql5
sig/DB
CVE-2023-21950
I7M5VG
12
4.9
mysql5
sig/DB
CVE-2023-22008
I7M5VP
12
4.9
mysql5
sig/DB
CVE-2023-29449
I7L1GD
6
4.9
zabbix
sig/Base-service
CVE-2023-36940
I7K6GL
4
4.8
mysql
sig/Others
CVE-2023-36940
I7K6HT
4
4.8
mysql5
sig/DB
CVE-2023-22033
I7M5UI
12
4.4
mysql
sig/Others
CVE-2023-22005
I7M5UT
12
4.4
mysql
sig/Others
CVE-2023-22058
I7M5UY
12
4.4
mysql5
sig/DB
CVE-2023-22033
I7M5V7
12
4.4
mysql5
sig/DB
CVE-2023-22005
I7M5VD
12
4.4
mysql5
sig/DB
CVE-2023-22058
I7M5VI
12
4.4
mysql
sig/Others
CVE-2023-22036
I7M5UM
12
3.7
openjdk-latest
sig/Compiler
CVE-2023-22045
I7M5UU
12
3.7
openjdk-latest
sig/Compiler
CVE-2023-22049
I7M5UX
12
3.7
openjdk-latest
sig/Compiler
CVE-2023-22044
I7M5UZ
12
3.7
openjdk-latest
sig/Compiler
CVE-2023-22036
I7M5V9
12
3.7
openjdk-1.8.0
sig/Compiler
CVE-2023-22045
I7M5VE
12
3.7
openjdk-1.8.0
sig/Compiler
CVE-2023-22049
I7M5VH
12
3.7
openjdk-1.8.0
sig/Compiler
CVE-2023-22044
I7M5VJ
12
3.7
openjdk-1.8.0
sig/Compiler
CVE-2023-22036
I7M5VQ
12
3.7
openjdk-11
sig/Compiler
CVE-2023-22045
I7M5VS
12
3.7
openjdk-11
sig/Compiler
CVE-2023-22049
I7M5VT
12
3.7
openjdk-11
sig/Compiler
CVE-2023-22044
I7M5VU
12
3.7
openjdk-11
sig/Compiler
CVE-2023-22048
I7M5UH
12
3.1
mysql
sig/Others
CVE-2023-22006
I7M5V0
12
3.1
openjdk-latest
sig/Compiler
CVE-2023-22048
I7M5V6
12
3.1
mysql5
sig/DB
CVE-2023-22006
I7M5VK
12
3.1
openjdk-1.8.0
sig/Compiler
CVE-2023-22006
I7M5VV
12
3.1
openjdk-11
sig/Compiler
CVE-2023-22038
I7M5UQ
12
2.7
mysql5
sig/DB
CVE-2023-22038
I7M5VA
12
2.7
mysql
sig/Others
openEuler 社区指导文档及开放平台链接:
openEuler 版本分支维护规范:
https://gitee.com/openeuler/release-management/blob/master/openEuler%E7%89%…
openEuler release-management 版本分支PR指导:
https://gitee.com/openeuler/release-management/blob/master/openEuler%E5%BC%…
社区QA 版本测试提单规范
https://gitee.com/openeuler/QA/blob/master/%E7%A4%BE%E5%8C%BA%E7%89%88%E6%9…
社区QA 测试平台 radiates
https://radiatest.openeuler.org<https://radiatest.openeuler.org/>
> From: "update版本发布邮箱"<update(a)openeuler.sh>
> Date: Sat, Jul 29, 2023, 15:38
> Subject: openEuler update_20230726版本发布公告
> To: "release"<release(a)openeuler.org>, "dev"<dev(a)openeuler.org>, "qa"<qa(a)openeuler.org>, "sa-announce"<sa-announce(a)openeuler.org>
> 主题: openEuler update_20230726版本发布公告
>
> Dear all,
> 经社区Release SIG、QA SIG及 CICD SIG 评估,openEuler-20.03-LTS-SP1、openEuler-20.03-LTS-SP3、openEuler-22.03-LTS、openEuler-22.03-LTS-SP1及openEuler-22.03-LTS-SP2 update版本满足版本出口质量,现进行发布公示。
> 本公示分为七部分:
> 1、openEuler-20.03-LTS-SP1 Update 20230726发布情况及待修复缺陷
> 2、openEuler-20.03-LTS-SP3 Update 20230726发布情况及待修复缺陷
> 3、openEuler-22.03-LTS Update 20230726发布情况及待修复缺陷
> 4、openEuler-22.03-LTS-SP1 Update 20230726发布情况及待修复缺陷
> 5、openEuler-22.03-LTS-SP2 Update 20230726发布情况及待修复缺陷
> 6、openEuler 关键组件待修复CVE 清单
> 7、openEuler 社区指导文档及开放平台链接
> 本次update版本发布后,下一个版本里程碑点(预计在2023/08/02)提供 update_ 20230804 版本。
>
> openEuler-20.03-LTS-SP1 Update 20230726
> 经各SIG及社区开发者贡献,本周openEuler-20.03-LTS-SP1修复版本已知问题2个,已知漏洞16个。目前版本分支剩余待修复缺陷20个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库
>
> openEuler-20.03-LTS-SP1 Update版本CVE修复 及Bugfix list公示链接:
> https://gitee.com/openeuler/release-management/issues/I7NBS3?from=project-i…
>
> CVE修复:
> CVE
> 仓库
> score
> CVE-2021-33294
> elfutils
> 2.5
> CVE-2023-33733
> python-reportlab
> 7.8
> CVE-2022-45886
> kernel
> 7.0
> CVE-2023-3390
> kernel
> 7.8
> CVE-2023-35001
> kernel
> 7.8
> CVE-2023-34966
> samba
> 7.5
> CVE-2023-34967
> samba
> 5.3
> CVE-2022-2127
> samba
> 5.9
> CVE-2023-37464
> cjose
> 8.6
> CVE-2023-3428
> ImageMagick
> 6.2
> CVE-2023-3611
> kernel
> 7.8
> CVE-2020-23064
> doxygen
> 6.1
> CVE-2023-32001
> curl
> 5.5
> CVE-2022-22824
> firefox
> 9.8
> CVE-2022-22823
> firefox
> 9.8
> CVE-2022-22822
> firefox
> 9.8
>
>
> Bugfix:
> issue
> 仓库
> #I5G81X:【20.03 SP1】selinux-policy卸载异常
> selinux-policy
> #I7M52S:【OLK-5.10】kmemleak in mpam_resctrl_cpu_online
> kernel
>
>
> openEuler-20.03-LTS-SP1版本编译构建信息查询链接:
> https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1
> https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1:Epol
>
> openEuler-20.03-LTS-SP1 Update版本 发布源链接:
> https://repo.openeuler.org/openEuler-20.03-LTS-SP1/update/
> https://repo.openeuler.org/openEuler-20.03-LTS-SP1/EPOL/update/
>
> openEuler CVE 及安全公告公示链接:
> https://www.openeuler.org/zh/security/cve/
> https://www.openeuler.org/zh/security/safety-bulletin/
> https://repo.openeuler.org/security/data/cvrf/
>
> openEuler-20.03-LTS-SP1 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高):
>
>
> 里程碑
> 任务ID
> 任务标题
> 优先级
> sig组
> 关联仓库
> openEuler 20.03-LTS-SP1
> I4J0OY
> 【20.03 SP1】【arm/x86】安装好libdap后,getdap4命令的-i和-k参数使用异常
> 主要
> sig/sig-recycle
> libdap
> openEuler 20.03-LTS-SP1
> I4JMG4
> 【20.03 SP1】【arm/x86】robotframework包的三个命令:libdoc、rebot、robot执行--help/-h/-?/--version,查看帮助信息和版本信息,返回值为251
> 主要
> sig/sig-ROS
> python-robotframework
> openEuler 20.03-LTS-SP1
> I5DLX7
> [20.03 22.03] 管理员指南操作文档mysql服务搭建指导文档有误
> 主要
> sig/doc
> docs
> openEuler 20.03LTS SP1 update2103
> I3E5C1
> 【20.03-SP1】【arm/x86】服务启动失败
> 主要
> sig/bigdata
> hadoop
> openEuler 20.03LTS SP1 update210901
> I48GIM
> 【20.03LTS SP1 update 210901】ovirt-cockpit-sso.service服务启动失败
> 主要
> sig/oVirt
> ovirt-cockpit-sso
> openEuler 20.03-LTS-SP1
> I6VFAE
> [20.03 SP1] [x86/arm] mariadb授权给远程用户,远程连接服务失败
> 次要
> sig/DB
> mariadb
> openEuler 20.03-LTS-SP1
> I4G4A5
> Undefine-shift in _bfd_safe_read_leb128
> 无优先级
> sig/Base-service
> binutils
> openEuler 20.03-LTS-SP1
> I4G4B1
> Integer overflow in print_vms_time
> 无优先级
> sig/Base-service
> binutils
> openEuler 20.03-LTS-SP1
> I4G4VY
> memleak in parse_gnu_debugaltlink
> 无优先级
> sig/Base-service
> binutils
> openEuler 20.03-LTS-SP1
> I4G4WF
> Heap-buffer-overflow in slurp_hppa_unwind_table
> 无优先级
> sig/Base-service
> binutils
> openEuler 20.03-LTS-SP1
> I4G4WW
> Use-after-free in make_qualified_name
> 无优先级
> sig/Base-service
> binutils
> openEuler 20.03-LTS-SP1
> I4G4X6
> memleak in byte_get_little_endian
> 无优先级
> sig/Base-service
> binutils
> openEuler 20.03-LTS-SP1
> I4G4XF
> memleak in process_mips_specific
> 无优先级
> sig/Base-service
> binutils
> openEuler 20.03-LTS-SP1
> I4G4Y0
> out-of-memory in vms_lib_read_index
> 无优先级
> sig/Base-service
> binutils
> openEuler 20.03-LTS-SP1
> I4G4YJ
> Heap-buffer-overflow in bfd_getl16
> 无优先级
> sig/Base-service
> binutils
> openEuler 20.03-LTS-SP1
> I4G4YV
> Floating point exception in _bfd_vms_slurp_etir
> 无优先级
> sig/Base-service
> binutils
> openEuler 20.03LTS SP1 update210926
> I4CMSV
> 【20.03-LTS-SP1】【arm/x86】搭建Kubernetes 集群缺少包etcd
> 无优先级
> sig/TC
> community
> openEuler 20.03LTS SP1 update220111
> I4QV6N
> 【openEuler-20.03-LTS-SP1】flink命令执行失败
> 无优先级
> sig/sig-ai-bigdata
> flink
> openEuler-20.03-LTS-SP1
> I3QGU7
> 系统不支持GB18030
> 无优先级
> sig/TC
> community
> openEuler-20.03-LTS-SP1-dailybuild
> I5Y99T
> mate-desktop install problem in openEuler:20:03:LTS:SP1
> 无优先级
> sig/sig-mate-desktop
> mate-desktop
>
>
> openEuler-20.03-LTS-SP3 Update 20230726
> 经各SIG及社区开发者贡献,本周openEuler-20.03-LTS-SP3修复版本已知问2个,已知漏洞15个。目前版本分支剩余待修复缺陷 7个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库
>
> openEuler-20.03-LTS-SP3 Update版本CVE修复 及Bugfix list公示链接:
> https://gitee.com/openeuler/release-management/issues/I7NBS4?from=project-i…
>
> CVE修复:
> CVE
> 仓库
> score
> CVE-2023-33733
> python-reportlab
> 7.8
> CVE-2022-45886
> kernel
> 7.0
> CVE-2023-3390
> kernel
> 7.8
> CVE-2023-35001
> kernel
> 7.8
> CVE-2023-3428
> ImageMagick
> 6.2
> CVE-2023-34966
> samba
> 7.5
> CVE-2023-34967
> samba
> 5.3
> CVE-2022-2127
> samba
> 5.9
> CVE-2023-37464
> cjose
> 8.6
> CVE-2021-33294
> elfutils
> 2.5
> CVE-2020-23064
> doxygen
> 6.1
> CVE-2023-32001
> curl
> 5.5
> CVE-2022-22824
> firefox
> 9.8
> CVE-2022-22823
> firefox
> 9.8
> CVE-2022-22822
> firefox
> 9.8
>
>
> Bugfix:
> issue
> 仓库
> #I5SCLC:【20.03 SP3】selinux-policy卸载异常
> selinux-policy
> #I7M52S:【OLK-5.10】kmemleak in mpam_resctrl_cpu_online
> kernel
>
>
> openEuler-20.03-LTS-SP3版本编译构建信息查询链接:
> https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3
> https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3:Epol
>
> openEuler-20.03-LTS-SP3 Update版本 发布源链接:
> https://repo.openeuler.org/openEuler-20.03-LTS-SP3/update/
> https://repo.openeuler.org/openEuler-20.03-LTS-SP3/EPOL/update/main/
>
> openEuler CVE及安全公告公示链接:
> https://www.openeuler.org/zh/security/cve/
> https://www.openeuler.org/zh/security/safety-bulletin/
> https://repo.openeuler.org/security/data/cvrf/
>
>
> openEuler-20.03-LTS-SP3 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高):
> 里程碑
> 任务ID
> 任务标题
> 优先级
> sig组
> 关联仓库
> openEuler 20.03 LTS SP3 update20220801
> I5LYJK
> 【20.03-sp3_update20220801】【x86】对内核版进行升级后,TCP_option_address安装异常
> 主要
> sig/Kernel
> TCP_option_address
> openEuler 20.03-LTS-SP3
> I5KXUY
> 【20.03 LTS SP3 update 20220803】【arm/x86】ovirt-cockpit-sso.service服务启动失败
> 主要
> sig/oVirt
> ovirt-cockpit-sso
> openEuler-20.03-LTS-SP3
> I5KY4S
> 【20.03 LTS SP3 update 20220803】【arm/x86】vdsmd.service服务启动失败,导致mom-vdsm.service服务无法启动成功
> 主要
> sig/oVirt
> vdsm
> openEuler-20.03-LTS-SP3
> I72EAT
> 【20.03 SP3】php相关包在20.03 LTS SP3降级失败
> 主要
> sig/Base-service
> php
> openEuler 20.03LTS SP3 update220111
> I4QV7S
> 【openEuler-20.03-LTS-SP3】flink run 命令执行失败
> 无优先级
> sig/sig-ai-bigdata
> flink
> openEuler-20.03-LTS-SP3
> I6VFMI
> [20.03 SP3] [x86/arm] mariadb授权给远程用户,远程连接服务失败
> 次要
> sig/DB
> mariadb
> openEuler-20.03-LTS-SP3
> I72HWV
> 【20.03-lts-sp3】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败
> 次要
> sig/Base-service
> php
>
>
> openEuler-22.03-LTS Update 20230726
> 经各SIG及社区开发者贡献,本周openEuler-22.03-LTS修复版本已知问题5个,已知漏洞10个。目前版本分支剩余待修复缺陷5个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库
>
>
> openEuler-22.03-LTS Update版本CVE修复 及Bugfix list公示链接:
> https://gitee.com/openeuler/release-management/issues/I7NBS6?from=project-i…
>
> CVE修复:
> CVE
> 仓库
> score
> CVE-2023-33733
> python-reportlab
> 7.8
> CVE-2022-45886
> kernel
> 7.0
> CVE-2023-3390
> kernel
> 7.8
> CVE-2023-35001
> kernel
> 7.8
> CVE-2023-34966
> samba
> 7.5
> CVE-2023-34967
> samba
> 5.3
> CVE-2022-2127
> samba
> 5.9
> CVE-2023-3428
> ImageMagick
> 6.2
> CVE-2023-37464
> cjose
> 8.6
> CVE-2023-32001
> curl
> 5.5
>
>
> Bugfix:
> issue
> 仓库
> #I7I0TJ:libcurl 使用http代理场景下可能出现double free问题
> curl
> #I612UG:hulk昇腾特性补丁回合
> kernel
> #I7MBX6:upgrade to jdk11.0.20-ga
> openjdk-11
> #I7OE6Z:删除Obsoletes,取消包冲突
> zbar
> #I7OEV1:adwaita-qt spec中changelog中release错误
> adwaita-qt
>
>
> openEuler-22.03-LTS版本编译构建信息查询链接:
> https://build.openeuler.org/project/show/openEuler:22.03:LTS
> https://build.openeuler.org/project/show/openEuler:22.03:LTS:Epol
>
> openEuler-22.03-LTS Update版本 发布源链接:
> https://repo.openeuler.org/openEuler-22.03-LTS/update/
> https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/main/
> https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op…
> https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op…
> https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/ob…
>
> openEuler CVE 及 安全公告公示链接:
> https://www.openeuler.org/zh/security/cve/
> https://www.openeuler.org/zh/security/safety-bulletin/
> https://repo.openeuler.org/security/data/cvrf/
>
> openEuler-22.03-LTS Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高):
> 里程碑
> 任务ID
> 任务标题
> 优先级
> sig
> 关联仓库
> openEuler-22.03-LTS
> I5RHYO
> 【22.09 RC4】【arm/x86】package.ini中的redis_host配置为不存在的ip,重启pkgship服务失败,服务一直在尝试重启
> 主要
> sig/sig-EasyLife
> pkgship
> openEuler-22.03-LTS
> I7HH1A
> 【22.03 LTS update20230628】qemu缺少安装依赖,安装失败
> 主要
> sig/Virt
> qemu
> openEuler-22.03-LTS
> I6VFRX
> [22.03-LTS][x86/arm]mariadb授权给远程用户,远程连接服务失败
> 次要
> sig/DB
> mariadb
> openEuler-22.03-LTS
> I72N5G
> 【22.03-lts】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败
> 次要
> sig/Base-service
> php
> openEuler-22.03-LTS
> I5M4N4
> 【22.03 LTS update 20220811】【arm/x86】openstack-ironic-inspector-conductor.service服务start失败
> 次要
> sig/sig-openstack
> openstack-ironic-inspector
>
>
> openEuler-22.03-LTS-SP1 Update 20230726
> 经各SIG及社区开发者贡献,本周openEuler-22.03-LTS-SP1修复版本已知问题3个,已知漏洞14个。目前版本分支剩余待修复缺陷8个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库
>
>
> openEuler-22.03-LTS SP1 Update版本CVE修复 及Bugfix list公示链接:
