主题: openEuler update_20230628版本发布公告 Dear all, 经社区Release SIG、QA SIG及 CICD SIG 评估,openEuler-20.03-LTS-SP1、openEuler-20.03-LTS-SP3、openEuler-22.03-LTS及openEuler-22.03-LTS-SP1 update版本满足版本出口质量,现进行发布公示。 本公示分为六部分: 1、openEuler-20.03-LTS-SP1 Update 20230628发布情况及待修复缺陷 2、openEuler-20.03-LTS-SP3 Update 20230628发布情况及待修复缺陷 3、openEuler-22.03-LTS Update 20230628发布情况及待修复缺陷 4、openEuler-22.03-LTS-SP1 Update 20230628发布情况及待修复缺陷 5、openEuler 关键组件待修复CVE 清单 6、openEuler 社区指导文档及开放平台链接 本次update版本发布后,下一个版本里程碑点(预计在2023/07/08)提供 update_ 20230705 版本。 openEuler-20.03-LTS-SP1 Update 20230628 经各SIG及社区开发者贡献,本周openEuler-20.03-LTS-SP1修复版本已知问题5个,已知漏洞15个。目前版本分支剩余待修复缺陷21个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP1 Update版本CVE修复 及Bugfix list公示链接: https://gitee.com/openeuler/release-management/issues/I7FX9L?from=project-is... CVE修复: CVE 仓库 优先级 CVE-2023-29404 golang 9.8 CVE-2023-29405 golang 9.8 CVE-2023-29402 golang 9.8 CVE-2023-26965 libtiff 8.8 CVE-2023-31486 perl-HTTP-Tiny 8.1 CVE-2023-31486 perl 8.1 CVE-2023-35788 kernel 7.8 CVE-2023-2828 bind 7.5 CVE-2023-32763 qt5-qtbase 7.5 CVE-2023-3268 kernel 7.1 CVE-2023-35824 kernel 7.0 CVE-2023-3316 libtiff 5.9 CVE-2023-33461 iniparser 5.5 CVE-2023-32762 qt5-qtbase 5.3 CVE-2023-33201 bouncycastle 2.6 Bugfix: issue 仓库 #I7G6SW:[openEuler 1.0-LTS] smart grid config默认使能https://gitee.com/open_euler/dashboard?issue_id=I7G6SW kernel #I4CMKY:[20.03-LTS-SP1]389-ds-base-legacy-tools包中dn2rdn -v未正常返回版本信息https://gitee.com/open_euler/dashboard?issue_id=I4CMKY three-eight-nine-ds-base #I66B11:[20.03-LTS-SP1]/etc/yum.repos.d/openEuler.repo源中默认没有update的source源https://gitee.com/open_euler/dashboard?issue_id=I66B11 openEuler-repos #I7GFMA:使用example 打流udp不通,cksum校验失败https://gitee.com/open_euler/dashboard?issue_id=I7GFMA gazelle #I7F7WM:上游社区补丁回合,修复bond场景下连接问题https://gitee.com/open_euler/dashboard?issue_id=I7F7WM dpdk
openEuler-20.03-LTS-SP1版本编译构建信息查询链接: https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1 https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1:Epol openEuler-20.03-LTS-SP1 Update版本 发布源链接: https://repo.openeuler.org/openEuler-20.03-LTS-SP1/update/ https://repo.openeuler.org/openEuler-20.03-LTS-SP1/EPOL/update/ openEuler CVE 及安全公告公示链接: https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-20.03-LTS-SP1 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高): 里程碑 任务ID 任务标题 优先级 sig组 关联仓库 openEuler 20.03-LTS-SP1 I4G4A5 Undefine-shift in _bfd_safe_read_leb128 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4B1 Integer overflow in print_vms_time 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4VY memleak in parse_gnu_debugaltlink 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4WF Heap-buffer-overflow in slurp_hppa_unwind_table 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4WW Use-after-free in make_qualified_name 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4X6 memleak in byte_get_little_endian 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4XF memleak in process_mips_specific 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4Y0 out-of-memory in vms_lib_read_index 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4YJ Heap-buffer-overflow in bfd_getl16 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4YV Floating point exception in _bfd_vms_slurp_etir 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4J0OY 【20.03 SP1】【arm/x86】安装好libdap后,getdap4命令的-i和-k参数使用异常 主要 sig/sig-recycle libdap openEuler 20.03-LTS-SP1 I4JMG4 【20.03 SP1】【arm/x86】robotframework包的三个命令:libdoc、rebot、robot执行--help/-h/-?