[Release] openEuler update_20220829 版本发布公告

Dear all， 经社区Release SIG、QA SIG及 CICD SIG 评估，openEuler-20.03-LTS-SP1、openEuler-20.03-LTS-SP3及openEuler-22.03-LTS update版本满足版本出口质量，现进行发布公示。 本公示分为五部分： 1、openEuler-20.03-LTS-SP1 Update 20220829 发布情况及待修复缺陷 2、openEuler-20.03-LTS-SP3 Update 20220829 发布情况及待修复缺陷 3、openEuler-22.03-LTS Update 20220829 发布情况及待修复缺陷 4、openEuler 关键组件待修复CVE 清单 5、openEuler 社区指导文档及开放平台链接 本次update版本发布后，下一个版本里程碑点（预计在2022/09/09）将会提供 update_20220905版本。

openEuler-20.03-LTS-SP1 Update 20220829 经各SIG及社区开发者贡献，本周openEuler-20.03-LTS-SP1修复版本已知缺陷9个，已知漏洞25个。目前版本分支剩余待修复缺陷73个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库

openEuler-20.03-LTS-SP1 Update版本CVE修复 及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I5OGI1?from=project-is...

CVE修复： CVE ID

软件包

CVSS评分

CVE-2021-4209

gnutls

6.5

CVE-2022-1462

kernel

6.3

CVE-2022-1729

kernel

6.2

CVE-2022-2503

kernel

6.7

CVE-2022-2586

kernel

6.7

CVE-2021-3975

libvirt

5.3

CVE-2022-24805

net-snmp

6.7

CVE-2022-24806

net-snmp

5.9

CVE-2022-24807

net-snmp

5.9

CVE-2022-24808

net-snmp

5.9

CVE-2022-24809

net-snmp

5.9

CVE-2022-24810

net-snmp

5.9

CVE-2021-20298

OpenEXR

7.5

CVE-2022-1049

pcs

8.8

CVE-2021-28861

python3

7.4

CVE-2020-28463

python-reportlab

6.5

CVE-2021-29477

redis6

8.8

CVE-2022-29154

rsync

7.4

CVE-2022-32743

samba

4.3

CVE-2021-20223

sqlite

9.8

CVE-2022-2923

vim

5.5

CVE-2022-2946

vim

7.8

CVE-2022-2980

vim

5.5

CVE-2022-3016

vim

7.8

CVE-2022-0135

virglrenderer

7.5

Bugfix： issue

仓库

#I5HBVE:【20.03 SP1】【arm/x86】指定atune-0.3-0.2版本安装时atune-db的版本不统一，出现冲突导致安装失败https://gitee.com/open_euler/dashboard?issue_id=I5HBVE

A-Tune

#I5O7EO:引入Epoch指令解决openslp软件包升级问题https://gitee.com/open_euler/dashboard?issue_id=I5O7EO

openslp

#I5O0T8:[Syzkaller] INFO: task hung in register_netdevice_notifierhttps://gitee.com/open_euler/dashboard?issue_id=I5O0T8

kernel

#I5OBUS:例行分析anaconda、grub2、libdnf软件包补丁https://gitee.com/open_euler/dashboard?issue_id=I5OBUS

grub2

#I5NF8Y:【22.09 RC2 】【x86 】fence_virtd.service服务stop失败，状态为failed（arm环境没有此问题）https://gitee.com/open_euler/dashboard?issue_id=I5NF8Y

fence-virt

#I5OURE:oec-hardware软件包在openEuler 20.03-SP1的版本升级https://gitee.com/open_euler/dashboard?issue_id=I5OURE

oec-hardware

#I5OYKP:20.03-SP1分支spec文件引入Epoch字段，解决changelog与spec文件不一致问题https://gitee.com/open_euler/dashboard?issue_id=I5OYKP

busybox

#I5P0QU:[20.03-LTS-SP1]libmodulemd增加对glib2>=2.62.5版本的安装依赖https://gitee.com/open_euler/dashboard?issue_id=I5P0QU

libmodulemd

#I5NUPT:注意spec中changelog撰写规范https://gitee.com/open_euler/dashboard?issue_id=I5NUPT

tpm2-tools

openEuler-20.03-LTS-SP1版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1 https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1:Epol

openEuler-20.03-LTS-SP1 Update版本 发布源链接： https://repo.openeuler.org/openEuler-20.03-LTS-SP1/update/ https://repo.openeuler.org/openEuler-20.03-LTS-SP1/EPOL/update/

openEuler CVE 及 安全公告公示链接： https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/

openEuler-20.03-LTS-SP1 Update版本待修复问题清单公示： 任务ID

任务标题

仓库

sig

I4M3KE

[20.03-lts-sp1]卸载abrt-addon-ccpp报错：Failed to disable unit: Unit file abrt-ccpp.service does not exist.