> https://gitee.com/openeuler/release-management/issues/I7NBS0?from=project-i…
>
>
> CVE修复:
> CVE
> 仓库
> score
> CVE-2023-37464
> cjose
> 8.6
> CVE-2023-33733
> python-reportlab
> 7.8
> CVE-2023-3428
> ImageMagick
> 6.2
> CVE-2023-34966
> samba
> 7.5
> CVE-2023-34967
> samba
> 5.3
> CVE-2023-3347
> samba
> 5.9
> CVE-2022-2127
> samba
> 5.9
> CVE-2022-45886
> kernel
> 7.0
> CVE-2023-3390
> kernel
> 7.8
> CVE-2023-35001
> kernel
> 7.8
> CVE-2023-32248
> kernel
> 1
> CVE-2023-32255
> kernel
> 1
> CVE-2023-3567
> kernel
> 1
> CVE-2023-32001
> curl
> 5.5
>
>
> Bugfix:
> issue
> 仓库
> #I7I0TJ:libcurl 使用http代理场景下可能出现double free问题
> curl
> #I7M991:【OLK-5.10】WARNING: refcount bug in addrconf_ifdown
> kernel
> #I7OEV1:adwaita-qt spec中changelog中release错误
> adwaita-qt
>
>
> openEuler-22.03-LTS SP1版本编译构建信息查询链接:
> https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP1
> https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP1:Ep…
>
> openEuler-22.03-LTS SP1 Update版本 发布源链接:
> https://repo.openeuler.org/openEuler-22.03-LTS-SP1/update/
> https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/main/
> https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_versio…
> https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_versio…
> https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_versio…
>
> openEuler CVE 及 安全公告公示链接:
> https://www.openeuler.org/zh/security/cve/
> https://www.openeuler.org/zh/security/safety-bulletin/
> https://repo.openeuler.org/security/data/cvrf/
>
> openEuler-22.03-LTS-SP1 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高):
> 序号
> 里程碑
> 任务ID
> 任务标题
> 优先级
> 标签
> 关联仓库
> 1
> openEuler-22.03-LTS-SP1
> I7LW30
> 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during IPA pass: struct_reorg(in wide_int_to_tree_1, at tree.c:1575)
> 主要
> sig/Compiler
> openEuler/gcc
> 2
> openEuler-22.03-LTS-SP1
> I7LWCW
> 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:internal compiler error: Segmentation fault
> 主要
> sig/Compiler
> openEuler/gcc
> 3
> openEuler-22.03-LTS-SP1
> I7LWK7
> 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during IPA pass: struct_reorg(in get_type_field, at ipa-struct-reorg/ipa-struct-reorg.c:4394)
> 主要
> sig/Compiler
> openEuler/gcc
> 4
> openEuler-22.03-LTS-SP1
> I7LWO1
> 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during RTL pass: expand(in convert_move, at expr.c:219)
> 主要
> sig/Compiler
> openEuler/gcc
> 5
> openEuler-22.03-LTS-SP1
> I7LX07
> 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during IPA pass: struct_reorg(in get_type_field, at ipa-struct-reorg/ipa-struct-reorg.c:4379)
> 主要
> sig/Compiler
> openEuler/gcc
> 6
> openEuler 22.03-SP1
> I6B4V1
> 【22.03 SP1 update 20230118】【arm】libhdfs在arm架构降级失败,x86正常
> 主要
> sig/bigdata
> src-openEuler/hadoop
> 7
> openEuler-22.03-LTS-SP1
> I6VFV6
> [22.03 SP1] [x86/arm] mariadb授权给远程用户,远程连接服务失败
> 次要
> sig/DB
> src-openEuler/mariadb
> 8
> openEuler-22.03-LTS-SP1
> I73CKF
> 【22.03-lts-sp1】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败
> 次要
> sig/Base-service
> src-openEuler/php
>
>
>
>
> openEuler-22.03-LTS-SP2 Update 20230726
> 经各SIG及社区开发者贡献,本周openEuler-22.03-LTS-SP2修复版本已知问题4个,已知漏洞11个。目前版本分支剩余待修复缺陷3个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库
>
> openEuler-22.03-LTS-SP2 Update版本CVE修复 及Bugfix list公示链接:
> https://gitee.com/openeuler/release-management/issues/I7NCCX?from=project-i…
>
>
> CVE修复:
> CVE
> 仓库
> score
> CVE-2023-33733
> python-reportlab
> 7.8
> CVE-2023-37464
> cjose
> 8.6
> CVE-2023-34966
> samba
> 7.5
> CVE-2023-34967
> samba
> 5.3
> CVE-2023-3347
> samba
> 5.9
> CVE-2022-2127
> samba
> 5.9
> CVE-2023-3428
> ImageMagick
> 6.2
> CVE-2022-45886
> kernel
> 7.0
> CVE-2023-3390
> kernel
> 7.8
> CVE-2023-35001
> kernel
> 7.8
> CVE-2023-32001
> curl
> 5.5
>
>
> Bugfix:
> issue
> 仓库
> #I7KF71:rpm包内文件遗漏
> A-FOT
> #I7I0TJ:libcurl 使用http代理场景下可能出现double free问题
> curl
> #I7M991:【OLK-5.10】WARNING: refcount bug in addrconf_ifdown
> kernel
> #I7OEV1:adwaita-qt spec中changelog中release错误
> adwaita-qt
>
>
> openEuler-22.03-LTS SP2版本编译构建信息查询链接:
> https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP2
> https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP2:Ep…
>
> openEuler-22.03-LTS SP2 Update版本 发布源链接:
> https://repo.openeuler.org/openEuler-22.03-LTS-SP2/update/
> https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/main/
> https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/multi_versio…
> https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/multi_versio…
>
> openEuler CVE 及 安全公告公示链接:
> https://www.openeuler.org/zh/security/cve/
> https://www.openeuler.org/zh/security/safety-bulletin/
> https://repo.openeuler.org/security/data/cvrf/
>
>
> openEuler-22.03-LTS-SP2 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高):
> 序号
> 里程碑
> 任务ID
> 任务标题
> 优先级
> 标签
> 关联仓库
> 1
> openEuler-22.03-LTS-SP2
> I7L3KF
> 【22.03 -LTS-SP2】安装libvirt软件包后,启动libvirtd有报错,并且会导致环境网络不通
> 严重
> sig/Virt,block
> src-openEuler/libvirt
> 2
> openEuler-22.03-LTS-SP2-round-2
> I795G3
> 【22.03-LTS-SP2 round2】本次转测源中出现多个版本的containers-common
> 主要
> sig/sig-CloudNative
> src-openEuler/skopeo
> 3
> openEuler-22.03-LTS-SP2-SEC
> I7AFIR
> 【22.03-LTS-SP2 round2】【x86/arm】libkae-1.2.10-6.oe2203sp2安全编译选项Rpath/Runpath不满足
> 主要
> sig/sig-AccLib
> src-openEuler/libkae
>
>
> 社区待修复漏洞:
> openEuler社区根据漏洞严重等级采取差异化的修复策略,请各个SIG 关注涉及CVE组件的修复情况。
> 严重等级(Severity Rating)
> 漏洞修复时长
> 致命(Critical)
> 7天
> 高(High)
> 14天
> 中(Medium)
> 30天
> 低(Low)
> 30天
>
> 可参考社区安全委员会漏洞:https://gitee.com/openeuler/security-committee/wikis/%E7%A4%BE…
>
> 近14天将超期CVE(7.22日数据):
> 漏洞编号
> Issue ID
> 剩余天数
> CVSS评分
> 软件包
> 责任SIG
> CVE-2023-38427
> I7LU2Q
> 5.58
> 9.8
> kernel
> Kernel
> CVE-2023-38429
> I7LU2I
> 5.58
> 9.8
> kernel
> Kernel
> CVE-2023-38432
> I7LU3O
> 5.58
> 9.1
> kernel
> Kernel
> CVE-2023-38428
> I7LU3D
> 5.58
> 9.1
> kernel
> Kernel
> CVE-2023-38430
> I7LU2S
> 5.58
> 9.1
> kernel
> Kernel
> CVE-2023-38426
> I7LU2N
> 5.58
> 9.1
> kernel
> Kernel
> CVE-2023-38431
> I7LU2G
> 5.58
> 9.1
> kernel
> Kernel
> CVE-2022-24834
> I7KR7L
> 11.06
> 8.8
> redis5
> sig-bigdata
> CVE-2022-24834
> I7KR7K
> 11.06
> 8.8
> redis
> Others
> CVE-2022-24834
> I7KR7J
> 11.06
> 8.8
> python-redis
> Base-service
> CVE-2023-37650
> I7OB2V
> 12.06
> 8.8
> cockpit
> Desktop
> CVE-2023-37460
> I7NYZD
> 11.06
> 8.1
> plexus-archiver
> sig-Java
> CVE-2023-1902
> I7K4AS
> 2.56
> 8.0
> zephyr
> sig-Zephyr
> CVE-2023-3776
> I7N3N3
> 7.06
> 7.8
> kernel
> Kernel
> CVE-2023-3609
> I7N3N2
> 7.06
> 7.8
> kernel
> Kernel
> CVE-2023-3610
> I7N3N1
> 7.06
> 7.8
> kernel
> Kernel
> CVE-2023-3611
> I7N3MX
> 7.06
> 7.8
> kernel
> Kernel
> CVE-2023-21255
> I7L0Z9
> 10.56
> 7.8
> kernel
> Kernel
> CVE-2023-0664
> I6GQEK
> 11.56
> 7.8
> qemu
> Virt
> CVE-2023-3812
> I7MRMH
> 12.58
> 7.8
> kernel
> Kernel
> CVE-2022-33064
> I7M5IV
> 12.58
> 7.8
> libsndfile
> Computing
> CVE-2019-9024
> I7MED5
> 4.56
> 7.5
> php
> Base-service
> CVE-2023-29451
> I7NYXP
> 10.49
> 7.5
> zabbix
> Base-service
> CVE-2023-38197
> I7KUEO
> 10.56
> 7.5
> qt
> Runtime
> CVE-2023-37920
> I7NYZI
> 11.06
> 7.5
> python-certifi
> sig-python-modules
> CVE-2021-31294
> I7LFQT
> 11.06
> 7.5
> redis6
> sig-bigdata
> CVE-2021-31294
> I7LFQS
> 11.06
> 7.5
> redis5
> sig-bigdata
> CVE-2021-31294
> I7LFQQ
> 11.56
> 7.5
> redis
> Others
> CVE-2021-31294
> I7LFQO
> 11.56
> 7.5
> python-redis
> Base-service
> CVE-2023-37649
> I7OB2W
> 12.06
> 7.5
> cockpit
> Desktop
> CVE-2022-41409
> I7OGVS
> 12.58
> 7.5
> pcre2
> Base-service
> CVE-2023-2234
> I7K4AU
> 12.06
> 6.8
> zephyr
> sig-Zephyr
> CVE-2023-37207
> I7IG0Q
> 12.56
> 6.5
> thunderbird
> sig-desktop-apps
> CVE-2022-42009
> I7K4BF
> 12.06
> 6.3
> ambari
> sig-bigdata
> CVE-2022-45855
> I7K4B5
> 12.06
> 6.3
> ambari
> sig-bigdata
> CVE-2023-0359
> I7K4AV
> 12.06
> 5.9
> zephyr
> sig-Zephyr
> CVE-2023-36191
> I7FEZH
> 1.56
> 5.5
> sqlite
> DB
> CVE-2023-36146
> I7H9RK
> 9.06
> 5.4
> raspberrypi-firmware
> sig-RaspberryPi
> CVE-2021-28163
> I7K14F
> 11.81
> 2.7
> jetty
> sig-Java
>
>
>
>
> openEuler 社区指导文档及开放平台链接:
>
>
> openEuler 版本分支维护规范:
> https://gitee.com/openeuler/release-management/blob/master/openEuler%E7%89%…
> openEuler release-management 版本分支PR指导:
> https://gitee.com/openeuler/release-management/blob/master/openEuler%E5%BC%…
> 社区QA 版本测试提单规范
> https://gitee.com/openeuler/QA/blob/master/%E7%A4%BE%E5%8C%BA%E7%89%88%E6%9…
> 社区QA 测试平台 radiates
> https://radiatest.openeuler.org<https://radiatest.openeuler.org/>
>
>
>
>
>
>
>
>
1
0
主题: openEuler update_20230726版本发布公告
Dear all,
经社区Release SIG、QA SIG及 CICD SIG 评估,openEuler-20.03-LTS-SP1、openEuler-20.03-LTS-SP3、openEuler-22.03-LTS、openEuler-22.03-LTS-SP1及openEuler-22.03-LTS-SP2 update版本满足版本出口质量,现进行发布公示。
本公示分为七部分:
1、openEuler-20.03-LTS-SP1 Update 20230726发布情况及待修复缺陷
2、openEuler-20.03-LTS-SP3 Update 20230726发布情况及待修复缺陷
3、openEuler-22.03-LTS Update 20230726发布情况及待修复缺陷
4、openEuler-22.03-LTS-SP1 Update 20230726发布情况及待修复缺陷
5、openEuler-22.03-LTS-SP2 Update 20230726发布情况及待修复缺陷
6、openEuler 关键组件待修复CVE 清单
7、openEuler 社区指导文档及开放平台链接
本次update版本发布后,下一个版本里程碑点(预计在2023/08/02)提供 update_ 20230804 版本。
openEuler-20.03-LTS-SP1 Update 20230726
经各SIG及社区开发者贡献,本周openEuler-20.03-LTS-SP1修复版本已知问题2个,已知漏洞16个。目前版本分支剩余待修复缺陷20个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库
openEuler-20.03-LTS-SP1 Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7NBS3?from=project-i…
CVE修复:
CVE
仓库
score
CVE-2021-33294
elfutils
2.5
CVE-2023-33733
python-reportlab
7.8
CVE-2022-45886
kernel
7.0
CVE-2023-3390
kernel
7.8
CVE-2023-35001
kernel
7.8
CVE-2023-34966
samba
7.5
CVE-2023-34967
samba
5.3
CVE-2022-2127
samba
5.9
CVE-2023-37464
cjose
8.6
CVE-2023-3428
ImageMagick
6.2
CVE-2023-3611
kernel
7.8
CVE-2020-23064
doxygen
6.1
CVE-2023-32001
curl
5.5
CVE-2022-22824
firefox
9.8
CVE-2022-22823
firefox
9.8
CVE-2022-22822
firefox
9.8
Bugfix:
issue
仓库
#I5G81X:【20.03 SP1】selinux-policy卸载异常
selinux-policy
#I7M52S:【OLK-5.10】kmemleak in mpam_resctrl_cpu_online
kernel
openEuler-20.03-LTS-SP1版本编译构建信息查询链接:
https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1
https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1:Epol
openEuler-20.03-LTS-SP1 Update版本 发布源链接:
https://repo.openeuler.org/openEuler-20.03-LTS-SP1/update/
https://repo.openeuler.org/openEuler-20.03-LTS-SP1/EPOL/update/
openEuler CVE 及安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-20.03-LTS-SP1 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高):
里程碑
任务ID
任务标题
优先级
sig组
关联仓库
openEuler 20.03-LTS-SP1
I4J0OY
【20.03 SP1】【arm/x86】安装好libdap后,getdap4命令的-i和-k参数使用异常
主要
sig/sig-recycle
libdap
openEuler 20.03-LTS-SP1
I4JMG4
【20.03 SP1】【arm/x86】robotframework包的三个命令:libdoc、rebot、robot执行--help/-h/-?/--version,查看帮助信息和版本信息,返回值为251
主要
sig/sig-ROS
python-robotframework
openEuler 20.03-LTS-SP1
I5DLX7
[20.03 22.03] 管理员指南操作文档mysql服务搭建指导文档有误
主要
sig/doc
docs
openEuler 20.03LTS SP1 update2103
I3E5C1
【20.03-SP1】【arm/x86】服务启动失败
主要
sig/bigdata
hadoop
openEuler 20.03LTS SP1 update210901
I48GIM
【20.03LTS SP1 update 210901】ovirt-cockpit-sso.service服务启动失败
主要
sig/oVirt
ovirt-cockpit-sso
openEuler 20.03-LTS-SP1
I6VFAE
[20.03 SP1] [x86/arm] mariadb授权给远程用户,远程连接服务失败
次要
sig/DB
mariadb
openEuler 20.03-LTS-SP1
I4G4A5
Undefine-shift in _bfd_safe_read_leb128
无优先级
sig/Base-service
binutils
openEuler 20.03-LTS-SP1
I4G4B1
Integer overflow in print_vms_time
无优先级
sig/Base-service
binutils
openEuler 20.03-LTS-SP1
I4G4VY
memleak in parse_gnu_debugaltlink
无优先级
sig/Base-service
binutils
openEuler 20.03-LTS-SP1
I4G4WF
Heap-buffer-overflow in slurp_hppa_unwind_table
无优先级
sig/Base-service
binutils
openEuler 20.03-LTS-SP1
I4G4WW
Use-after-free in make_qualified_name
无优先级
sig/Base-service
binutils
openEuler 20.03-LTS-SP1
I4G4X6
memleak in byte_get_little_endian
无优先级
sig/Base-service
binutils
openEuler 20.03-LTS-SP1
I4G4XF
memleak in process_mips_specific
无优先级
sig/Base-service
binutils
openEuler 20.03-LTS-SP1
I4G4Y0
out-of-memory in vms_lib_read_index
无优先级
sig/Base-service
binutils
openEuler 20.03-LTS-SP1
I4G4YJ
Heap-buffer-overflow in bfd_getl16
无优先级
sig/Base-service
binutils
openEuler 20.03-LTS-SP1
I4G4YV