/--version,查看帮助信息和版本信息,返回值为251 主要 sig/sig-ROS python-robotframework openEuler 20.03-LTS-SP1 I5DLX7 [20.03 22.03] 管理员指南操作文档mysql服务搭建指导文档有误 主要 sig/doc docs openEuler 20.03-LTS-SP1 I6VFAE [20.03 SP1] [x86/arm] mariadb授权给远程用户,远程连接服务失败 次要 sig/DB mariadb openEuler 20.03LTS SP1 update2103 I3E5C1 【20.03-SP1】【arm/x86】服务启动失败 主要 sig/bigdata hadoop openEuler 20.03LTS SP1 update210901 I48GIM 【20.03LTS SP1 update 210901】ovirt-cockpit-sso.service服务启动失败 主要 sig/oVirt ovirt-cockpit-sso openEuler 20.03LTS SP1 update210926 I4CMSV 【20.03-LTS-SP1】【arm/x86】搭建Kubernetes 集群缺少包etcd 无优先级 sig/TC community openEuler 20.03LTS SP1 update220111 I4QV6N 【openEuler-20.03-LTS-SP1】flink命令执行失败 无优先级 sig/sig-ai-bigdata flink openEuler-20.03-LTS-SP1 I3B5TJ 在obs server环境上,配置rpm包签名,签名报错 无优先级 sig/Infrastructure infrastructure openEuler-20.03-LTS-SP1 I3QGU7 系统不支持GB18030 无优先级 sig/TC community openEuler-20.03-LTS-SP1-dailybuild I5Y99T mate-desktop install problem in openEuler:20:03:LTS:SP1 无优先级 sig/sig-mate-desktop mate-desktop
openEuler-20.03-LTS-SP3 Update 20230628 经各SIG及社区开发者贡献,本周openEuler-20.03-LTS-SP3修复版本已知问3个,已知漏洞15个。目前版本分支剩余待修复缺陷 7个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP3 Update版本CVE修复 及Bugfix list公示链接: https://gitee.com/openeuler/release-management/issues/I7FX9O?from=project-is... CVE修复: CVE 仓库 优先级 CVE-2023-29404 golang 9.8 CVE-2023-29405 golang 9.8 CVE-2023-29402 golang 9.8 CVE-2023-26965 libtiff 8.8 CVE-2023-31486 perl-HTTP-Tiny 8.1 CVE-2023-31486 perl 8.1 CVE-2023-35788 kernel 7.8 CVE-2023-2828 bind 7.5 CVE-2023-32763 qt5-qtbase 7.5 CVE-2023-3268 kernel 7.1 CVE-2023-35824 kernel 7.0 CVE-2023-3316 libtiff 5.9 CVE-2023-33461 iniparser 5.5 CVE-2023-32762 qt5-qtbase 5.3 CVE-2023-33201 bouncycastle 2.6
Bugfix: issue 仓库 #I66BBJ:[20.03-LTS-SP3]/etc/yum.repos.d/openEuler.repo源中默认没有update的source源https://gitee.com/open_euler/dashboard?issue_id=I66BBJ openEuler-repos #I7G6SW:[openEuler 1.0-LTS] smart grid config默认使能https://gitee.com/open_euler/dashboard?issue_id=I7G6SW kernel #I7F7WM:上游社区补丁回合,修复bond场景下连接问题https://gitee.com/open_euler/dashboard?issue_id=I7F7WM dpdk
openEuler-20.03-LTS-SP3版本编译构建信息查询链接: https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3 https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3:Epol openEuler-20.03-LTS-SP3 Update版本 发布源链接: https://repo.openeuler.org/openEuler-20.03-LTS-SP3/update/ https://repo.openeuler.org/openEuler-20.03-LTS-SP3/EPOL/update/main/ openEuler CVE及安全公告公示链接: https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-20.03-LTS-SP3 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高): 里程碑 任务ID 任务标题 优先级 sig组 关联仓库 openEuler 20.03 LTS SP3 update20220801 I5LYJK 【20.03-sp3_update20220801】【x86】对内核版进行升级后,TCP_option_address安装异常 主要 sig/Kernel TCP_option_address openEuler 20.03-LTS-SP3 I5KXUY 【20.03 LTS SP3 update 20220803】【arm/x86】ovirt-cockpit-sso.service服务启动失败 主要 sig/oVirt ovirt-cockpit-sso openEuler 20.03LTS SP3 update220111 I4QV7S 【openEuler-20.03-LTS-SP3】flink run 命令执行失败 