abrt

Application

I5DKCS

【20.03 LTS SP1】【arm/x86】安装munge之后，缺少/usr/sbin/create-munge-key文件导致服务启动失败

munge

Application

I5GT2K

【20.03-SP1】【arm/x86】pcp-system-tools包下的pcp-mpstat命令执行报错

pcp

Application

I4CJX9

[20.03-LTS-SP1] 389-ds-base包下的部分命令-v参数不显示版本号

three-eight-nine-ds-base

Application

I4CM78

[20.03-LTS-SP1]389-ds-base和389-ds-base-legacy-tools包的部分命令执行返回No instances found in /etc/sysconfig

three-eight-nine-ds-base

Application

I4CMKY

[20.03-LTS-SP1]389-ds-base-legacy-tools包中dn2rdn -v未正常返回版本信息

three-eight-nine-ds-base

Application

I4G5TL

stack-buffer-overflow in redisvFormatCommand

hiredis

Base-service

I4G5U2

AddressSanitizer CHECK failed in sdscatvprintf

hiredis

Base-service

I4G5UN

SEGV in redisvFormatCommand

hiredis

Base-service

I4G5WG

AddressSanitizer CHECK failed in sdscatlen

hiredis

Base-service

I4G5XO

Attempting free wild-addr in hi_free

hiredis

Base-service

I281C1

【fuzz】runtime error:

libsass

Base-service

I4KT2A

integer overflow in luaV_execute

lua

Base-service

I4KT3D

integer overflow in intarith

lua

Base-service

I4KT3Q

Division by zero in luaV_execute

lua

Base-service

I4KT40

Timeout in luaV_finishget

lua

Base-service

I4G4A5

Undefine-shift in _bfd_safe_read_leb128

binutils

Compiler

I4G4B1

Integer overflow in print_vms_time

binutils

Compiler

I4G4VY

memleak in parse_gnu_debugaltlink

binutils

Compiler

I4G4WF

Heap-buffer-overflow in slurp_hppa_unwind_table

binutils

Compiler

I4G4WW

Use-after-free in make_qualified_name

binutils

Compiler

I4G4X6

memleak in byte_get_little_endian

binutils

Compiler

I4G4XF

memleak in process_mips_specific

binutils

Compiler

I4G4Y0

out-of-memory in vms_lib_read_index

binutils

Compiler

I4G4YJ

Heap-buffer-overflow in bfd_getl16

binutils

Compiler

I4G4YV

Floating point exception in _bfd_vms_slurp_etir

binutils

Compiler

I56KUR

【SP1 update 20220506】mysql5包在x86架构下，本地使用rpmbuild编译失败

mysql5

DB

I4FRSL

Undefined-shift in bitset_set

augeas

Desktop

I4FT5J

Timeout in fa_from_re

augeas

Desktop

I4FT5U

stack overflow in fa_from_re

augeas

Desktop

I4FT61

stack overflow in re_case_expand

augeas

Desktop

I4FT67

memleaks in ref_make_ref

augeas

Desktop

I4FT6B

SEGV in re_case_expand

augeas

Desktop

I4FT6F

stack overflow in parse_concat_exp

augeas

Desktop

I4FT7B

stack overflow in calc_eclosure_iter

augeas

Desktop

I4FT8E

stack overflow in peek_token

augeas

Desktop

I4FT8P

stack overflow in parse_path_expr

augeas

Desktop

I4FT97

Out of memory in ns_from_locpath

augeas

Desktop

I4FT9A

SEGV in eval_expr

augeas

Desktop

I4FT9C

SEGV in tree_prev

augeas

Desktop

I4FT9G

stack overflow in check_expr

augeas

Desktop

I4FT9I

stack overflow in free_expr

augeas

Desktop

I4F8YQ

integer overflow in start_input_bmp

libjpeg-turbo

Desktop

I4F8ZI

heap-buffer-overflow in get_word_rgb_row

libjpeg-turbo

Desktop

I4F903

Unexpect-exit in start_input_tga

libjpeg-turbo

Desktop

I4F913

Timeout in tjDecompress2

libjpeg-turbo

Desktop

I5IG6K

【20.03-SP1】【x86/arm】epol源下的opencryptoki、opencryptoki-devel软件包安装报错，gpg检查失败

opencryptoki

dev-utils

I4NNTR

[SP1][x86/arm]执行isula pull busybox,报错"fetch and parse manifest failed"

iSulad

iSulad

I4O16Z

【SP1_update/arm】安装kernel-4.19.90-2108版本有错误提示信息

kernel

Kernel

I5JNSL

【20.03 SP1 update 20220727】【arm】htcacheclean.service服务启动之后，日志中提示”Can't open PID file /run/httpd/htcacheclean/pid“

httpd

Networking

I43OSX

[clamav] 执行clamscan --statistics pcre命令会出现error，但是最终返回码为0

clamav

Others

I47I56

yum升级出现dkms的错误告警打印

dkms

Others

I4OLAW

【20.03-LTS-SP1】【arm/x86】gcc_secure脚本中的exclude字段判断它期望排除gcc包，但实际上它依然会影响到gcc的构建

gcc_secure

Others

I437CR

[SP1][arm/x86]obs-server包下11个服务启动关闭，出现报错

obs-server

Others

I437TW

obsservice启动失败

obs-server

Others

I42M57

【20.03-LTS-SP1】安装obs-api存在报错信息

obs-server

Others

I2AVD2

【20.03-LTS-SP1】obs-server包下的obs_admin命令执行报错

obs-server

Others

I48GIM

【20.03LTS SP1 update 210901】ovirt-cockpit-sso.service服务启动失败

ovirt-cockpit-sso

oVirt

I5JHX2

【20.03 SP1 update 20220727】ovirt-engine在update 20220727版本安装失败

ovirt-engine

oVirt

I490MU

Uncaught exception in get_tokens_unprocessed

python-pygments

Programming-language

I4QV6N

【openEuler-20.03-LTS-SP1】flink命令执行失败

flink

sig-bigdata

I5IG1V

【20.03-SP1】【x86/arm】epol源下的efl、efl-devel软件包安装报错，gpg检查失败

efl

sig-compat-winapp

I5O40D

【20.03 SP1】linux-sgx-driver在20.03 SP1分支安装有异常告警

linux-sgx-driver

sig-confidential-computing

I4J0OY

【20.03 SP1】【arm/x86】安装好libdap后，getdap4命令的-i和-k参数使用异常

libdap

sig-recycle

I4JMG4

【20.03 SP1】【arm/x86】robotframework包的三个命令：libdoc、rebot、robot执行--help/-h/-?/--version，查看帮助信息和版本信息，返回值为251

python-robotframework

sig-ROS

I4K6R7

memleak in wrap_nettle_mpi_init

gnutls

sig-security-facility

I4K6UI

Timeout in _asn1_find_up

gnutls

sig-security-facility

I4K6ES

stack-buffer-overflow in UINT32_Marshal

libtpms

sig-security-facility

I4K6FU

global-buffer-overflow in Array_Marshal

libtpms

sig-security-facility

I44RHB

large loop in OBJ_obj2txt

openssl

sig-security-facility

I44RIX

large loop in bn_lshift_fixed_top

openssl

sig-security-facility

I5G81X

【20.03 SP1】selinux-policy卸载异常

selinux-policy

sig-security-facility

I4NO1Z

【SP1-arm/x86】openhpi升级有报错信息

openhpi

System-tool

openEuler-20.03-LTS-SP3 Update 20220829 经各SIG及社区开发者贡献，本周openEuler-20.03-LTS-SP3修复版本已知缺陷10个，已知漏洞26个。目前版本分支剩余待修复缺陷14个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库

openEuler-20.03-LTS-SP3 Update版本CVE修复 及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I5OGI2?from=project-is...