Floating point exception in _bfd_vms_slurp_etir
无优先级
sig/Base-service
binutils
openEuler 20.03LTS SP1 update210926
I4CMSV
【20.03-LTS-SP1】【arm/x86】搭建Kubernetes 集群缺少包etcd
无优先级
sig/TC
community
openEuler 20.03LTS SP1 update220111
I4QV6N
【openEuler-20.03-LTS-SP1】flink命令执行失败
无优先级
sig/sig-ai-bigdata
flink
openEuler-20.03-LTS-SP1
I3QGU7
系统不支持GB18030
无优先级
sig/TC
community
openEuler-20.03-LTS-SP1-dailybuild
I5Y99T
mate-desktop install problem in openEuler:20:03:LTS:SP1
无优先级
sig/sig-mate-desktop
mate-desktop
openEuler-20.03-LTS-SP3 Update 20230726
经各SIG及社区开发者贡献,本周openEuler-20.03-LTS-SP3修复版本已知问2个,已知漏洞15个。目前版本分支剩余待修复缺陷 7个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库
openEuler-20.03-LTS-SP3 Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7NBS4?from=project-i…
CVE修复:
CVE
仓库
score
CVE-2023-33733
python-reportlab
7.8
CVE-2022-45886
kernel
7.0
CVE-2023-3390
kernel
7.8
CVE-2023-35001
kernel
7.8
CVE-2023-3428
ImageMagick
6.2
CVE-2023-34966
samba
7.5
CVE-2023-34967
samba
5.3
CVE-2022-2127
samba
5.9
CVE-2023-37464
cjose
8.6
CVE-2021-33294
elfutils
2.5
CVE-2020-23064
doxygen
6.1
CVE-2023-32001
curl
5.5
CVE-2022-22824
firefox
9.8
CVE-2022-22823
firefox
9.8
CVE-2022-22822
firefox
9.8
Bugfix:
issue
仓库
#I5SCLC:【20.03 SP3】selinux-policy卸载异常
selinux-policy
#I7M52S:【OLK-5.10】kmemleak in mpam_resctrl_cpu_online
kernel
openEuler-20.03-LTS-SP3版本编译构建信息查询链接:
https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3
https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3:Epol
openEuler-20.03-LTS-SP3 Update版本 发布源链接:
https://repo.openeuler.org/openEuler-20.03-LTS-SP3/update/
https://repo.openeuler.org/openEuler-20.03-LTS-SP3/EPOL/update/main/
openEuler CVE及安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-20.03-LTS-SP3 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高):
里程碑
任务ID
任务标题
优先级
sig组
关联仓库
openEuler 20.03 LTS SP3 update20220801
I5LYJK
【20.03-sp3_update20220801】【x86】对内核版进行升级后,TCP_option_address安装异常
主要
sig/Kernel
TCP_option_address
openEuler 20.03-LTS-SP3
I5KXUY
【20.03 LTS SP3 update 20220803】【arm/x86】ovirt-cockpit-sso.service服务启动失败
主要
sig/oVirt
ovirt-cockpit-sso
openEuler-20.03-LTS-SP3
I5KY4S
【20.03 LTS SP3 update 20220803】【arm/x86】vdsmd.service服务启动失败,导致mom-vdsm.service服务无法启动成功
主要
sig/oVirt
vdsm
openEuler-20.03-LTS-SP3
I72EAT
【20.03 SP3】php相关包在20.03 LTS SP3降级失败
主要
sig/Base-service
php
openEuler 20.03LTS SP3 update220111
I4QV7S
【openEuler-20.03-LTS-SP3】flink run 命令执行失败
无优先级
sig/sig-ai-bigdata
flink
openEuler-20.03-LTS-SP3
I6VFMI
[20.03 SP3] [x86/arm] mariadb授权给远程用户,远程连接服务失败
次要
sig/DB
mariadb
openEuler-20.03-LTS-SP3
I72HWV
【20.03-lts-sp3】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败
次要
sig/Base-service
php
openEuler-22.03-LTS Update 20230726
经各SIG及社区开发者贡献,本周openEuler-22.03-LTS修复版本已知问题5个,已知漏洞10个。目前版本分支剩余待修复缺陷5个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库
openEuler-22.03-LTS Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7NBS6?from=project-i…
CVE修复:
CVE
仓库
score
CVE-2023-33733
python-reportlab
7.8
CVE-2022-45886
kernel
7.0
CVE-2023-3390
kernel
7.8
CVE-2023-35001
kernel
7.8
CVE-2023-34966
samba
7.5
CVE-2023-34967
samba
5.3
CVE-2022-2127
samba
5.9
CVE-2023-3428
ImageMagick
6.2
CVE-2023-37464
cjose
8.6
CVE-2023-32001
curl
5.5
Bugfix:
issue
仓库
#I7I0TJ:libcurl 使用http代理场景下可能出现double free问题
curl
#I612UG:hulk昇腾特性补丁回合
kernel
#I7MBX6:upgrade to jdk11.0.20-ga
openjdk-11
#I7OE6Z:删除Obsoletes,取消包冲突
zbar
#I7OEV1:adwaita-qt spec中changelog中release错误
adwaita-qt
openEuler-22.03-LTS版本编译构建信息查询链接:
https://build.openeuler.org/project/show/openEuler:22.03:LTS
https://build.openeuler.org/project/show/openEuler:22.03:LTS:Epol
openEuler-22.03-LTS Update版本 发布源链接:
https://repo.openeuler.org/openEuler-22.03-LTS/update/
https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/main/
https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op…
https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op…
https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/ob…
openEuler CVE 及 安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-22.03-LTS Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高):
里程碑
任务ID
任务标题
优先级
sig
关联仓库
openEuler-22.03-LTS
I5RHYO
【22.09 RC4】【arm/x86】package.ini中的redis_host配置为不存在的ip,重启pkgship服务失败,服务一直在尝试重启
主要
sig/sig-EasyLife
pkgship
openEuler-22.03-LTS
I7HH1A
【22.03 LTS update20230628】qemu缺少安装依赖,安装失败
主要
sig/Virt
qemu
openEuler-22.03-LTS
I6VFRX
[22.03-LTS][x86/arm]mariadb授权给远程用户,远程连接服务失败
次要
sig/DB
mariadb
openEuler-22.03-LTS
I72N5G
【22.03-lts】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败
次要
sig/Base-service
php
openEuler-22.03-LTS
I5M4N4
【22.03 LTS update 20220811】【arm/x86】openstack-ironic-inspector-conductor.service服务start失败
次要
sig/sig-openstack
openstack-ironic-inspector
openEuler-22.03-LTS-SP1 Update 20230726
经各SIG及社区开发者贡献,本周openEuler-22.03-LTS-SP1修复版本已知问题3个,已知漏洞14个。目前版本分支剩余待修复缺陷8个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库
openEuler-22.03-LTS SP1 Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7NBS0?from=project-i…
CVE修复:
CVE
仓库
score
CVE-2023-37464
cjose
8.6
CVE-2023-33733
python-reportlab
7.8
CVE-2023-3428
ImageMagick
6.2
CVE-2023-34966
samba
7.5
CVE-2023-34967
samba
5.3
CVE-2023-3347
samba
5.9
CVE-2022-2127
samba
5.9
CVE-2022-45886
kernel
7.0
CVE-2023-3390
kernel
7.8
CVE-2023-35001
kernel
7.8
CVE-2023-32248
kernel
1
CVE-2023-32255
kernel
1
CVE-2023-3567
kernel
1
CVE-2023-32001
curl
5.5
Bugfix:
issue
仓库
#I7I0TJ:libcurl 使用http代理场景下可能出现double free问题
curl
#I7M991:【OLK-5.10】WARNING: refcount bug in addrconf_ifdown
kernel
#I7OEV1:adwaita-qt spec中changelog中release错误
adwaita-qt
openEuler-22.03-LTS SP1版本编译构建信息查询链接:
https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP1
https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP1:Ep…
openEuler-22.03-LTS SP1 Update版本 发布源链接:
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/update/
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/main/
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_versio…
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_versio…
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_versio…
openEuler CVE 及 安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-22.03-LTS-SP1 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高):
序号
里程碑
任务ID
任务标题
优先级
标签
关联仓库
1
openEuler-22.03-LTS-SP1
I7LW30
【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during IPA pass: struct_reorg(in wide_int_to_tree_1, at tree.c:1575)
主要
sig/Compiler
openEuler/gcc
2
openEuler-22.03-LTS-SP1
I7LWCW
【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:internal compiler error: Segmentation fault
主要
sig/Compiler
openEuler/gcc
3
openEuler-22.03-LTS-SP1
I7LWK7
【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during IPA pass: struct_reorg(in get_type_field, at ipa-struct-reorg/ipa-struct-reorg.c:4394)
主要
sig/Compiler
openEuler/gcc
4
openEuler-22.03-LTS-SP1
I7LWO1
【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during RTL pass: expand(in convert_move, at expr.c:219)
主要
sig/Compiler
openEuler/gcc
5
openEuler-22.03-LTS-SP1
I7LX07
【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during IPA pass: struct_reorg(in get_type_field, at ipa-struct-reorg/ipa-struct-reorg.c:4379)
主要
sig/Compiler
openEuler/gcc
6
openEuler 22.03-SP1
I6B4V1
【22.03 SP1 update 20230118】【arm】libhdfs在arm架构降级失败,x86正常
主要
sig/bigdata
src-openEuler/hadoop
7
openEuler-22.03-LTS-SP1
I6VFV6
[22.03 SP1] [x86/arm] mariadb授权给远程用户,远程连接服务失败
次要
sig/DB
src-openEuler/mariadb
8
openEuler-22.03-LTS-SP1
I73CKF
【22.03-lts-sp1】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败
次要
sig/Base-service
src-openEuler/php
openEuler-22.03-LTS-SP2 Update 20230726
经各SIG及社区开发者贡献,本周openEuler-22.03-LTS-SP2修复版本已知问题4个,已知漏洞11个。目前版本分支剩余待修复缺陷3个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库
openEuler-22.03-LTS-SP2 Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7NCCX?from=project-i…
CVE修复:
CVE
仓库
score
CVE-2023-33733
python-reportlab
7.8
CVE-2023-37464
cjose
8.6
CVE-2023-34966
samba
7.5
CVE-2023-34967
samba
5.3
CVE-2023-3347
samba
5.9
CVE-2022-2127
samba
5.9
CVE-2023-3428
ImageMagick
6.2
CVE-2022-45886
kernel
7.0
CVE-2023-3390
kernel
7.8
CVE-2023-35001
kernel
7.8
CVE-2023-32001
curl
5.5
Bugfix:
issue
仓库
#I7KF71:rpm包内文件遗漏
A-FOT
#I7I0TJ:libcurl 使用http代理场景下可能出现double free问题
curl
#I7M991:【OLK-5.10】WARNING: refcount bug in addrconf_ifdown
kernel
#I7OEV1:adwaita-qt spec中changelog中release错误
adwaita-qt
openEuler-22.03-LTS SP2版本编译构建信息查询链接:
https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP2
https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP2:Ep…
openEuler-22.03-LTS SP2 Update版本 发布源链接:
https://repo.openeuler.org/openEuler-22.03-LTS-SP2/update/
https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/main/
https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/multi_versio…
https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/multi_versio…
openEuler CVE 及 安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-22.03-LTS-SP2 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高):
序号
里程碑
任务ID
任务标题
优先级
标签
关联仓库
1
openEuler-22.03-LTS-SP2
I7L3KF
【22.03 -LTS-SP2】安装libvirt软件包后,启动libvirtd有报错,并且会导致环境网络不通
严重
sig/Virt,block
src-openEuler/libvirt
2
openEuler-22.03-LTS-SP2-round-2
I795G3
【22.03-LTS-SP2 round2】本次转测源中出现多个版本的containers-common
主要
sig/sig-CloudNative
src-openEuler/skopeo
3
openEuler-22.03-LTS-SP2-SEC
I7AFIR
【22.03-LTS-SP2 round2】【x86/arm】libkae-1.2.10-6.oe2203sp2安全编译选项Rpath/Runpath不满足
主要
sig/sig-AccLib
src-openEuler/libkae
社区待修复漏洞:
openEuler社区根据漏洞严重等级采取差异化的修复策略,请各个SIG 关注涉及CVE组件的修复情况。
严重等级(Severity Rating)
漏洞修复时长
致命(Critical)
7天
高(High)
14天
中(Medium)
30天
低(Low)
30天
可参考社区安全委员会漏洞:https://gitee.com/openeuler/security-committee/wikis/%E7%A4%BE…
近14天将超期CVE(7.22日数据):
漏洞编号
Issue ID
剩余天数
CVSS评分
软件包
责任SIG
CVE-2023-38427
I7LU2Q
5.58
9.8
kernel
Kernel
CVE-2023-38429
I7LU2I
5.58
9.8
kernel
Kernel
CVE-2023-38432
I7LU3O
5.58
9.1
kernel
Kernel
CVE-2023-38428
I7LU3D
5.58
9.1
kernel
Kernel
CVE-2023-38430
I7LU2S
5.58
9.1
kernel
Kernel
CVE-2023-38426
I7LU2N
5.58
9.1
kernel
Kernel
CVE-2023-38431
I7LU2G
5.58
9.1
kernel
Kernel
CVE-2022-24834
I7KR7L
11.06
8.8
redis5
sig-bigdata
CVE-2022-24834
I7KR7K
11.06
8.8
redis
Others
CVE-2022-24834
I7KR7J
11.06
8.8
python-redis
Base-service
CVE-2023-37650
I7OB2V
12.06
8.8
cockpit
Desktop
CVE-2023-37460
I7NYZD
11.06
8.1
plexus-archiver
sig-Java
CVE-2023-1902
I7K4AS
2.56
8.0
zephyr
sig-Zephyr
CVE-2023-3776
I7N3N3
7.06
7.8
kernel
Kernel
CVE-2023-3609
I7N3N2
7.06
7.8
kernel
Kernel
CVE-2023-3610
I7N3N1
7.06
7.8
kernel
Kernel
CVE-2023-3611
I7N3MX
7.06
7.8
kernel
Kernel
CVE-2023-21255
I7L0Z9
10.56
7.8
kernel
Kernel
CVE-2023-0664
I6GQEK
11.56
7.8
qemu
Virt
CVE-2023-3812
I7MRMH
12.58
7.8
kernel
Kernel
CVE-2022-33064
I7M5IV
12.58
7.8
libsndfile
Computing
CVE-2019-9024
I7MED5
4.56
7.5
php
Base-service
CVE-2023-29451
I7NYXP
10.49
7.5
zabbix
Base-service
CVE-2023-38197
I7KUEO
10.56
7.5
qt
Runtime
CVE-2023-37920
I7NYZI
11.06
7.5
python-certifi
sig-python-modules
CVE-2021-31294
I7LFQT
11.06
7.5
redis6
sig-bigdata
CVE-2021-31294
I7LFQS
11.06
7.5
redis5
sig-bigdata
CVE-2021-31294
I7LFQQ
11.56
7.5
redis
Others
CVE-2021-31294
I7LFQO
11.56
7.5
python-redis
Base-service
CVE-2023-37649
I7OB2W
12.06
7.5
cockpit
Desktop
CVE-2022-41409
I7OGVS
12.58
7.5
pcre2
Base-service
CVE-2023-2234
I7K4AU
12.06
6.8
zephyr
sig-Zephyr
CVE-2023-37207
I7IG0Q
12.56
6.5
thunderbird
sig-desktop-apps
CVE-2022-42009
I7K4BF
12.06
6.3
ambari
sig-bigdata
CVE-2022-45855
I7K4B5
12.06
6.3
ambari
sig-bigdata
CVE-2023-0359
I7K4AV
12.06
5.9
zephyr
sig-Zephyr
CVE-2023-36191
I7FEZH
1.56
5.5
sqlite
DB
CVE-2023-36146
I7H9RK
9.06
5.4
raspberrypi-firmware
sig-RaspberryPi
CVE-2021-28163
I7K14F
11.81
2.7
jetty
sig-Java
openEuler 社区指导文档及开放平台链接:
openEuler 版本分支维护规范:
https://gitee.com/openeuler/release-management/blob/master/openEuler%E7%89%…
openEuler release-management 版本分支PR指导:
https://gitee.com/openeuler/release-management/blob/master/openEuler%E5%BC%…
社区QA 版本测试提单规范
https://gitee.com/openeuler/QA/blob/master/%E7%A4%BE%E5%8C%BA%E7%89%88%E6%9…
社区QA 测试平台 radiates
https://radiatest.openeuler.org<https://radiatest.openeuler.org/>
1
0
1. 龙芯全量版本确认测试策略:主要是细节确认,包含特性对应的测试用例如何确认?