无优先级 sig/sig-ai-bigdata flink openEuler-20.03-LTS-SP3 I5KY4S 【20.03 LTS SP3 update 20220803】【arm/x86】vdsmd.service服务启动失败,导致mom-vdsm.service服务无法启动成功 主要 sig/oVirt vdsm openEuler-20.03-LTS-SP3 I6VFMI [20.03 SP3] [x86/arm] mariadb授权给远程用户,远程连接服务失败 次要 sig/DB mariadb openEuler-20.03-LTS-SP3 I72EAT 【20.03 SP3】php相关包在20.03 LTS SP3降级失败 主要 sig/Base-service php openEuler-20.03-LTS-SP3 I72HWV 【20.03-lts-sp3】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败 次要 sig/Base-service php openEuler-22.03-LTS Update 20230628 经各SIG及社区开发者贡献,本周openEuler-22.03-LTS修复版本已知问题6个,已知漏洞18个。目前版本分支剩余待修复缺陷3个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS Update版本CVE修复 及Bugfix list公示链接: https://gitee.com/openeuler/release-management/issues/I7FX9S?from=project-is... CVE修复: CVE 仓库 优先级 CVE-2023-29402 golang 9.8 CVE-2023-29404 golang 9.8 CVE-2023-29405 golang 9.8 CVE-2023-26965 libtiff 8.8 CVE-2023-31486 perl-HTTP-Tiny 8.1 CVE-2023-31486 perl 8.1 CVE-2023-28642 runc 7.8 CVE-2023-2828 bind 7.5 CVE-2023-32763 qt5-qtbase 7.5 CVE-2023-3268 kernel 7.1 CVE-2023-35829 kernel 7.0 CVE-2023-1073 kernel 6.3 CVE-2023-3316 libtiff 5.9 CVE-2023-33461 iniparser 5.5 CVE-2023-1095 kernel 5.5 CVE-2023-32762 qt5-qtbase 5.3 CVE-2023-1074 kernel 4.7 CVE-2023-33201 bouncycastle 2.6 Bugfix: issue 仓库 #I7DV0J:curl传输文件过程中ps -ef | grep curl会打印用户名和密码,不符合安全规范https://gitee.com/open_euler/dashboard?issue_id=I7DV0J curl #I6FQCO:【22.03-LTS-SP1】【x86/arm】opengauss缺少安装依赖lsofhttps://gitee.com/open_euler/dashboard?issue_id=I6FQCO opengauss-server #I66BDE:[22.03-LTS]/etc/yum.repos.d/openEuler.repo源中默认没有update的source源https://gitee.com/open_euler/dashboard?issue_id=I66BDE openEuler-repos #I6OWV4:【OLK-5.10】回合两个hugetlb相关的bugfixhttps://gitee.com/open_euler/dashboard?issue_id=I6OWV4 kernel #I7GFMA:使用example 打流udp不通,cksum校验失败https://gitee.com/open_euler/dashboard?issue_id=I7GFMA gazelle #I7F7WM:上游社区补丁回合,修复bond场景下连接问题https://gitee.com/open_euler/dashboard?issue_id=I7F7WM dpdk
openEuler-22.03-LTS版本编译构建信息查询链接: https://build.openeuler.org/project/show/openEuler:22.03:LTS https://build.openeuler.org/project/show/openEuler:22.03:LTS:Epol openEuler-22.03-LTS Update版本 发布源链接: https://repo.openeuler.org/openEuler-22.03-LTS/update/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/main/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Ope... https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Ope... https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/obs... openEuler CVE 及 安全公告公示链接: https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-22.03-LTS Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高): 里程碑 任务ID 任务标题 优先级 sig 关联仓库 openEuler-22.03-LTS I6VFRX [22.03-LTS][x86/arm]mariadb授权给远程用户,远程连接服务失败 次要 sig/DB mariadb openEuler-22.03-LTS I72N5G 【22.03-lts】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败 次要 sig/Base-service php openEuler-22.03-LTS I7CQNF 【22.03-LTS】【arm/x86】卸载cephadm时报错:"userdel:cephadm 信件池 (/var/spool/mail/cephadm) 未找到" 次要 sig/SDS ceph openEuler-22.03-LTS-SP1 Update 20230628 经各SIG及社区开发者贡献,本周openEuler-22.03-LTS-SP1修复版本已知问题8个,已知漏洞14个。目前版本分支剩余待修复缺陷4个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS SP1 Update版本CVE修复 及Bugfix list公示链接: https://gitee.com/openeuler/release-management/issues/I7FX9J?from=project-is...