CVE修复： CVE ID

软件包

CVSS评分

CVE-2021-46829

gdk-pixbuf2

7.8

CVE-2021-4209

gnutls

6.5

CVE-2022-1462

kernel

6.3

CVE-2022-1729

kernel

6.2

CVE-2022-2503

kernel

6.7

CVE-2022-2586

kernel

6.7

CVE-2021-3975

libvirt

5.3

CVE-2022-24805

net-snmp

6.7

CVE-2022-24806

net-snmp

5.9

CVE-2022-24807

net-snmp

5.9

CVE-2022-24808

net-snmp

5.9

CVE-2022-24809

net-snmp

5.9

CVE-2022-24810

net-snmp

5.9

CVE-2021-20298

OpenEXR

7.5

CVE-2022-1049

pcs

8.8

CVE-2021-28861

python3

7.4

CVE-2020-28463

python-reportlab

6.5

CVE-2021-29477

redis6

8.8

CVE-2022-29154

rsync

7.4

CVE-2022-32743

samba

4.3

CVE-2021-20223

sqlite

9.8

CVE-2022-2923

vim

5.5

CVE-2022-2946

vim

7.8

CVE-2022-2980

vim

5.5

CVE-2022-3016

vim

7.8

CVE-2022-0135

virglrenderer

7.5

Bugfix： issue

仓库

#I5H31C:openEuler-20.03-LTS-SP1/2/3 需要libbpf升级至0.3版本https://gitee.com/open_euler/dashboard?issue_id=I5H31C

libbpf

#I5HBW3:【20.03 SP3】【arm/x86】指定atune-1.0.0-1版本安装时atune-db的版本不统一，出现冲突导致安装失败https://gitee.com/open_euler/dashboard?issue_id=I5HBW3

A-Tune

#I5O7EO:引入Epoch指令解决openslp软件包升级问题https://gitee.com/open_euler/dashboard?issue_id=I5O7EO

openslp

#I5OBUS:例行分析anaconda、grub2、libdnf软件包补丁https://gitee.com/open_euler/dashboard?issue_id=I5OBUS

grub2

#I5O0T8:[Syzkaller] INFO: task hung in register_netdevice_notifierhttps://gitee.com/open_euler/dashboard?issue_id=I5O0T8

kernel

#I4NFA9:【20.03-LTS-SP3】【arm/x86】fence_virtd.service服务stop失败https://gitee.com/open_euler/dashboard?issue_id=I4NFA9

fence-virt

#I5OUSA:oec-hardware软件包在openEuler 20.03-LTS-SP3的版本升级https://gitee.com/open_euler/dashboard?issue_id=I5OUSA

oec-hardware

#I5FL81:升级版本同步上游stable分支修改https://gitee.com/open_euler/dashboard?issue_id=I5FL81

lcr

#I5OYN4:20.03-SP3分支spec文件引入Epoch字段，解决changelog与spec文件不一致问题https://gitee.com/open_euler/dashboard?issue_id=I5OYN4

busybox

#I54MTP:【22.03-LTS】【arm/x86】lxc 软件包 "-?" 参数执行返回"invalid option"https://gitee.com/open_euler/dashboard?issue_id=I54MTP

lxc

openEuler-20.03-LTS-SP3版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3 https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3:Epol

openEuler-20.03-LTS-SP3 Update版本 发布源链接： https://repo.openeuler.org/openEuler-20.03-LTS-SP3/update/ https://repo.openeuler.org/openEuler-20.03-LTS-SP3/EPOL/update/main/

openEuler CVE 及 安全公告公示链接： https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/