2. 龙芯全量版本测试支持:社区QA测试能够支持哪些?怎么参与?
2
1
背景:
gcc-7、lld、openmp引入openEuler 22.03.LTS.SP1。解决7.14号release sig的遗留问题:需要qa sig组检视测试报告。
1
0
主题: openEuler update_20230719版本发布公告
Dear all,
经社区Release SIG、QA SIG及 CICD SIG 评估,openEuler-20.03-LTS-SP1、openEuler-20.03-LTS-SP3、openEuler-22.03-LTS、openEuler-22.03-LTS-SP1及openEuler-22.03-LTS-SP2 update版本满足版本出口质量,现进行发布公示。
本公示分为七部分:
1、openEuler-20.03-LTS-SP1 Update 20230719发布情况及待修复缺陷
2、openEuler-20.03-LTS-SP3 Update 20230719发布情况及待修复缺陷
3、openEuler-22.03-LTS Update 20230719发布情况及待修复缺陷
4、openEuler-22.03-LTS-SP1 Update 20230719发布情况及待修复缺陷
5、openEuler-22.03-LTS-SP2 Update 20230719发布情况及待修复缺陷
6、openEuler 关键组件待修复CVE 清单
7、openEuler 社区指导文档及开放平台链接
本次update版本发布后,下一个版本里程碑点(预计在2023/07/28)提供 update_ 20230726 版本。
openEuler-20.03-LTS-SP1 Update 20230719
经各SIG及社区开发者贡献,本周openEuler-20.03-LTS-SP1修复版本已知问题1个,已知漏洞8个。目前版本分支剩余待修复缺陷20个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库
openEuler-20.03-LTS-SP1 Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7LJ8E?from=project-i…
CVE修复:
CVE
仓库
score
CVE-2023-3220
kernel
5.5
CVE-2023-3358
kernel
5.5
CVE-2023-1295
kernel
7.0
CVE-2023-3090
kernel
7.8
CVE-2023-3338
kernel
7.5
CVE-2023-3117
kernel
7.8
CVE-2023-36053
python-django
7.5
CVE-2023-3576
libtiff
5.5
Bugfix:
issue
仓库
#I7GDLI:qemu-img conver 报错 Device or resource busy
kernel
openEuler-20.03-LTS-SP1版本编译构建信息查询链接:
https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1
https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1:Epol
openEuler-20.03-LTS-SP1 Update版本 发布源链接:
https://repo.openeuler.org/openEuler-20.03-LTS-SP1/update/
https://repo.openeuler.org/openEuler-20.03-LTS-SP1/EPOL/update/
openEuler CVE 及安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-20.03-LTS-SP1 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高):
里程碑
任务ID
任务标题
优先级
sig组
关联仓库
openEuler 20.03-LTS-SP1
I4J0OY
【20.03 SP1】【arm/x86】安装好libdap后,getdap4命令的-i和-k参数使用异常
主要
sig/sig-recycle
libdap
openEuler 20.03-LTS-SP1
I4JMG4
【20.03 SP1】【arm/x86】robotframework包的三个命令:libdoc、rebot、robot执行--help/-h/-?/--version,查看帮助信息和版本信息,返回值为251
主要
sig/sig-ROS
python-robotframework
openEuler 20.03-LTS-SP1
I5DLX7
[20.03 22.03] 管理员指南操作文档mysql服务搭建指导文档有误
主要
sig/doc
docs
openEuler 20.03LTS SP1 update2103
I3E5C1
【20.03-SP1】【arm/x86】服务启动失败
主要
sig/bigdata
hadoop
openEuler 20.03LTS SP1 update210901
I48GIM
【20.03LTS SP1 update 210901】ovirt-cockpit-sso.service服务启动失败
主要
sig/oVirt
ovirt-cockpit-sso
openEuler 20.03-LTS-SP1
I6VFAE
[20.03 SP1] [x86/arm] mariadb授权给远程用户,远程连接服务失败
次要
sig/DB
mariadb
openEuler 20.03-LTS-SP1
I4G4A5
Undefine-shift in _bfd_safe_read_leb128
无优先级
sig/Base-service
binutils
openEuler 20.03-LTS-SP1
I4G4B1
Integer overflow in print_vms_time
无优先级
sig/Base-service
binutils
openEuler 20.03-LTS-SP1
I4G4VY
memleak in parse_gnu_debugaltlink
无优先级
sig/Base-service
binutils
openEuler 20.03-LTS-SP1
I4G4WF
Heap-buffer-overflow in slurp_hppa_unwind_table
无优先级
sig/Base-service
binutils
openEuler 20.03-LTS-SP1
I4G4WW
Use-after-free in make_qualified_name
无优先级
sig/Base-service
binutils
openEuler 20.03-LTS-SP1
I4G4X6
memleak in byte_get_little_endian
无优先级
sig/Base-service
binutils
openEuler 20.03-LTS-SP1
I4G4XF
memleak in process_mips_specific
无优先级
sig/Base-service
binutils
openEuler 20.03-LTS-SP1
I4G4Y0
out-of-memory in vms_lib_read_index
无优先级
sig/Base-service
binutils
openEuler 20.03-LTS-SP1
I4G4YJ
Heap-buffer-overflow in bfd_getl16
无优先级
sig/Base-service
binutils
openEuler 20.03-LTS-SP1
I4G4YV
Floating point exception in _bfd_vms_slurp_etir
无优先级
sig/Base-service
binutils
openEuler 20.03LTS SP1 update210926
I4CMSV
【20.03-LTS-SP1】【arm/x86】搭建Kubernetes 集群缺少包etcd
无优先级
sig/TC
community
openEuler 20.03LTS SP1 update220111
I4QV6N
【openEuler-20.03-LTS-SP1】flink命令执行失败
无优先级
sig/sig-ai-bigdata
flink
openEuler-20.03-LTS-SP1
I3QGU7
系统不支持GB18030
无优先级
sig/TC
community
openEuler-20.03-LTS-SP1-dailybuild
I5Y99T
mate-desktop install problem in openEuler:20:03:LTS:SP1
无优先级
sig/sig-mate-desktop
mate-desktop
openEuler-20.03-LTS-SP3 Update 20230719
经各SIG及社区开发者贡献,本周openEuler-20.03-LTS-SP3修复版本已知问2个,已知漏洞8个。目前版本分支剩余待修复缺陷 7个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库
openEuler-20.03-LTS-SP3 Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7LJ8F?from=project-i…
CVE修复:
CVE
仓库
score
CVE-2023-3576
libtiff
5.5
CVE-2023-3220
kernel
5.5
CVE-2023-3358
kernel
5.5
CVE-2023-1295
kernel
7.0
CVE-2023-3090
kernel
7.8
CVE-2023-3338
kernel
7.5
CVE-2023-3117
kernel
7.8
CVE-2023-36053
python-django
7.5
Bugfix:
issue
仓库
#I7LSRL:TPCM 解决shim与ipmi通讯时,传输的宽字符无法别正确解析的问题
shim
#I7GDLI:qemu-img conver 报错 Device or resource busy
kernel
openEuler-20.03-LTS-SP3版本编译构建信息查询链接:
https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3
https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3:Epol
openEuler-20.03-LTS-SP3 Update版本 发布源链接:
https://repo.openeuler.org/openEuler-20.03-LTS-SP3/update/
https://repo.openeuler.org/openEuler-20.03-LTS-SP3/EPOL/update/main/
openEuler CVE及安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-20.03-LTS-SP3 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高):
里程碑
任务ID
任务标题
优先级
sig组
关联仓库
openEuler 20.03 LTS SP3 update20220801
I5LYJK
【20.03-sp3_update20220801】【x86】对内核版进行升级后,TCP_option_address安装异常
主要
sig/Kernel
TCP_option_address
openEuler 20.03-LTS-SP3
I5KXUY
【20.03 LTS SP3 update 20220803】【arm/x86】ovirt-cockpit-sso.service服务启动失败
主要
sig/oVirt
ovirt-cockpit-sso
openEuler-20.03-LTS-SP3
I5KY4S
【20.03 LTS SP3 update 20220803】【arm/x86】vdsmd.service服务启动失败,导致mom-vdsm.service服务无法启动成功
主要
sig/oVirt
vdsm
openEuler-20.03-LTS-SP3
I72EAT
【20.03 SP3】php相关包在20.03 LTS SP3降级失败
主要
sig/Base-service
php
openEuler 20.03LTS SP3 update220111
I4QV7S
【openEuler-20.03-LTS-SP3】flink run 命令执行失败
无优先级
sig/sig-ai-bigdata
flink
openEuler-20.03-LTS-SP3
I6VFMI
[20.03 SP3] [x86/arm] mariadb授权给远程用户,远程连接服务失败
次要
sig/DB
mariadb
openEuler-20.03-LTS-SP3
I72HWV
【20.03-lts-sp3】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败
次要
sig/Base-service
php
openEuler-22.03-LTS Update 20230719
经各SIG及社区开发者贡献,本周openEuler-22.03-LTS修复版本已知问题1个,已知漏洞9个。目前版本分支剩余待修复缺陷5个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库
openEuler-22.03-LTS Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7LJ8H?from=project-i…
CVE修复:
CVE
仓库
score
CVE-2023-3576
libtiff
5.5
CVE-2023-36053
python-django
7.5
CVE-2023-3358
kernel
5.5
CVE-2023-1295
kernel
7.0
CVE-2023-3090
kernel
7.8
CVE-2023-3220
kernel
5.5
CVE-2023-3338
kernel
7.5
CVE-2023-3117
kernel
7.8
CVE-2023-31248
kernel
7.8
Bugfix:
issue
仓库
#I7JHOA: loop: loop_set_status_from_info() check before assignment
kernel
openEuler-22.03-LTS版本编译构建信息查询链接:
https://build.openeuler.org/project/show/openEuler:22.03:LTS
https://build.openeuler.org/project/show/openEuler:22.03:LTS:Epol
openEuler-22.03-LTS Update版本 发布源链接:
https://repo.openeuler.org/openEuler-22.03-LTS/update/
https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/main/
https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op…
https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op…
https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/ob…
openEuler CVE 及 安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-22.03-LTS Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高):
里程碑
任务ID
任务标题
优先级
sig
关联仓库
openEuler-22.03-LTS
I5RHYO
【22.09 RC4】【arm/x86】package.ini中的redis_host配置为不存在的ip,重启pkgship服务失败,服务一直在尝试重启
主要
sig/sig-EasyLife
pkgship
openEuler-22.03-LTS
I7HH1A
【22.03 LTS update20230628】qemu缺少安装依赖,安装失败
主要
sig/Virt
qemu
openEuler-22.03-LTS
I6VFRX
[22.03-LTS][x86/arm]mariadb授权给远程用户,远程连接服务失败
次要
sig/DB
mariadb
openEuler-22.03-LTS
I72N5G
【22.03-lts】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败
次要
sig/Base-service
php
openEuler-22.03-LTS
I5M4N4
【22.03 LTS update 20220811】【arm/x86】openstack-ironic-inspector-conductor.service服务start失败
次要
sig/sig-openstack
openstack-ironic-inspector
openEuler-22.03-LTS-SP1 Update 20230719
经各SIG及社区开发者贡献,本周openEuler-22.03-LTS-SP1修复版本已知问题1个,已知漏洞9个。目前版本分支剩余待修复缺陷8个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库
openEuler-22.03-LTS SP1 Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7LJ8D?from=project-i…
CVE修复:
CVE
仓库
score
CVE-2023-3576
libtiff
5.5
CVE-2023-3358
kernel
5.5
CVE-2023-1295
kernel
7.0
CVE-2023-3090
kernel
7.8
CVE-2023-3220
kernel
5.5
CVE-2023-3338
kernel
7.5
CVE-2023-3117
kernel
7.8
CVE-2023-31248
kernel
7.8
CVE-2023-36053
python-django
7.5
Bugfix:
issue
仓库
#I7JHOA: loop: loop_set_status_from_info() check before assignment
kernel
openEuler-22.03-LTS SP1版本编译构建信息查询链接:
https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP1
https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP1:Ep…
openEuler-22.03-LTS SP1 Update版本 发布源链接:
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/update/
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/main/
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_versio…
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_versio…
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_versio…
openEuler CVE 及 安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-22.03-LTS-SP1 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高):
序号
里程碑
任务ID
任务标题
优先级
标签
关联仓库
1
openEuler-22.03-LTS-SP1
I7LW30
【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during IPA pass: struct_reorg(in wide_int_to_tree_1, at tree.c:1575)
主要
sig/Compiler
openEuler/gcc
2
openEuler-22.03-LTS-SP1
I7LWCW
【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:internal compiler error: Segmentation fault
主要
sig/Compiler
openEuler/gcc
3
openEuler-22.03-LTS-SP1
I7LWK7
【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during IPA pass: struct_reorg(in get_type_field, at ipa-struct-reorg/ipa-struct-reorg.c:4394)
主要
sig/Compiler
openEuler/gcc
4
openEuler-22.03-LTS-SP1
I7LWO1
【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during RTL pass: expand(in convert_move, at expr.c:219)
主要
sig/Compiler
openEuler/gcc
5
openEuler-22.03-LTS-SP1
I7LX07
【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during IPA pass: struct_reorg(in get_type_field, at ipa-struct-reorg/ipa-struct-reorg.c:4379)
主要
sig/Compiler
openEuler/gcc
6
openEuler 22.03-SP1
I6B4V1
【22.03 SP1 update 20230118】【arm】libhdfs在arm架构降级失败,x86正常
主要
sig/bigdata
src-openEuler/hadoop
7
openEuler-22.03-LTS-SP1
I6VFV6
[22.03 SP1] [x86/arm] mariadb授权给远程用户,远程连接服务失败
次要
sig/DB