CVE修复: CVE 仓库 优先级 CVE-2023-29404 golang 9.8 CVE-2023-29405 golang 9.8 CVE-2023-29402 golang 9.8 CVE-2023-26965 libtiff 8.8 CVE-2023-31486 perl-HTTP-Tiny 8.1 CVE-2023-2828 bind 7.5 CVE-2023-32763 qt5-qtbase 7.5 CVE-2023-3268 kernel 7.1 CVE-2023-35829 kernel 7.0 CVE-2023-3316 libtiff 5.9 CVE-2023-3138 libX11 5.5 CVE-2023-33461 iniparser 5.5 CVE-2023-32762 qt5-qtbase 5.3 CVE-2023-33201 bouncycastle 2.6 Bugfix: issue 仓库 #I7DV0J:curl传输文件过程中ps -ef | grep curl会打印用户名和密码,不符合安全规范https://gitee.com/open_euler/dashboard?issue_id=I7DV0J curl #I7EPK2:修复CVE-2021-44648https://gitee.com/open_euler/dashboard?issue_id=I7EPK2 gdk-pixbuf2 #I6FQCO:【22.03-LTS-SP1】【x86/arm】opengauss缺少安装依赖lsofhttps://gitee.com/open_euler/dashboard?issue_id=I6FQCO opengauss-server #I7GFE1: R12版本dnf降级,libdnf没有跟着随升降级,会造成dnf部分功能异常无法使用,需要libdnf软件包在spec文件中加强依赖版本的控制https://gitee.com/open_euler/dashboard?issue_id=I7GFE1 libdnf #I7GGED:例行分析dnf补丁,需要回合补丁https://gitee.com/open_euler/dashboard?issue_id=I7GGED dnf #I6OWV4:【OLK-5.10】回合两个hugetlb相关的bugfixhttps://gitee.com/open_euler/dashboard?issue_id=I6OWV4 kernel #I7GFMA:使用example 打流udp不通,cksum校验失败https://gitee.com/open_euler/dashboard?issue_id=I7GFMA gazelle #I7F7WM:上游社区补丁回合,修复bond场景下连接问题https://gitee.com/open_euler/dashboard?issue_id=I7F7WM dpdk
openEuler-22.03-LTS SP1版本编译构建信息查询链接: https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP1 https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP1:Epo... openEuler-22.03-LTS SP1 Update版本 发布源链接: https://repo.openeuler.org/openEuler-22.03-LTS-SP1/update/ https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/main/ https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_version... https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_version... https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_version... openEuler CVE 及 安全公告公示链接: https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-22.03-LTS-SP1 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高): 里程碑 任务ID 任务标题 优先级 sig组 关联仓库 openEuler 22.03-SP1 I6B4V1 【22.03 SP1 update 20230118】【arm】libhdfs在arm架构降级失败,x86正常 主要 sig/bigdata hadoop openEuler-22.03-LTS-SP1 I6VFV6 【22.03 SP1】 [x86/arm] mariadb授权给远程用户,远程连接服务失败 次要 sig/DB mariadb openEuler-22.03-LTS-SP1 I73CKF 【22.03-lts-sp1】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败 次要 sig/Base-service php openEuler-22.03-LTS-SP1 I7CGIU 【22.03-LTS-SP1】【arm/x86】opengauss与libcgroup存在安装冲突 主要 sig/DB opengauss-server 社区待修复漏洞: openEuler社区根据漏洞严重等级采取差异化的修复策略,请各个SIG 关注涉及CVE组件的修复情况。 严重等级(Severity Rating) 漏洞修复时长 致命(Critical) 7天 高(High) 14天 中(Medium) 30天 低(Low) 30天 可参考社区安全委员会漏洞:https://gitee.com/openeuler/security-committee/wikis/%E7%A4%BE%E5%8C%BA%E6%B... 