openEuler-20.03-LTS-SP3 Update版本待修复问题清单公示： 任务ID

任务标题

关联仓库

sig

I4OLHP

【20.03-LTS-SP3】【arm/x86】gcc_secure脚本中的exclude字段判断它期望排除gcc包，但实际上它依然会影响到gcc的构建

gcc_secure

Others

I4QV7S

【openEuler-20.03-LTS-SP3】flink run 命令执行失败

flink

sig-bigdata

I4RVHE

losetup : 当loop设备编号超过7位时，losetup命令无法操作该设备

util-linux

Base-service

I4UMEV

[openEuler 20.03-LTS SP3]openEuler开启crash_kexec_post_notifiers后，panic通知链无法完全遍历

kernel

Kernel

I5IGAS

【20.03-SP3】【x86/arm】epol源下的opencryptoki、opencryptoki-devel软件包安装报错，gpg检查失败

opencryptoki

dev-utils

I5IGOR

【20.03-SP3】【x86/arm】epol源下的fluidsynth、fluidsynth-devel、fluidsynth-help软件包安装报错，gpg检查失败

fluidsynth

Application

I5JBJ9

【20.03 SP3_EPOL_update20220727】ovirt-engine-backend包卸载过程的告警信息需要优化

ovirt-engine

oVirt

I5JLNF

【20.03 SP3 update 20220727】【arm/x86】ovirt-websocket-proxy.service服务启动失败

ovirt-engine

oVirt

I5JLRQ

【20.03 SP3 update 20220727】【arm/x86】ovirt-engine-notifier.service服务启动失败

ovirt-engine

oVirt

I5KXUY

【20.03 LTS SP3 update 20220803】【arm/x86】ovirt-cockpit-sso.service服务启动失败

ovirt-cockpit-sso

oVirt

I5KY4S

【20.03 LTS SP3 update 20220803】【arm/x86】vdsmd.service服务启动失败，导致mom-vdsm.service服务无法启动成功

vdsm

oVirt

I5LYJK

【20.03-sp3_update20220801】【x86】对内核版进行升级后，TCP_option_address安装异常

TCP_option_address

Kernel

I5NU6W

[20.03-LTS-SP3]dnf无法安装libtirpc-devel

dnf

sig-OS-Builder

I5P8S5

【20.03_SP3_update0831】【arm/x86】iSulad因缺少依赖导致无法安装

iSulad

iSulad

openEuler-22.03-LTS Update 20220829 经各SIG及社区开发者贡献，本周openEuler-22.03-LTS修复版本已知缺陷8个，已知漏洞20个。目前版本分支剩余待修复缺陷15个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库

openEuler-22.03-LTS Update版本CVE修复 及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I5OGI3?from=project-is...

CVE修复： CVE ID

软件包

CVSS评分

CVE-2021-46829

gdk-pixbuf2

7.8

CVE-2021-4209

gnutls

6.5

CVE-2021-3975

libvirt

5.3

CVE-2022-24805

net-snmp

6.7

CVE-2022-24806

net-snmp

5.9

CVE-2022-24807

net-snmp

5.9

CVE-2022-24808

net-snmp

5.9

CVE-2022-24809

net-snmp

5.9

CVE-2022-24810

net-snmp

5.9

CVE-2022-1049

pcs

8.8

CVE-2021-28861

python3

7.4

CVE-2020-28463

python-reportlab

6.5

CVE-2021-29477

redis6

8.8

CVE-2022-29154

rsync

7.4

CVE-2022-32743

samba

4.3

CVE-2022-2923

vim

5.5

CVE-2022-2946

vim

7.8

CVE-2022-2980

vim

5.5

CVE-2022-3016

vim

7.8

CVE-2022-0135

virglrenderer

7.5

Bugfix： issue

仓库

#I5O7EO:引入Epoch指令解决openslp软件包升级问题https://gitee.com/open_euler/dashboard?issue_id=I5O7EO

openslp

#I4VDY7:【22.03 LTS-RC2 】【arm/x86 】fence_virtd.service服务stop失败，状态为failedhttps://gitee.com/open_euler/dashboard?issue_id=I4VDY7

fence-virt

#I5OUPN:oec-hardware软件包在openEuler 22.03 LTS的版本升级https://gitee.com/open_euler/dashboard?issue_id=I5OUPN

oec-hardware

#I5OBUS:例行分析anaconda、grub2、libdnf软件包补丁https://gitee.com/open_euler/dashboard?issue_id=I5OBUS

grub2

#I5FL81:升级版本同步上游stable分支修改https://gitee.com/open_euler/dashboard?issue_id=I5FL81

lcr

#I5OBVU: libxml2存在大量社区补丁待回合https://gitee.com/open_euler/dashboard?issue_id=I5OBVU