src-openEuler/mariadb
8
openEuler-22.03-LTS-SP1
I73CKF
【22.03-lts-sp1】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败
次要
sig/Base-service
src-openEuler/php
openEuler-22.03-LTS-SP2 Update 20230719
经各SIG及社区开发者贡献,本周openEuler-22.03-LTS-SP2修复版本已知问题1个,已知漏洞9个。目前版本分支剩余待修复缺陷3个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库
openEuler-22.03-LTS-SP2 Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7LM0A?from=project-i…
CVE修复:
CVE
仓库
score
CVE-2023-3576
libtiff
5.5
CVE-2023-3358
kernel
5.5
CVE-2023-3090
kernel
7.8
CVE-2023-3220
kernel
5.5
CVE-2023-3389
kernel
7.8
CVE-2023-3338
kernel
7.5
CVE-2023-3117
kernel
7.8
CVE-2023-31248
kernel
7.8
CVE-2023-36053
python-django
7.5
Bugfix:
issue
仓库
#I7JHOA: loop: loop_set_status_from_info() check before assignment
kernel
openEuler-22.03-LTS SP2版本编译构建信息查询链接:
https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP2
https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP2:Ep…
openEuler-22.03-LTS SP2 Update版本 发布源链接:
https://repo.openeuler.org/openEuler-22.03-LTS-SP2/update/
https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/main/
https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/multi_versio…
https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/multi_versio…
openEuler CVE 及 安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-22.03-LTS-SP2 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高):
序号
里程碑
任务ID
任务标题
优先级
标签
关联仓库
1
openEuler-22.03-LTS-SP2
I7L3KF
【22.03 -LTS-SP2】安装libvirt软件包后,启动libvirtd有报错,并且会导致环境网络不通
严重
sig/Virt,block
src-openEuler/libvirt
2
openEuler-22.03-LTS-SP2-round-2
I795G3
【22.03-LTS-SP2 round2】本次转测源中出现多个版本的containers-common
主要
sig/sig-CloudNative
src-openEuler/skopeo
3
openEuler-22.03-LTS-SP2-SEC
I7AFIR
【22.03-LTS-SP2 round2】【x86/arm】libkae-1.2.10-6.oe2203sp2安全编译选项Rpath/Runpath不满足
主要
sig/sig-AccLib
src-openEuler/libkae
社区待修复漏洞:
openEuler社区根据漏洞严重等级采取差异化的修复策略,请各个SIG 关注涉及CVE组件的修复情况。
严重等级(Severity Rating)
漏洞修复时长
致命(Critical)
7天
高(High)
14天
中(Medium)
30天
低(Low)
30天
可参考社区安全委员会漏洞:https://gitee.com/openeuler/security-committee/wikis/%E7%A4%BE…
近14天将超期CVE(7.22日数据):
漏洞编号
Issue ID
剩余天数
CVSS评分
软件包
责任SIG
CVE-2019-9020
I7MEEK
4.76
9.8
php
Base-service
CVE-2019-9023
I7MEDM
4.76
9.8
php
Base-service
CVE-2023-37211
I7IG0R
3.76
8.8
thunderbird
sig-desktop-apps
CVE-2023-37202
I7IG0E
3.76
8.8
thunderbird
sig-desktop-apps
CVE-2023-37201
I7IG06
3.76
8.8
thunderbird
sig-desktop-apps
CVE-2023-37464
I7LBRI
7.21
8.6
cjose
Application
CVE-2023-29450
I7L1GC
5.76
8.5
zabbix
Base-service
CVE-2023-32254
I74FNQ
10.26
8.1
risc-v-kernel
sig-RISC-V
CVE-2023-32250
I74FJM
10.26
8.1
risc-v-kernel
sig-RISC-V
CVE-2023-1901
I7K4AT
6.76
8.0
zephyr
sig-Zephyr
CVE-2023-1902
I7K4AS
9.76
8.0
zephyr
sig-Zephyr
CVE-2023-3117
I7H68Q
0.26
7.8
risc-v-kernel
sig-RISC-V
CVE-2023-37208
I7IG0C
3.76
7.8
thunderbird
sig-desktop-apps
CVE-2023-22387
I7IEHO
3.76
7.8
risc-v-kernel
sig-RISC-V
CVE-2023-34432
I7K4AJ
10.76
7.8
sox
Others
CVE-2023-3106
I7KR5N
12.84
7.8
risc-v-kernel
sig-RISC-V
CVE-2021-33796
I7JL9G
0.26
7.5
mujs
Desktop
CVE-2023-37475
I7LTWC
10.26
7.5
avro
Application
CVE-2022-4899
I7MGQL
11.76
7.5
mysql
Others
CVE-2019-9024
I7MED5
11.76
7.5
php
Base-service
CVE-2023-36824
I7KG1T
4.26
7.4
redis6
sig-bigdata
CVE-2023-36824
I7KG1S
4.26
7.4
redis5
sig-bigdata
CVE-2022-24834
I7KR7M
5.76
7.0
redis6
sig-bigdata
CVE-2023-34462
I7F2UM
9.26
6.5
netty3
sig-Java
CVE-2023-34462
I7F2UK
9.26
6.5
netty
sig-Java
CVE-2020-21485
I7F2U6
6.34
6.1
alluxio
sig-bigdata
CVE-2023-3161
I7C2TD
0.26
5.5
risc-v-kernel
sig-RISC-V
CVE-2023-3022
I79X7Y
8.26
5.5
risc-v-kernel
sig-RISC-V
CVE-2023-36191
I7FEZH
8.76
5.5
sqlite
DB
CVE-2023-34247
I7D9BK
2.26
4.1
openstack-keystone
sig-openstack
openEuler 社区指导文档及开放平台链接:
openEuler 版本分支维护规范:
https://gitee.com/openeuler/release-management/blob/master/openEuler%E7%89%…
openEuler release-management 版本分支PR指导:
https://gitee.com/openeuler/release-management/blob/master/openEuler%E5%BC%…
社区QA 版本测试提单规范
https://gitee.com/openeuler/QA/blob/master/%E7%A4%BE%E5%8C%BA%E7%89%88%E6%9…
社区QA 测试平台 radiates
https://radiatest.openeuler.org<https://radiatest.openeuler.org/>
1
0
1
0
您好!
sig-QA SIG 邀请您参加 2023-07-26 14:15 召开的Zoom会议(自动录制)
会议主题:QA双周例会
会议链接:https://us06web.zoom.us/j/87998053855?pwd=RUNBenc0bWlYUWZvZmltaFFMRHUwZz09
会议纪要:https://etherpad.openeuler.org/p/sig-QA-meetings
温馨提醒:建议接入会议后修改参会人的姓名,也可以使用您在gitee.com的ID
更多资讯尽在:https://openeuler.org/zh/
Hello!
openEuler sig-QA SIG invites you to attend the Zoom conference(auto recording) will be held at 2023-07-26 14:15,
The subject of the conference is QA双周例会,
You can join the meeting at https://us06web.zoom.us/j/87998053855?pwd=RUNBenc0bWlYUWZvZmltaFFMRHUwZz09.
Add topics at https://etherpad.openeuler.org/p/sig-QA-meetings.
Note: You are advised to change the participant name after joining the conference or use your ID at gitee.com.
More information: https://openeuler.org/en/
1
0
主题: openEuler update_20230712版本发布公告
Dear all,
经社区Release SIG、QA SIG及 CICD SIG 评估,openEuler-20.03-LTS-SP1、openEuler-20.03-LTS-SP3、openEuler-22.03-LTS、openEuler-22.03-LTS-SP1及openEuler-22.03-LTS-SP2 update版本满足版本出口质量,现进行发布公示。
本公示分为七部分:
1、openEuler-20.03-LTS-SP1 Update 20230712发布情况及待修复缺陷
2、openEuler-20.03-LTS-SP3 Update 20230712发布情况及待修复缺陷
3、openEuler-22.03-LTS Update 20230712发布情况及待修复缺陷
4、openEuler-22.03-LTS-SP1 Update 20230712发布情况及待修复缺陷
5、openEuler-22.03-LTS-SP2 Update 20230712发布情况及待修复缺陷
6、openEuler 关键组件待修复CVE 清单
7、openEuler 社区指导文档及开放平台链接
本次update版本发布后,下一个版本里程碑点(预计在2023/07/22)提供 update_ 20230719 版本。
openEuler-20.03-LTS-SP1 Update 20230712
经各SIG及社区开发者贡献,本周openEuler-20.03-LTS-SP1修复版本已知问题6个,已知漏洞8个。目前版本分支剩余待修复缺陷20个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库
openEuler-20.03-LTS-SP1 Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7JTM2?from=project-i…
CVE修复:
cve
仓库
优先级
CVE-2016-9841
syslinux
9.8
CVE-2023-36617
ruby
5.3
CVE-2022-4304
edk2
5.9
CVE-2023-29491
ncurses
7.8
CVE-2016-9843
syslinux
9.8
CVE-2016-9840
syslinux
8.8
CVE-2016-9842
syslinux
8.8
CVE-2020-25969
gnuplot
9.8
Bugfix:
issue
仓库
#I73KGV:【20.03 LTS SP1】qt5-qtimageformats.spec有错误,无法解析
qt5-qtimageformats
#I5Q5D1:【20.03 SP1】ibus在sp1分支安装有异常告警
ibus
#I5KINV:【20.03 SP1】gnome-shell在安装时有告警:%triggerin(gtk2-2.24.32-7.oe1.aarch64) 脚本执行失败,退出状态码为 1
gnome-shell
#I73J4P:【20.03 LTS SP1】jffi.spec无法解析
jffi
#I73JE8:【20.03 LTS SP1】jnr-ffi.spec无法解析
jnr-ffi
#I7J5UF:[openEuler-1.0-LTS] linux-4.19.y inclusion(4.19.283..4.19.287)
kernel
openEuler-20.03-LTS-SP1版本编译构建信息查询链接:
https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1
https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1:Epol
openEuler-20.03-LTS-SP1 Update版本 发布源链接:
https://repo.openeuler.org/openEuler-20.03-LTS-SP1/update/
https://repo.openeuler.org/openEuler-20.03-LTS-SP1/EPOL/update/
openEuler CVE 及安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-20.03-LTS-SP1 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高):
里程碑
任务ID
任务标题
优先级
sig组
关联仓库
openEuler 20.03-LTS-SP1
I4J0OY
【20.03 SP1】【arm/x86】安装好libdap后,getdap4命令的-i和-k参数使用异常
主要
sig/sig-recycle
libdap
openEuler 20.03-LTS-SP1
I4JMG4
【20.03 SP1】【arm/x86】robotframework包的三个命令:libdoc、rebot、robot执行--help/-h/-?/--version,查看帮助信息和版本信息,返回值为251
主要
sig/sig-ROS
python-robotframework
openEuler 20.03-LTS-SP1
I5DLX7
[20.03 22.03] 管理员指南操作文档mysql服务搭建指导文档有误
主要
sig/doc
docs
openEuler 20.03LTS SP1 update2103
I3E5C1
【20.03-SP1】【arm/x86】服务启动失败
主要
sig/bigdata
hadoop
openEuler 20.03LTS SP1 update210901
I48GIM
【20.03LTS SP1 update 210901】ovirt-cockpit-sso.service服务启动失败
主要
sig/oVirt
ovirt-cockpit-sso
openEuler 20.03-LTS-SP1
I6VFAE
[20.03 SP1] [x86/arm] mariadb授权给远程用户,远程连接服务失败
次要
sig/DB
mariadb
openEuler 20.03-LTS-SP1
I4G4A5
Undefine-shift in _bfd_safe_read_leb128
无优先级
sig/Base-service
binutils
openEuler 20.03-LTS-SP1
I4G4B1
Integer overflow in print_vms_time
无优先级
sig/Base-service
binutils
openEuler 20.03-LTS-SP1
I4G4VY
memleak in parse_gnu_debugaltlink
无优先级
sig/Base-service
binutils
openEuler 20.03-LTS-SP1
I4G4WF
Heap-buffer-overflow in slurp_hppa_unwind_table
无优先级
sig/Base-service
binutils
openEuler 20.03-LTS-SP1
I4G4WW
Use-after-free in make_qualified_name
无优先级
sig/Base-service
binutils
openEuler 20.03-LTS-SP1
I4G4X6
memleak in byte_get_little_endian
无优先级
sig/Base-service
binutils
openEuler 20.03-LTS-SP1
I4G4XF
memleak in process_mips_specific
无优先级
sig/Base-service
binutils
openEuler 20.03-LTS-SP1
I4G4Y0
out-of-memory in vms_lib_read_index
无优先级
sig/Base-service
binutils
openEuler 20.03-LTS-SP1
I4G4YJ
Heap-buffer-overflow in bfd_getl16
无优先级
sig/Base-service
binutils
openEuler 20.03-LTS-SP1
I4G4YV
Floating point exception in _bfd_vms_slurp_etir
无优先级
sig/Base-service
binutils
openEuler 20.03LTS SP1 update210926
I4CMSV
【20.03-LTS-SP1】【arm/x86】搭建Kubernetes 集群缺少包etcd
无优先级
sig/TC
community
openEuler 20.03LTS SP1 update220111
I4QV6N
【openEuler-20.03-LTS-SP1】flink命令执行失败
无优先级
sig/sig-ai-bigdata
flink
openEuler-20.03-LTS-SP1
I3QGU7
系统不支持GB18030
无优先级
sig/TC
community
openEuler-20.03-LTS-SP1-dailybuild
I5Y99T
mate-desktop install problem in openEuler:20:03:LTS:SP1
无优先级
sig/sig-mate-desktop
mate-desktop
openEuler-20.03-LTS-SP3 Update 20230712
经各SIG及社区开发者贡献,本周openEuler-20.03-LTS-SP3修复版本已知问3个,已知漏洞8个。目前版本分支剩余待修复缺陷 7个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库
openEuler-20.03-LTS-SP3 Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7JTM6?from=project-i…
CVE修复:
cve
仓库
优先级
CVE-2023-29491
ncurses
7.8
CVE-2023-36617
ruby
5.3
CVE-2022-4304
edk2
5.9
CVE-2016-9843
syslinux
9.8
CVE-2016-9841
syslinux
9.8
CVE-2016-9840
syslinux
8.8
CVE-2016-9842
syslinux
8.8
CVE-2020-25969
gnuplot
9.8
Bugfix:
issue
仓库
#I73J7L:【20.03 LTS SP3】jffi.spec无法解析
jffi
#I73JF9:【20.03 LTS SP3】jnr-ffi.spec无法解析
jnr-ffi
#I7J5UF:[openEuler-1.0-LTS] linux-4.19.y inclusion(4.19.283..4.19.287)
kernel
openEuler-20.03-LTS-SP3版本编译构建信息查询链接:
https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3
https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3:Epol
openEuler-20.03-LTS-SP3 Update版本 发布源链接:
https://repo.openeuler.org/openEuler-20.03-LTS-SP3/update/
https://repo.openeuler.org/openEuler-20.03-LTS-SP3/EPOL/update/main/
openEuler CVE及安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-20.03-LTS-SP3 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高):
里程碑
任务ID
任务标题
优先级
sig组
关联仓库
openEuler 20.03 LTS SP3 update20220801
I5LYJK