近14天将超期CVE(7.2日数据): 漏洞编号 Issue ID 剩余天数 CVSS评分 软件包 责任SIG CVE-2023-3326 I7FELM 5.37 9.8 pam_krb5 Application CVE-2023-3326 I7FELL 5.37 9.8 sssd Base-service CVE-2023-3128 I7FEM6 5.87 9.8 grafana Application CVE-2022-29144 I7GX88 10.87 8.3 qt5-qtwebengine Others CVE-2022-29146 I7GX6N 10.87 8.3 qt5-qtwebengine Others CVE-2023-35788 I7E6ML 5.87 7.8 kernel Kernel CVE-2018-1000035 I7GUED 10.12 7.8 zip Base-service CVE-2023-35116 I7DUQ9 8.37 7.5 jackson-databind sig-Java CVE-2023-34455 I7DXBW 9.37 7.5 snappy-java Base-service CVE-2023-34453 I7DXBN 9.37 7.5 snappy-java Base-service CVE-2023-34454 I7DXBJ 9.37 7.5 snappy-java Base-service CVE-2023-34981 I7FCBA 10.87 7.5 tomcat Application CVE-2023-32700 I7FY1O 7.69 7.4 texlive Application CVE-2023-3268 I7E5C1 8.37 7.1 kernel Kernel CVE-2023-2976 I7DKUH 10.87 7.1 guava dev-utils CVE-2023-2976 I7DKUG 10.87 7.1 guava20 sig-Java CVE-2023-35828 I7EDYS 8.37 7.0 kernel Kernel CVE-2023-35827 I7EDZ1 8.87 7.0 kernel Kernel CVE-2023-35823 I7EDYX 8.87 7.0 kernel Kernel CVE-2023-35824 I7EDYO 8.87 7.0 kernel Kernel CVE-2023-3159 I7BYU9 18.87 6.7 kernel Kernel CVE-2023-2831 I7E5GS 24.87 6.5 python-markdown Programming-language CVE-2023-34462 I7F2UM 28.87 6.5 netty3 sig-Java CVE-2023-34462 I7F2UK 28.87 6.5 netty sig-Java CVE-2023-34256 I79X88 5.37 5.5 kernel Kernel CVE-2023-3006 I79V8S 5.87 5.5 kernel Kernel CVE-2023-3161 I7C2TM 19.87 5.5 kernel Kernel CVE-2023-35789 I7E6MJ 24.87 5.5 librabbitmq Runtime CVE-2023-3220 I7F2UT 25.37 5.5 kernel Kernel CVE-2023-34474 I7CVWI 25.37 5.5 ImageMagick Others CVE-2023-34475 I7CVWD 25.37 5.5 ImageMagick Others CVE-2023-3195 I7CSX1 25.37 5.5 ImageMagick Others CVE-2023-36191 I7FEZH 28.37 5.5 sqlite DB CVE-2023-2455 I72FSG 14.46 5.4 libpq DB CVE-2023-2455 I72FSD 14.87 5.4 postgresql DB CVE-2023-31437 I7DKSG 21.87 5.3 systemd Base-service CVE-2023-31438 I7DKSF 21.87 5.3 systemd Base-service CVE-2023-2860 I7ASU6 9.71 4.4 kernel Kernel CVE-2023-34247 I7D9BK 21.87 4.1 openstack-keystone sig-openstack CVE-2023-2431 I7E4HS 26.79 3.4 kubernetes sig-CloudNative CVE-2022-29147 I7GX8H 26.87 3.1 qt5-qtwebengine Others
openEuler 社区指导文档及开放平台链接:
openEuler 版本分支维护规范: https://gitee.com/openeuler/release-management/blob/master/openEuler%E7%89%8... openEuler release-management 版本分支PR指导: https://gitee.com/openeuler/release-management/blob/master/openEuler%E5%BC%8... 社区QA 版本测试提单规范 https://gitee.com/openeuler/QA/blob/master/%E7%A4%BE%E5%8C%BA%E7%89%88%E6%9C... 社区QA 测试平台 radiates https://radiatest.openeuler.orghttps://radiatest.openeuler.org/