libxml2

#I54MTP:【22.03-LTS】【arm/x86】lxc 软件包 "-?" 参数执行返回"invalid option"https://gitee.com/open_euler/dashboard?issue_id=I54MTP

lxc

#I5NYY0:[Syzkaller] WARNING in sk_stream_kill_queueshttps://gitee.com/open_euler/dashboard?issue_id=I5NYY0

kernel

openEuler-22.03-LTS版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:22.03:LTS https://build.openeuler.org/project/show/openEuler:22.03:LTS:Epol

openEuler-22.03-LTS Update版本 发布源链接： https://repo.openeuler.org/openEuler-22.03-LTS/update/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/main/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Ope... https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Ope...

openEuler-22.03-LTS Update版本待修复问题清单公示： 任务ID

任务标题

关联仓库

sig

I51DP2

firefox浏览器无法播放音频和视频

firefox

Application

I5E2N2

【openEuler 22.03-LTS】5.10内核执行ltp用例出现softlockup问题

kernel

Kernel

I5F3QI

【openEuler22.03】【arm】ltp执行proc01用例失败

kernel

Kernel

I5G9CY

升级iinstall-scripts包会导致系统启动异常

install-scripts

sig-OS-Builder

I5JIA6

【22.03 LTS update 20220727】ovirt-engine在update 20220727版本安装失败

ovirt-engine

oVirt

I5JPII

【22.03_update20220727】【x86/arm】ovirt-engine源码包本地自编译失败，缺少编译依赖ovirt-jboss-modules-maven-plugin

ovirt-engine

oVirt

I5LKHK

glassfish-hk2 build problem in openEuler:22.03:LTS

glassfish-hk2

sig-Java

I5LKKX

libbluray build problem in openEuler:22.03:LTS

libbluray

Desktop

I5LKM6

libxshmfence build problem in openEuler:22.03:LTS

libxshmfence

Desktop

I5LKQ9

obs-server build problem in openEuler:22.03:LTS

obs-server

Others

I5LKR3

perl-Software-License build problem in openEuler:22.03:LTS

perl-Software-License

Programming-language

I5LKS8

rubygem-puma build problem in openEuler:22.03:LTS

rubygem-puma

sig-ruby

I5LKVE

socket_wrapper build problem in openEuler:22.03:LTS

socket_wrapper

Programming-language

I5LKY8

yaffs2 build problem in openEuler:22.03:LTS

yaffs2

sig-embedded

I5LKYU

zeromq build problem in openEuler:22.03:LTS

zeromq

dev-utils

社区待修复漏洞： openEuler社区根据漏洞严重等级采取差异化的修复策略，请各个SIG 关注涉及CVE组件的修复情况。

严重等级（Severity Rating）

漏洞修复时长

致命（Critical）

7天

高（High）

14天

中（Medium）

30天

低（Low）

30天

可参考社区安全委员会漏洞：https://gitee.com/openeuler/security-committee/wikis/%E7%A4%BE%E5%8C%BA%E6%B...