【20.03-sp3_update20220801】【x86】对内核版进行升级后,TCP_option_address安装异常
主要
sig/Kernel
TCP_option_address
openEuler 20.03-LTS-SP3
I5KXUY
【20.03 LTS SP3 update 20220803】【arm/x86】ovirt-cockpit-sso.service服务启动失败
主要
sig/oVirt
ovirt-cockpit-sso
openEuler-20.03-LTS-SP3
I5KY4S
【20.03 LTS SP3 update 20220803】【arm/x86】vdsmd.service服务启动失败,导致mom-vdsm.service服务无法启动成功
主要
sig/oVirt
vdsm
openEuler-20.03-LTS-SP3
I72EAT
【20.03 SP3】php相关包在20.03 LTS SP3降级失败
主要
sig/Base-service
php
openEuler 20.03LTS SP3 update220111
I4QV7S
【openEuler-20.03-LTS-SP3】flink run 命令执行失败
无优先级
sig/sig-ai-bigdata
flink
openEuler-20.03-LTS-SP3
I6VFMI
[20.03 SP3] [x86/arm] mariadb授权给远程用户,远程连接服务失败
次要
sig/DB
mariadb
openEuler-20.03-LTS-SP3
I72HWV
【20.03-lts-sp3】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败
次要
sig/Base-service
php
openEuler-22.03-LTS Update 20230712
经各SIG及社区开发者贡献,本周openEuler-22.03-LTS修复版本已知问题7个,已知漏洞10个。目前版本分支剩余待修复缺陷3个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库
openEuler-22.03-LTS Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7JTMA?from=project-i…
CVE修复:
cve
仓库
优先级
CVE-2023-36617
ruby
5.3
CVE-2023-29491
ncurses
7.8
CVE-2022-4304
edk2
5.9
CVE-2023-3090
kernel
7.8
CVE-2023-3389
kernel
7.8
CVE-2016-9843
syslinux
9.8
CVE-2016-9841
syslinux
9.8
CVE-2016-9840
syslinux
8.8
CVE-2016-9842
syslinux
8.8
CVE-2020-25969
gnuplot
9.8
Bugfix:
issue
仓库
#I7C4ZS:存在无效空链接/usr/share/doc/e2fsprogs/RELEASE-NOTES -> doc/RelNotes/v1.46.4.txt
e2fsprogs
#I64SHL:【22.03 LTS arm/86】deepin-movie-devel安装失败
deepin-movie
#I73JGF:【22.03 LTS】jnr-ffi.spec无法解析
jnr-ffi
#I73J9K:【22.03 LTS】jffi.spec无法解析
jffi
#I7HU5A:nettle库缺少版本限定
gnutls
#I4KIAO:[openEuler 22.03] 5.10 支持xfs
kernel
#I7HSFU:x86内核包,用rpm -qP命令查询出aarch64信息
kernel
openEuler-22.03-LTS版本编译构建信息查询链接:
https://build.openeuler.org/project/show/openEuler:22.03:LTS
https://build.openeuler.org/project/show/openEuler:22.03:LTS:Epol
openEuler-22.03-LTS Update版本 发布源链接:
https://repo.openeuler.org/openEuler-22.03-LTS/update/
https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/main/
https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op…
https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op…
https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/ob…
openEuler CVE 及 安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-22.03-LTS Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高):
里程碑
任务ID
任务标题
优先级
sig
关联仓库
openEuler-22.03-LTS
I5RHYO
【22.09 RC4】【arm/x86】package.ini中的redis_host配置为不存在的ip,重启pkgship服务失败,服务一直在尝试重启
主要
sig/sig-EasyLife
pkgship
openEuler-22.03-LTS
I7HH1A
【22.03 LTS update20230628】qemu缺少安装依赖,安装失败
主要
sig/Virt
qemu
openEuler-22.03-LTS
I6VFRX
[22.03-LTS][x86/arm]mariadb授权给远程用户,远程连接服务失败
次要
sig/DB
mariadb
openEuler-22.03-LTS
I72N5G
【22.03-lts】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败
次要
sig/Base-service
php
openEuler-22.03-LTS
I5M4N4
【22.03 LTS update 20220811】【arm/x86】openstack-ironic-inspector-conductor.service服务start失败
次要
sig/sig-openstack
openstack-ironic-inspector
openEuler-22.03-LTS-SP1 Update 20230712
经各SIG及社区开发者贡献,本周openEuler-22.03-LTS-SP1修复版本已知问题3个,已知漏洞10个。目前版本分支剩余待修复缺陷4个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库
openEuler-22.03-LTS SP1 Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7JTLY?from=project-i…
CVE修复:
cve
仓库
优先级
CVE-2023-29491
ncurses
7.8
CVE-2023-3090
kernel
7.8
CVE-2023-3389
kernel
7.8
CVE-2023-36617
ruby
5.3
CVE-2016-9841
syslinux
9.8
CVE-2016-9842
syslinux
8.8
CVE-2022-4304
edk2
5.9
CVE-2016-9843
syslinux
9.8
CVE-2016-9840
syslinux
8.8
CVE-2020-25969
gnuplot
9.8
Bugfix:
issue
仓库
#I7C4ZS:存在无效空链接/usr/share/doc/e2fsprogs/RELEASE-NOTES -> doc/RelNotes/v1.46.4.txt
e2fsprogs
#I73JBY:【22.03 LTS SP1】jffi.spec无法解析
jffi
#I4KIAO:[openEuler 22.03] 5.10 支持xfs
kernel
openEuler-22.03-LTS SP1版本编译构建信息查询链接:
https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP1
https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP1:Ep…
openEuler-22.03-LTS SP1 Update版本 发布源链接:
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/update/
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/main/
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_versio…
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_versio…
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_versio…
openEuler CVE 及 安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-22.03-LTS-SP1 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高):
里程碑
任务ID
任务标题
优先级
sig组
关联仓库
openEuler 22.03-SP1
I6B4V1
【22.03 SP1 update 20230118】【arm】libhdfs在arm架构降级失败,x86正常
主要
sig/bigdata
hadoop
openEuler-22.03-LTS-SP1
I6VFV6
【22.03 SP1】 [x86/arm] mariadb授权给远程用户,远程连接服务失败
次要
sig/DB
mariadb
openEuler-22.03-LTS-SP1
I73CKF
【22.03-lts-sp1】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败
次要
sig/Base-service
php
openEuler-22.03-LTS-SP2 Update 20230712
经各SIG及社区开发者贡献,本周openEuler-22.03-LTS-SP2修复版本已知问题3个,已知漏洞9个。目前版本分支剩余待修复缺陷4个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库
openEuler-22.03-LTS-SP2 Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7JUZ1?from=project-i…
CVE修复:
cve
仓库
优先级
CVE-2023-29491
ncurses
7.8
CVE-2023-3090
kernel
7.8
CVE-2023-3389
kernel
7.8
CVE-2023-36617
ruby
5.3
CVE-2016-9841
syslinux
9.8
CVE-2016-9842
syslinux
8.8
CVE-2016-9843
syslinux
9.8
CVE-2016-9840
syslinux
8.8
CVE-2020-25969
gnuplot
9.8
Bugfix:
issue
仓库
#I7KBOO:【22.03 LTS SP2】jffi.spec无法解析
jffi
#I7HU5A:nettle库缺少版本限定
gnutls
#I4KIAO:[openEuler 22.03] 5.10 支持xfs
kernel
openEuler-22.03-LTS SP2版本编译构建信息查询链接:
https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP2
https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP2:Ep…
openEuler-22.03-LTS SP2 Update版本 发布源链接:
https://repo.openeuler.org/openEuler-22.03-LTS-SP2/update/
https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/main/
https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/multi_versio…
https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/multi_versio…
openEuler CVE 及 安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-22.03-LTS-SP2 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高):
里程碑
任务ID
任务标题
优先级
sig组
关联仓库
openEuler-22.03-LTS-SP2-round-2
I795G3
【22.03-LTS-SP2 round2】本次转测源中出现多个版本的containers-common
主要
sig/sig-CloudNative
skopeo
openEuler-22.03-LTS-SP2-SEC
I7AFIR
【22.03-LTS-SP2 round2】【x86/arm】libkae-1.2.10-6.oe2203sp2安全编译选项Rpath/Runpath不满足
主要
sig/sig-AccLib
libkae
openEuler-22.03-LTS-SP2-round-4
I7ET7H
【22.03-LTS-SP2 round4】libzmq为新引入的冗余包,与zeromq上游及版本一致,请确认libzmq是否纳入sp2版本
主要
sig/sig-ROS
libzmq
社区待修复漏洞:
openEuler社区根据漏洞严重等级采取差异化的修复策略,请各个SIG 关注涉及CVE组件的修复情况。
严重等级(Severity Rating)
漏洞修复时长
致命(Critical)
7天
高(High)
14天
中(Medium)
30天
低(Low)
30天
可参考社区安全委员会漏洞:https://gitee.com/openeuler/security-committee/wikis/%E7%A4%BE…
近14天将超期CVE(7.15日数据):
漏洞编号
Issue ID
剩余天数
CVSS评分
软件包
责任SIG
CVE-2021-33796
I7JL9G
0.05
10.0
mujs
Desktop
CVE-2023-2003
I7L17D
5.55
9.1
obs-build
Others
CVE-2023-37211
I7IG0R
10.55
8.8
thunderbird
sig-desktop-apps
CVE-2023-37202
I7IG0E
10.55
8.8
thunderbird
sig-desktop-apps
CVE-2023-37201
I7IG06
10.55
8.8
thunderbird
sig-desktop-apps
CVE-2023-29450
I7L1GC
12.55
8.5
zabbix
Base-service
CVE-2023-35947
I7HJNK
9.8
8.1
gradle
sig-Java
CVE-2023-3090
I7GVI1
5.55
7.8
kernel
Kernel
CVE-2023-3390
I7GVIA
6.05
7.8
kernel
Kernel
CVE-2023-31248
I7ISR3
6.63
7.8
kernel
Kernel
CVE-2023-35001
I7ISR1
6.63
7.8
kernel
Kernel
CVE-2023-3117
I7H68N
7.05
7.8
kernel
Kernel
CVE-2023-37208
I7IG0C
10.55
7.8
thunderbird
sig-desktop-apps
CVE-2023-22387
I7IEHD
10.55
7.8
kernel
Kernel
CVE-2023-1999
I6ZQ58
4.55
7.5
thunderbird
sig-desktop-apps
CVE-2023-3338
I7H66P
7.05
7.5
kernel
Kernel
CVE-2023-30586
I7HJQQ
9.8
7.5
nodejs
sig-nodejs
CVE-2023-36053
I7I6XE
10.55
7.5
python-django
sig-python-modules
CVE-2023-30589
I7HJQT
10.97
7.5
nodejs
sig-nodejs
CVE-2023-35945
I7L1Z1
12.97
7.5
nghttp2
Networking
CVE-2023-36824
I7KG1R
10.97
7.4
redis
Others
CVE-2023-36824
I7KG1P
10.97
7.4
python-redis
Base-service
CVE-2023-36824
I7KG1T
11.05
7.4
redis6
sig-bigdata
CVE-2023-36824
I7KG1S
11.05
7.4
redis5
sig-bigdata
CVE-2023-1295
I7GUAN
6.63
7.0
kernel
Kernel
CVE-2022-24834
I7KR7M
12.55
7.0
redis6
sig-bigdata
CVE-2023-3159
I7BYU9
6.05
6.7
kernel
Kernel
CVE-2018-14526
I7DUYI
0.28
6.5
wpa_supplicant
Base-service
CVE-2023-3220
I7F2UT
12.55
5.5
kernel
Kernel
CVE-2023-2455
I72FSG
1.63
5.4
libpq
DB
CVE-2023-2455
I72FSD
2.05
5.4
postgresql
DB
CVE-2023-34247
I7D9BK
9.05
4.1
openstack-keystone
sig-openstack
CVE-2023-20867
I7DKSD
1.63
3.9
open-vm-tools
Virt
CVE-2023-3247
I7EAGC
2.48
3.0
php
Base-service
openEuler 社区指导文档及开放平台链接:
openEuler 版本分支维护规范:
https://gitee.com/openeuler/release-management/blob/master/openEuler%E7%89%…
openEuler release-management 版本分支PR指导:
https://gitee.com/openeuler/release-management/blob/master/openEuler%E5%BC%…
社区QA 版本测试提单规范
https://gitee.com/openeuler/QA/blob/master/%E7%A4%BE%E5%8C%BA%E7%89%88%E6%9…
社区QA 测试平台 radiates
https://radiatest.openeuler.org<https://radiatest.openeuler.org/>
1
0
谢 谢 !
请各位审阅。
田延辉
龙芯中科技术有限公司 系统研发部
-----------------------------------------------------
北京市海淀区北清路中关村环保科技示范园 龙芯产业园 100095
电话: +86 (10) 62546668-4127 13910334856
传真: +86 (10) 62600826
本邮件及其附件含有龙芯中科的商业秘密信息,仅限于发送给上面地址中列出的个人或群组。禁止任何其他人以任何形式使用(包括但不限于全部或部分地泄露、复制或散发)本邮件及其附件中的信息。如果您错收本邮件,请您立即电话或邮件通知发件人并删除本邮件。
This email and its attachments contain confidential information from Loongson Technology , which is intended only for the person or entity whose address is listed above. Any use of the information contained herein in any way (including, but not limited to, total or partial disclosure, reproduction or dissemination) by persons other than the intended recipient(s) is prohibited. If you receive this email in error, please notify the sender by phone or email immediately and delete it.
本邮件及其附件含有龙芯中科的商业秘密信息,仅限于发送给上面地址中列出的个人或群组。禁止任何其他人以任何形式使用(包括但不限于全部或部分地泄露、复制或散发)本邮件及其附件中的信息。如果您错收本邮件,请您立即电话或邮件通知发件人并删除本邮件。
This email and its attachments contain confidential information from Loongson Technology , which is intended only for the person or entity whose address is listed above. Any use of the information contained herein in any way (including, but not limited to, total or partial disclosure, reproduction or dissemination) by persons other than the intended recipient(s) is prohibited. If you receive this email in error, please notify the sender by phone or email immediately and delete it.
1
0
主题: openEuler update_20230705版本发布公告
>
> Dear all,
> 经社区Release SIG、QA SIG及 CICD SIG 评估,openEuler-20.03-LTS-SP1、openEuler-20.03-LTS-SP3、openEuler-22.03-LTS、openEuler-22.03-LTS-SP1及openEuler-22.03-LTS-SP2 update版本满足版本出口质量,现进行发布公示。
> 本公示分为七部分:
> 1、openEuler-20.03-LTS-SP1 Update 20230705发布情况及待修复缺陷
> 2、openEuler-20.03-LTS-SP3 Update 20230705发布情况及待修复缺陷
> 3、openEuler-22.03-LTS Update 20230705发布情况及待修复缺陷
> 4、openEuler-22.03-LTS-SP1 Update 20230705发布情况及待修复缺陷
> 5、openEuler-22.03-LTS-SP2 Update 20230705发布情况及待修复缺陷
> 6、openEuler 关键组件待修复CVE 清单
> 7、openEuler 社区指导文档及开放平台链接
> 本次update版本发布后,下一个版本里程碑点(预计在2023/07/15)提供 update_ 20230712 版本。
>
> openEuler-20.03-LTS-SP1 Update 20230705
> 经各SIG及社区开发者贡献,本周openEuler-20.03-LTS-SP1修复版本已知问题2个,已知漏洞21个。目前版本分支剩余待修复缺陷20个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库
>
> openEuler-20.03-LTS-SP1 Update版本CVE修复 及Bugfix list公示链接:
> https://gitee.com/openeuler/release-management/issues/I7HRIB?from=project-i…
>
> CVE修复:
> CVE
> 仓库
> 优先级
> CVE-2023-31484
> perl-CPAN
> 8.1
> CVE-2023-32700
> texlive-base
> 7.8
> CVE-2023-29403
> golang
> 7.8
> CVE-2023-34454
> snappy-java
> 7.5
> CVE-2023-34455
> snappy-java
> 7.5
> CVE-2022-2414
> pki-core
> 7.5
> CVE-2023-2976
> guava
> 7.1
> CVE-2023-2976
> guava20
> 7.1
> CVE-2023-35828
> kernel
> 7
> CVE-2023-35823
> kernel
> 7
> CVE-2023-3159
> kernel
> 6.7
> CVE-2023-25433
> libtiff
> 5.5
> CVE-2023-2908
> libtiff
> 5.5
> CVE-2023-3006
> kernel
> 5.5
> CVE-2023-34256
> kernel
> 5.5
> CVE-2023-3161
> kernel
> 5.5
> CVE-2023-35789
> librabbitmq
> 5.5
> CVE-2023-3195
> ImageMagick
> 5.5
> CVE-2023-1672
> tang
> 5.3
> CVE-2023-34241
> cups
> 5.3
> CVE-2023-26966
> libtiff
> 4.4
>
>
> Bugfix:
> issue
> 仓库
> #I7IJ9C:update-20230705 -update gupnp-igd<https://gitee.com/open_euler/dashboard?issue_id=I7IJ9C>
> gupnp-igd
> #I6OE6T:【OBS】texlive-pdftex在openEuler:20.03:LTS:SP1工程安装失败问题,阻塞SP1分支的基础镜像构建失败<https://gitee.com/open_euler/dashboard?issue_id=I6OE6T>
> texlive-base
>
>
> openEuler-20.03-LTS-SP1版本编译构建信息查询链接:
> https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1
> https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1:Epol
>
> openEuler-20.03-LTS-SP1 Update版本 发布源链接:
> https://repo.openeuler.org/openEuler-20.03-LTS-SP1/update/
> https://repo.openeuler.org/openEuler-20.03-LTS-SP1/EPOL/update/
>
> openEuler CVE 及安全公告公示链接:
> https://www.openeuler.org/zh/security/cve/
> https://www.openeuler.org/zh/security/safety-bulletin/
> https://repo.openeuler.org/security/data/cvrf/
>
> openEuler-20.03-LTS-SP1 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高):
> 里程碑
> 任务ID
> 任务标题
> 优先级
> sig组
> 关联仓库
> openEuler 20.03-LTS-SP1
> I4J0OY
> 【20.03 SP1】【arm/x86】安装好libdap后,getdap4命令的-i和-k参数使用异常
> 主要
> sig/sig-recycle
> libdap
> openEuler 20.03-LTS-SP1
> I4JMG4
> 【20.03 SP1】【arm/x86】robotframework包的三个命令:libdoc、rebot、robot执行--help/-h/-?/--version,查看帮助信息和版本信息,返回值为251
> 主要
> sig/sig-ROS
> python-robotframework
> openEuler 20.03-LTS-SP1
> I5DLX7
> [20.03 22.03] 管理员指南操作文档mysql服务搭建指导文档有误
> 主要
> sig/doc
> docs
> openEuler 20.03LTS SP1 update2103
> I3E5C1
> 【20.03-SP1】【arm/x86】服务启动失败
> 主要
> sig/bigdata
> hadoop
> openEuler 20.03LTS SP1 update210901
> I48GIM
> 【20.03LTS SP1 update 210901】ovirt-cockpit-sso.service服务启动失败
> 主要
> sig/oVirt
> ovirt-cockpit-sso
> openEuler 20.03-LTS-SP1
> I6VFAE
> [20.03 SP1] [x86/arm] mariadb授权给远程用户,远程连接服务失败
> 次要
> sig/DB
> mariadb
> openEuler 20.03-LTS-SP1
> I4G4A5
> Undefine-shift in _bfd_safe_read_leb128
> 无优先级
> sig/Base-service
> binutils
> openEuler 20.03-LTS-SP1
> I4G4B1
> Integer overflow in print_vms_time
> 无优先级
> sig/Base-service
> binutils
> openEuler 20.03-LTS-SP1
> I4G4VY
> memleak in parse_gnu_debugaltlink
> 无优先级
> sig/Base-service
> binutils
> openEuler 20.03-LTS-SP1
> I4G4WF
> Heap-buffer-overflow in slurp_hppa_unwind_table
> 无优先级
> sig/Base-service
> binutils
> openEuler 20.03-LTS-SP1
> I4G4WW
> Use-after-free in make_qualified_name
> 无优先级
> sig/Base-service
> binutils
> openEuler 20.03-LTS-SP1
> I4G4X6
> memleak in byte_get_little_endian
> 无优先级
> sig/Base-service
> binutils
> openEuler 20.03-LTS-SP1
> I4G4XF
> memleak in process_mips_specific
> 无优先级
> sig/Base-service
> binutils
> openEuler 20.03-LTS-SP1
> I4G4Y0
> out-of-memory in vms_lib_read_index
> 无优先级
> sig/Base-service
> binutils
> openEuler 20.03-LTS-SP1
> I4G4YJ
> Heap-buffer-overflow in bfd_getl16
> 无优先级
> sig/Base-service
> binutils
> openEuler 20.03-LTS-SP1
> I4G4YV
> Floating point exception in _bfd_vms_slurp_etir
> 无优先级
> sig/Base-service
> binutils
> openEuler 20.03LTS SP1 update210926
> I4CMSV
> 【20.03-LTS-SP1】【arm/x86】搭建Kubernetes 集群缺少包etcd
> 无优先级
> sig/TC
> community
> openEuler 20.03LTS SP1 update220111
> I4QV6N
> 【openEuler-20.03-LTS-SP1】flink命令执行失败
> 无优先级
> sig/sig-ai-bigdata
> flink
> openEuler-20.03-LTS-SP1
> I3QGU7
> 系统不支持GB18030
> 无优先级
> sig/TC
> community
> openEuler-20.03-LTS-SP1-dailybuild
> I5Y99T
> mate-desktop install problem in openEuler:20:03:LTS:SP1
> 无优先级
> sig/sig-mate-desktop
> mate-desktop
>
>
> openEuler-20.03-LTS-SP3 Update 20230705
> 经各SIG及社区开发者贡献,本周openEuler-20.03-LTS-SP3修复版本已知问5个,已知漏洞26个。目前版本分支剩余待修复缺陷 7个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库
>
> openEuler-20.03-LTS-SP3 Update版本CVE修复 及Bugfix list公示链接:
> https://gitee.com/openeuler/release-management/issues/I7HRIF?from=project-i…
>
> CVE修复:
> CVE
> 仓库
> 优先级
> CVE-2022-3294
> kubernetes
> 8.8
> CVE-2023-31484
> perl-CPAN
> 8.1
> CVE-2023-32700
> texlive-base
> 7.8
> CVE-2023-29403
> golang
> 7.8
> CVE-2023-34454
> snappy-java
> 7.5
> CVE-2023-34455
> snappy-java
> 7.5
> CVE-2022-2414
> pki-core
> 7.5
> CVE-2023-2976
> guava
> 7.1
> CVE-2023-2976
> guava20
> 7.1
> CVE-2023-35828
> kernel
> 7
> CVE-2023-35823
> kernel
> 7
> CVE-2023-3159
> kernel
> 6.7
> CVE-2022-3162
> kubernetes
> 6.5
> CVE-2023-2728
> kubernetes
> 6.5
> CVE-2023-2727
> kubernetes
> 6.5
> CVE-2023-2431
> kubernetes
> 5.5
> CVE-2023-25433
> libtiff
> 5.5
> CVE-2023-2908
> libtiff
> 5.5
> CVE-2023-3006
> kernel
> 5.5
> CVE-2023-34256
> kernel
> 5.5
> CVE-2023-3161
> kernel
> 5.5
> CVE-2023-35789
> librabbitmq
> 5.5
> CVE-2023-3195
> ImageMagick
> 5.5
> CVE-2023-34241
> cups
> 5.3
> CVE-2023-1672
> tang
> 5.3
> CVE-2023-26966
> libtiff
> 4.4
>
>
> Bugfix:
> issue
> 仓库
> #I7FS77:【20.03 LTS SP3】【bond4】slave_mac传入重复的mac,启动gazelle发生coredump<https://gitee.com/open_euler/dashboard?issue_id=I7FS77>
> gazelle
> #I7GFMA:使用example 打流udp不通,cksum校验失败<https://gitee.com/open_euler/dashboard?issue_id=I7GFMA>
> gazelle
> #I7F7WM:上游社区补丁回合,修复bond场景下连接问题<https://gitee.com/open_euler/dashboard?issue_id=I7F7WM>
> dpdk
> #I7GRPR:【20.03 LTS SP3】【bond4】lstack配置文件中不加mlx驱动或者网卡和cpu 不在同一个NUMA,启动gazelle会发生core<https://gitee.com/open_euler/dashboard?issue_id=I7GRPR>
> gazelle
> #I7GRPR:【20.03 LTS SP3】【bond4】lstack配置文件中不加mlx驱动或者网卡和cpu 不在同一个NUMA,启动gazelle会发生core<https://gitee.com/open_euler/dashboard?issue_id=I7GRPR>
> lwip
>
>
> openEuler-20.03-LTS-SP3版本编译构建信息查询链接:
> https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3
> https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3:Epol
>
> openEuler-20.03-LTS-SP3 Update版本 发布源链接:
> https://repo.openeuler.org/openEuler-20.03-LTS-SP3/update/
> https://repo.openeuler.org/openEuler-20.03-LTS-SP3/EPOL/update/main/
>
> openEuler CVE及安全公告公示链接:
> https://www.openeuler.org/zh/security/cve/
> https://www.openeuler.org/zh/security/safety-bulletin/
> https://repo.openeuler.org/security/data/cvrf/
>
>
> openEuler-20.03-LTS-SP3 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高):
> 里程碑
> 任务ID
> 任务标题
> 优先级
> sig组
> 关联仓库
> openEuler 20.03 LTS SP3 update20220801
> I5LYJK
> 【20.03-sp3_update20220801】【x86】对内核版进行升级后,TCP_option_address安装异常
> 主要
> sig/Kernel
> TCP_option_address
> openEuler 20.03-LTS-SP3
> I5KXUY
> 【20.03 LTS SP3 update 20220803】【arm/x86】ovirt-cockpit-sso.service服务启动失败
> 主要
> sig/oVirt
> ovirt-cockpit-sso
> openEuler-20.03-LTS-SP3
> I5KY4S
> 【20.03 LTS SP3 update 20220803】【arm/x86】vdsmd.service服务启动失败,导致mom-vdsm.service服务无法启动成功
> 主要
> sig/oVirt
> vdsm
> openEuler-20.03-LTS-SP3
> I72EAT
> 【20.03 SP3】php相关包在20.03 LTS SP3降级失败
> 主要
> sig/Base-service
> php
> openEuler 20.03LTS SP3 update220111
> I4QV7S
> 【openEuler-20.03-LTS-SP3】flink run 命令执行失败
> 无优先级
> sig/sig-ai-bigdata
> flink
> openEuler-20.03-LTS-SP3
> I6VFMI
> [20.03 SP3] [x86/arm] mariadb授权给远程用户,远程连接服务失败
> 次要
> sig/DB
> mariadb
> openEuler-20.03-LTS-SP3
> I72HWV
> 【20.03-lts-sp3】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败
> 次要
> sig/Base-service
> php
>
>
> openEuler-22.03-LTS Update 20230705
> 经各SIG及社区开发者贡献,本周openEuler-22.03-LTS修复版本已知问题4个,已知漏洞28个。目前版本分支剩余待修复缺陷3个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库
>
>
> openEuler-22.03-LTS Update版本CVE修复 及Bugfix list公示链接:
> https://gitee.com/openeuler/release-management/issues/I7HRII?from=project-i…
>
> CVE修复:
> CVE
> 仓库
> 优先级
> CVE-2022-3294
> kubernetes
> 8.8
> CVE-2023-31484
> perl-CPAN
> 8.1
> CVE-2023-32700
> texlive-base
> 7.8
> CVE-2023-29403
> golang
> 7.8
> CVE-2023-34454
> snappy-java
> 7.5
> CVE-2023-34455
> snappy-java
> 7.5
> CVE-2023-2976
> guava
> 7.1
> CVE-2023-2976
> guava20
> 7.1
> CVE-2023-3212
> kernel
> 7
> CVE-2023-35828
> kernel
> 7
> CVE-2023-35824
> kernel
> 7
> CVE-2022-3162
> kubernetes
> 6.5
> CVE-2023-2728
> kubernetes
> 6.5
> CVE-2023-2727
> kubernetes
> 6.5
> CVE-2023-2431
> kubernetes
> 5.5
> CVE-2023-25433
> libtiff
> 5.5
> CVE-2023-2908
> libtiff
> 5.5
> CVE-2023-34256
> kernel
> 5.5
> CVE-2023-3161
> kernel
> 5.5
> CVE-2023-35789
> librabbitmq
> 5.5
> CVE-2023-34475
> ImageMagick
> 5.5
> CVE-2023-34474
> ImageMagick
> 5.5
> CVE-2023-31084
> kernel
> 5.5
> CVE-2023-3195
> ImageMagick
> 5.5
> CVE-2023-1672
> tang
> 5.3
> CVE-2023-34241
> cups
> 5.3
> CVE-2023-26966
> libtiff
> 4.4
> CVE-2023-2860
> kernel
> 4.4
>
>
> Bugfix:
> issue
> 仓库
> #I7HU5A:nettle库缺少版本限定<https://gitee.com/open_euler/dashboard?issue_id=I7HU5A>
> gnutls
> #I7DFZ4:希望readline 8.1版本关闭默认开启的bracketed-paste模式 ,因为和8.0版本不兼容<https://gitee.com/open_euler/dashboard?issue_id=I7DFZ4>
> readline
> #I7HT4K: grub2回合上游社区补丁<https://gitee.com/open_euler/dashboard?issue_id=I7HT4K>
> grub2
> #I7F3NP:【hulk-5.10】 efi: Fix UAF for arm64 when enable efi_fake_mem<https://gitee.com/open_euler/dashboard?issue_id=I7F3NP>
> kernel
>
>
> openEuler-22.03-LTS版本编译构建信息查询链接:
> https://build.openeuler.org/project/show/openEuler:22.03:LTS
> https://build.openeuler.org/project/show/openEuler:22.03:LTS:Epol
>
> openEuler-22.03-LTS Update版本 发布源链接:
> https://repo.openeuler.org/openEuler-22.03-LTS/update/
> https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/main/
> https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op…
> https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op…
> https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/ob…
>
> openEuler CVE 及 安全公告公示链接:
> https://www.openeuler.org/zh/security/cve/
> https://www.openeuler.org/zh/security/safety-bulletin/
> https://repo.openeuler.org/security/data/cvrf/
>