漏洞编号

Issue ID

剩余天数

CVSS评分

软件包

SIG

CVE-2022-37394

I5KGD4

0.29

3.3

openstack-nova

sig-openstack

CVE-2022-2639

I5KKF3

0.66

risc-v-kernel

sig-RISC-V

CVE-2022-2938

I5NJT2

3.69

7.8

risc-v-kernel

sig-RISC-V

CVE-2022-2959

I5NSE9

4.82

7

kernel

Kernel

CVE-2021-3701

I5NSED

4.82

8.1

python-ansible-runner

oVirt

CVE-2022-2959

I5NSEA

4.82

7

risc-v-kernel

sig-RISC-V

CVE-2022-2977

I5NWPR

5.32

7.8

kernel

Kernel

CVE-2017-13088

I5NX95

5.35

7

wpa_supplicant

Base-service

CVE-2022-2590

I5LAVB

5.42

risc-v-kernel

sig-RISC-V

CVE-2022-2978

I5NZ99

5.57

7.8

risc-v-kernel

sig-RISC-V

CVE-2020-27792

I5O0Y3

6.1

7.1

ghostscript

Base-service

CVE-2021-3481

I5O0ZQ

6.1

7.1

qt

Runtime

CVE-2021-35938

I5O3AR

6.3

7.8

rpm

Base-service

CVE-2021-35939

I5O3AM

6.3

7.8

rpm

Base-service

CVE-2021-25642

I5O6PU

7.05

8.8

hadoop

sig-bigdata

CVE-2022-2588

I5LJLV

7.05

risc-v-kernel

sig-RISC-V

CVE-2022-2586

I5LJKB

7.05

risc-v-kernel

sig-RISC-V

CVE-2022-2585

I5LJH5

7.05

risc-v-kernel

sig-RISC-V

CVE-2022-2719

I5LK5R

7.08

5.5

ImageMagick

Others

CVE-2020-19599

I5LYRL

8.67

binutils

Compiler

CVE-2020-19599

I5LYRN

8.67

mingw-binutils

sig-compat-winapp

CVE-2020-27834

I5M41P

9.38

zabbix

Base-service

CVE-2022-2503

I5M4ZO

9.5

6.7

kernel

Kernel

CVE-2022-20003

I5M548

9.56

kernel

Kernel

CVE-2022-25625

I5OPTX

11.04

8.8

pam

sig-security-facility

CVE-2020-35530

I5OUAF

11.34

7

LibRaw

Programming-language

CVE-2019-1010180

I5OX4N

12.05

7.8

crash

Base-service

CVE-2015-3254

I5MF05

12.46

thrift

Base-service

CVE-2022-2586

I5MEZD

12.46

6.7

kernel

Kernel

CVE-2014-3627

I5MF0I

12.46

hadoop

sig-bigdata

CVE-2015-1776

I5MF03

12.46

hadoop

sig-bigdata

CVE-2018-1263

I5MF00

12.46

hadoop

sig-bigdata

CVE-2018-1261

I5MEZZ

12.46

hadoop

sig-bigdata

CVE-2018-8008

I5MEZX

12.46

hadoop

sig-bigdata

CVE-2018-1002207

I5MEZW

12.46

hadoop

sig-bigdata

CVE-2018-1002206

I5MEZT

12.46

hadoop

sig-bigdata

CVE-2018-1002205

I5MEZS

12.46

hadoop

sig-bigdata

CVE-2018-1002202

I5MEZN

12.46

hadoop

sig-bigdata

CVE-2018-1002201

I5MEZM

12.46

hadoop

sig-bigdata

CVE-2018-1002204

I5MEZK

12.46

hadoop

sig-bigdata

CVE-2018-1002203

I5MEZI

12.46

hadoop

sig-bigdata

openEuler 社区指导文档及开放平台链接：

openEuler 版本分支维护规范： https://gitee.com/openeuler/release-management/blob/master/openEuler%E7%89%8... openEuler release-management 版本分支PR指导： https://gitee.com/openeuler/release-management/blob/master/openEuler%E5%BC%8... 社区QA 版本测试提单规范 https://gitee.com/openeuler/QA/blob/839f952696f271f83c018ccf3218cf493b92d651... 社区QA 测试平台 radiates https://radiatest.openeuler.orghttps://radiatest.openeuler.org/

车明道（openEuler release SIG） Mobile: +86 15345431107 中国(China)-杭州(Hangzhou)-滨江区江淑路360号华为杭州研发中心 HUAWEI , Jiangshu Road., Binjiang District, Hangzhou, P.R.China E-mail: chemingdao@huawei.commailto:chemingdao@huawei.com [cid:image002.png@01D8BF01.09CC8320]Open Source OS for Digital Infrastructure

本邮件及其附件含有华为公司的保密信息，仅限于发送给上面地址中列出的个人或群组。禁止任何其他人以任何形 式使用（包括但不限于全部或部分地泄露、复制、或散发）本邮件中的信息。如果您错收了本邮件，请您立即电话 或邮件通知发件人并删除本邮件！ This e-mail and its attachments contain confidential information from HUAWEI, which is intended only for the person or entity whose address is listed above. Any use of the information contained herein in any way (including, but not limited to, total or partial disclosure, reproduction, or dissemination) by persons other than the intended recipient(s) is prohibited. If you receive this e-mail in error, please notify the sender by phone or email immediately and delete it