> openEuler-22.03-LTS Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高):
> 里程碑
> 任务ID
> 任务标题
> 优先级
> sig
> 关联仓库
> openEuler-22.03-LTS
> I6VFRX
> [22.03-LTS][x86/arm]mariadb授权给远程用户,远程连接服务失败
> 次要
> sig/DB
> mariadb
> openEuler-22.03-LTS
> I72N5G
> 【22.03-lts】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败
> 次要
> sig/Base-service
> php
> openEuler-22.03-LTS
> I7CQNF
> 【22.03-LTS】【arm/x86】卸载cephadm时报错:"userdel:cephadm 信件池 (/var/spool/mail/cephadm) 未找到"
> 次要
> sig/SDS
> ceph
>
>
> openEuler-22.03-LTS-SP1 Update 20230705
> 经各SIG及社区开发者贡献,本周openEuler-22.03-LTS-SP1修复版本已知问题5个,已知漏洞30个。目前版本分支剩余待修复缺陷4个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库
>
>
> openEuler-22.03-LTS SP1 Update版本CVE修复 及Bugfix list公示链接:
> https://gitee.com/openeuler/release-management/issues/I7HRI7?from=project-i…
>
>
> CVE修复:
> CVE
> 仓库
> 优先级
> CVE-2022-3294
> kubernetes
> 8.8
> CVE-2023-31486
> perl
> 8.1
> CVE-2023-31484
> perl-CPAN
> 8.1
> CVE-2023-29403
> golang
> 7.8
> CVE-2023-32700
> texlive-base
> 7.8
> CVE-2023-34455
> snappy-java
> 7.5
> CVE-2023-34454
> snappy-java
> 7.5
> CVE-2023-2976
> guava
> 7.1
> CVE-2023-2976
> guava20
> 7.1
> CVE-2023-2976
> guava20
> 7.1
> CVE-2023-3212
> kernel
> 7
> CVE-2023-35828
> kernel
> 7
> CVE-2023-35824
> kernel
> 7
> CVE-2023-2728
> kubernetes
> 6.5
> CVE-2023-2727
> kubernetes
> 6.5
> CVE-2022-3162
> kubernetes
> 6.5
> CVE-2023-2727
> kubernetes
> 6.5
> CVE-2023-35789
> librabbitmq
> 5.5
> CVE-2023-34475
> ImageMagick
> 5.5
> CVE-2023-34474
> ImageMagick
> 5.5
> CVE-2023-2431
> kubernetes
> 5.5
> CVE-2023-34256
> kernel
> 5.5
> CVE-2023-3161
> kernel
> 5.5
> CVE-2023-31084
> kernel
> 5.5
> CVE-2023-2908
> libtiff
> 5.5
> CVE-2023-25433
> libtiff
> 5.5
> CVE-2023-3195
> ImageMagick
> 5.5
> CVE-2023-34241
> cups
> 5.3
> CVE-2023-1672
> tang
> 5.3
> CVE-2023-26966
> libtiff
> 4.4
>
>
> Bugfix:
> issue
> 仓库
> #I7GH64:例行分析dnf-plugins-core补丁,需要回合补丁<https://gitee.com/open_euler/dashboard?issue_id=I7GH64>
> dnf-plugins-core
> #I7HU5A:nettle库缺少版本限定<https://gitee.com/open_euler/dashboard?issue_id=I7HU5A>
> gnutls
> #I7DFZ4:希望readline 8.1版本关闭默认开启的bracketed-paste模式 ,因为和8.0版本不兼容<https://gitee.com/open_euler/dashboard?issue_id=I7DFZ4>
> readline
> #I7HT4K: grub2回合上游社区补丁<https://gitee.com/open_euler/dashboard?issue_id=I7HT4K>
> grub2
> #I6WKXZ:[OLK-5.10] mm: mem_reliable: Fix style problem for counting reliable task memory usage<https://gitee.com/open_euler/dashboard?issue_id=I6WKXZ>
> kernel
>
>
> openEuler-22.03-LTS SP1版本编译构建信息查询链接:
> https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP1
> https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP1:Ep…
>
> openEuler-22.03-LTS SP1 Update版本 发布源链接:
> https://repo.openeuler.org/openEuler-22.03-LTS-SP1/update/
> https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/main/
> https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_versio…
> https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_versio…
> https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_versio…
>
> openEuler CVE 及 安全公告公示链接:
> https://www.openeuler.org/zh/security/cve/
> https://www.openeuler.org/zh/security/safety-bulletin/
> https://repo.openeuler.org/security/data/cvrf/
>
> openEuler-22.03-LTS-SP1 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高):
> 里程碑
> 任务ID
> 任务标题
> 优先级
> sig组
> 关联仓库
> openEuler 22.03-SP1
> I6B4V1
> 【22.03 SP1 update 20230118】【arm】libhdfs在arm架构降级失败,x86正常
> 主要
> sig/bigdata
> hadoop
> openEuler-22.03-LTS-SP1
> I7CGIU
> 【22.03-LTS-SP1】【arm/x86】opengauss与libcgroup存在安装冲突
> 主要
> sig/DB
> opengauss-server
> openEuler-22.03-LTS-SP1
> I6VFV6
> 【22.03 SP1】 [x86/arm] mariadb授权给远程用户,远程连接服务失败
> 次要
> sig/DB
> mariadb
> openEuler-22.03-LTS-SP1
> I73CKF
> 【22.03-lts-sp1】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败
> 次要
> sig/Base-service
> php
>
>
> openEuler-22.03-LTS-SP2 Update 20230705
> 经各SIG及社区开发者贡献,本周openEuler-22.03-LTS-SP2修复版本已知问题8个,已知漏洞29个。目前版本分支剩余待修复缺陷4个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库
>
> openEuler-22.03-LTS-SP2 Update版本CVE修复 及Bugfix list公示链接:
> https://gitee.com/openeuler/release-management/issues/I7HRRN?from=project-i…
>
>
> CVE修复:
> CVE
> 仓库
> 优先级
> CVE-2022-3294
> kubernetes
> 8.8
> CVE-2023-31486
> perl
> 8.1
> CVE-2023-31484
> perl-CPAN
> 8.1
> CVE-2023-29403
> golang
> 7.8
> CVE-2023-35788
> kernel
> 7.8
> CVE-2023-32700
> texlive-base
> 7.8
> CVE-2022-2414
> pki-core
> 7.5
> CVE-2023-34455
> snappy-java
> 7.5
> CVE-2023-34454
> snappy-java
> 7.5
> CVE-2023-2976
> guava
> 7.1
> CVE-2023-2976
> guava20
> 7.1
> CVE-2023-3212
> kernel
> 7
> CVE-2023-35828
> kernel
> 7
> CVE-2023-35824
> kernel
> 7
> CVE-2023-2728
> kubernetes
> 6.5
> CVE-2023-2727
> kubernetes
> 6.5
> CVE-2022-3162
> kubernetes
> 6.5
> CVE-2023-34256
> kernel
> 5.5
> CVE-2023-3161
> kernel
> 5.5
> CVE-2023-31084
> kernel
> 5.5
> CVE-2023-2908
> libtiff
> 5.5
> CVE-2023-25433
> libtiff
> 5.5
> CVE-2023-35789
> librabbitmq
> 5.5
> CVE-2023-2431
> kubernetes
> 5.5
> CVE-2023-34474
> ImageMagick
> 5.5
> CVE-2023-34475
> ImageMagick
> 5.5
> CVE-2023-34241
> cups
> 5.3
> CVE-2023-1672
> tang
> 5.3
> CVE-2023-26966
> libtiff
> 4.4
>
>
> Bugfix:
> issue
> 仓库
> #I7GGED:例行分析dnf补丁,需要回合补丁<https://gitee.com/open_euler/dashboard?issue_id=I7GGED>
> dnf
> #I7GFE1: R12版本dnf降级,libdnf没有跟着随升降级,会造成dnf部分功能异常无法使用,需要libdnf软件包在spec文件中加强依赖版本的控制<https://gitee.com/open_euler/dashboard?issue_id=I7GFE1>
> libdnf
> #I7GH64:例行分析dnf-plugins-core补丁,需要回合补丁<https://gitee.com/open_euler/dashboard?issue_id=I7GH64>
> dnf-plugins-core
> #I7HU5A:nettle库缺少版本限定<https://gitee.com/open_euler/dashboard?issue_id=I7HU5A>
> gnutls
> #I7DFZ4:希望readline 8.1版本关闭默认开启的bracketed-paste模式 ,因为和8.0版本不兼容<https://gitee.com/open_euler/dashboard?issue_id=I7DFZ4>
> readline
> #I7HT4K: grub2回合上游社区补丁<https://gitee.com/open_euler/dashboard?issue_id=I7HT4K>
> grub2
> #I5QPB7:【openEuler-20.03-LTS-SP1】【arm/x86】passenger 软件包命令行执行报错<https://gitee.com/open_euler/dashboard?issue_id=I5QPB7>
> passenger
> #I6WKXZ:[OLK-5.10] mm: mem_reliable: Fix style problem for counting reliable task memory usage<https://gitee.com/open_euler/dashboard?issue_id=I6WKXZ>
> kernel
>
>
> openEuler-22.03-LTS SP2版本编译构建信息查询链接:
> https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP2
> https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP2:Ep…
>
> openEuler-22.03-LTS SP2 Update版本 发布源链接:
> https://repo.openeuler.org/openEuler-22.03-LTS-SP2/update/
> https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/main/
> https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/multi_versio…
> https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/multi_versio…
>
> openEuler CVE 及 安全公告公示链接:
> https://www.openeuler.org/zh/security/cve/
> https://www.openeuler.org/zh/security/safety-bulletin/
> https://repo.openeuler.org/security/data/cvrf/
>
>
> openEuler-22.03-LTS-SP2 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高):
> 里程碑
> 任务ID
> 任务标题
> 优先级
> sig组
> 关联仓库
> openEuler-22.03-LTS-SP2-round-2
> I795G3
> 【22.03-LTS-SP2 round2】本次转测源中出现多个版本的containers-common
> 主要
> sig/sig-CloudNative
> skopeo
> openEuler-22.03-LTS-SP2-SEC
> I7AFIR
> 【22.03-LTS-SP2 round2】【x86/arm】libkae-1.2.10-6.oe2203sp2安全编译选项Rpath/Runpath不满足
> 主要
> sig/sig-AccLib
> libkae
> openEuler-22.03-LTS-SP2-round-4
> I7ET7H
> 【22.03-LTS-SP2 round4】libzmq为新引入的冗余包,与zeromq上游及版本一致,请确认libzmq是否纳入sp2版本
> 主要
> sig/sig-ROS
> libzmq
> openEuler-22.03-LTS-SP2-dailybuild
> I7HSFU
> x86内核包,用rpm -qP命令查询出aarch64信息
> 无优先级
> sig/Kernel
> kernel
>
>
> 社区待修复漏洞:
> openEuler社区根据漏洞严重等级采取差异化的修复策略,请各个SIG 关注涉及CVE组件的修复情况。
> 严重等级(Severity Rating)
> 漏洞修复时长
> 致命(Critical)
> 7天
> 高(High)
> 14天
> 中(Medium)
> 30天
> 低(Low)
> 30天
>
> 可参考社区安全委员会漏洞:https://gitee.com/openeuler/security-committee/wikis/%E7%A4%BE…
>
> 近14天将超期CVE(7.8日数据):
> 漏洞编号
> Issue ID
> 剩余天数
> CVSS评分
> 软件包
> 责任SIG
> CVE-2021-33796
> I7JL9G
> 7.0
> 10.0
> mujs
> Desktop
> CVE-2023-36664
> I7FW70
> 6.0
> 9.8
> ghostscript
> Base-service
> CVE-2023-26136
> I7HL05
> 7.0
> 9.8
> nodejs-tough-cookie
> sig-nodejs
> CVE-2023-25194
> I6DMPO
> 4.0
> 8.8
> kafka
> sig-bigdata
> CVE-2016-9843
> I7JJ5I
> 13.14
> 8.8
> zlib
> Base-service
> CVE-2023-3389
> I7GVI5
> 12.5
> 7.8
> kernel
> Kernel
> CVE-2023-3090
> I7GVI1
> 12.5
> 7.8
> kernel
> Kernel
> CVE-2023-3390
> I7GVIA
> 13.0
> 7.8
> kernel
> Kernel
> CVE-2023-31248
> I7ISR3
> 13.59
> 7.8
> kernel
> Kernel
> CVE-2023-35001
> I7ISR1
> 13.59
> 7.8
> kernel
> Kernel
> CVE-2023-3117
> I7H68N
> 14.0
> 7.8
> kernel
> Kernel
> CVE-2023-0662
> I6FWA8
> 1.09
> 7.5
> php
> Base-service
> CVE-2022-25883
> I7F6O8
> 11.5
> 7.5
> nodejs-semver
> sig-nodejs
> CVE-2023-1999
> I6ZQ58
> 11.5
> 7.5
> thunderbird
> sig-desktop-apps
> CVE-2023-3338
> I7H66P
> 14.0
> 7.5
> kernel
> Kernel
> CVE-2023-3317
> I7EQW3
> 11.5
> 7.1
> kernel
> Kernel
> CVE-2023-1295
> I7GUAN
> 13.59
> 7.0
> kernel
> Kernel
> CVE-2023-3159
> I7BYU9
> 13.0
> 6.7
> kernel
> Kernel
> CVE-2023-0616
> I6FOOO
> 1.0
> 6.5
> thunderbird
> sig-desktop-apps
> CVE-2023-0430
> I6C6UA
> 1.5
> 6.5
> thunderbird
> sig-desktop-apps
> CVE-2023-0547
> I6UW1K
> 1.92
> 6.5
> thunderbird
> sig-desktop-apps
> CVE-2018-14526
> I7DUYI
> 7.23
> 6.5
> wpa_supplicant
> Base-service
> CVE-2023-2831
> I7E5GS
> 19.0
> 6.5
> python-markdown
> Programming-language
> CVE-2023-34462
> I7F2UM
> 23.0
> 6.5
> netty3
> sig-Java
> CVE-2023-34462
> I7F2UK
> 23.0
> 6.5
> netty
> sig-Java
> CVE-2020-21485
> I7F2U6
> 20.09
> 6.1
> alluxio
> sig-bigdata
> CVE-2023-3220
> I7F2UT
> 19.5
> 5.5
> kernel
> Kernel
> CVE-2023-36191
> I7FEZH
> 22.5
> 5.5
> sqlite
> DB
> CVE-2023-3359
> I7FDHP
> 28.5
> 5.5
> kernel
> Kernel
> CVE-2023-3358
> I7FCLX
> 28.5
> 5.5
> kernel
> Kernel
> CVE-2023-3357
> I7FDHE
> 29.0
> 5.5
> kernel
> Kernel
> CVE-2023-3355
> I7GJ17
> 29.59
> 5.5
> kernel
> Kernel
> CVE-2023-35946
> I7HJNM
> 30.0
> 5.5
> gradle
> sig-Java
> CVE-2023-2455
> I72FSG
> 8.59
> 5.4
> libpq
> DB
> CVE-2023-2455
> I72FSD
> 9.0
> 5.4
> postgresql
> DB
> CVE-2023-36146
> I7H9RK
> 30.0
> 5.4
> raspberrypi-firmware
> sig-RaspberryPi
> CVE-2023-34410
> I7AVIW
> 5.0
> 5.3
> qt
> Runtime
> CVE-2023-36617
> I7H5L8
> 29.0
> 5.3
> perl-URI
> sig-perl-modules
> CVE-2023-36617
> I7JLJT
> 29.84
> 5.3
> ruby
> sig-ruby
> CVE-2023-3439
> I7GTQ9
> 29.0
> 4.7
> kernel
> Kernel
> CVE-2023-2860
> I7ASU6
> 3.84
> 4.4
> kernel
> Kernel
> CVE-2023-34247
> I7D9BK
> 16.0
> 4.1
> openstack-keystone
> sig-openstack
> CVE-2023-20867
> I7DKSD
> 8.59
> 3.9
> open-vm-tools
> Virt
> CVE-2023-3247
> I7EAGC
> 9.43
> 3.0
> php
> Base-service
>
>
> openEuler 社区指导文档及开放平台链接:
>
>
> openEuler 版本分支维护规范:
> https://gitee.com/openeuler/release-management/blob/master/openEuler%E7%89%…
> openEuler release-management 版本分支PR指导:
> https://gitee.com/openeuler/release-management/blob/master/openEuler%E5%BC%…
> 社区QA 版本测试提单规范
> https://gitee.com/openeuler/QA/blob/master/%E7%A4%BE%E5%8C%BA%E7%89%88%E6%9…
> 社区QA 测试平台 radiates
> https://radiatest.openeuler.org<https://radiatest.openeuler.org/>
>
>
1
0