openEuler update_20230906版本发布公告 - Release

9 Sep 2023


      主题     :      openEuler update_2023    0906    版本发布公告               Dear all    ，                经社区    Release SIG    、    QA SIG    及     CICD SIG     评估，    openEuler-20.03-LTS-SP1    、    openEuler-20.03-LTS-SP3    、    openEuler-22.03-LTS    、    openEuler-22.03-LTS-SP1    及    openEuler-22.03-LTS-SP2 update    版本满足版本出口质量，现进行发布公示。      本公示分为七部分：      1    、    openEuler-20.03-LTS-SP1 Update 2023    0906    发布情况及待修复缺陷      2    、    openEuler-20.03-LTS-SP3 Update 2023    0906    发布情况及待修复缺陷               3    、    openEuler-22.03-LTS Update 2023    0906    发布情况及待修复缺陷      4    、    openEuler-22.03-LTS-SP1 Update 2023    0906    发布情况及待修复缺陷      5    、    openEuler-22.03-LTS-SP2 Update 2023    0906    发布情况及待修复缺陷      6    、    openEuler     关键组件待修复    CVE     清单      7    、    openEuler     社区指导文档及开放平台链接      本次    update    版本发布后，下一个版本里程碑点（预计在    2023/09/16    ）提供     update_20230913     版本。                openEuler-20.03-LTS-SP1 Update 2023     0906       经各    SIG    及社区开发者贡献，本周    openEuler-20.03-LTS-SP1    修复版本已知问题4个，已知漏洞16个。目前版本分支剩余待修复缺陷    24    个，缺陷    /    漏洞统计详见清单，缺陷    /    漏洞问题详见各软件包源码仓库                openEuler-20.03-LTS-SP1 Update     版本     CVE     修复             及     Bugfix list     公示链接：        https://gitee.com/openeuler/release-management/issues/I7Y6TN?from=project-is...                 CVE修复：            CVE       仓库       score        CVE-2023-28879      ghostscript       9.8        CVE-2023-36664      ghostscript       9.8        CVE-2022-48565      python3       9.8        CVE-2022-31631      php       8.8        CVE-2023-0568      php       8.1        CVE-2023-37369      qt5-qtbase       7.5        CVE-2023-0662      php       7.5        CVE-2022-40090      libtiff      6.5       CVE-2023-0567      php      6.2       CVE-2023-28711      hyperscan      5.5       CVE-2023-3823      php      5.5       CVE-2023-3824      php      5.5       CVE-2023-38559      ghostscript      5.5       CVE-2022-48064      binutils      5.5       CVE-2023-39128      gdb      5.5       CVE-2023-3247      php      3.0           Bugfix：           issue       仓库        #I7YPBI:openEuler 20.03 SP1、20.03 SP3、22.03 LTS和22.03 SP1版本配置metalink      openEuler-repos       #I7UVFT: 创建多个ipv6地址，使用nping命令coredump      nmap       #I7VU25:【20.03 LTS SP1 】poppler子包从0.67.0-8版本向0.90.0-2版本升级有冲突      poppler       #I7UG7O:wpebackend-fdo组件的changelog首行末尾版本号与release对应的版本号不符      wpebackend-fdo           openEuler-20.03-LTS-SP1     版本编译构建信息查询链接：        https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1        https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1:Epol                 openEuler-20.03-LTS-SP1 Update     版本             发布源链接：        https://repo.openeuler.org/openEuler-20.03-LTS-SP1/update/        https://repo.openeuler.org/openEuler-20.03-LTS-SP1/EPOL/update/        https://repo.openeuler.org/openEuler-20.03-LTS-SP1/docker_img/update/                 openEuler CVE      及安全公告公示链接：        https://www.openeuler.org/zh/security/cve/        https://www.openeuler.org/zh/security/safety-bulletin/        https://repo.openeuler.org/security/data/cvrf/                 openEuler-20.03-LTS-SP1 Update     版本待修复问题清单公示     (     任务     ID     标注红色的问题单优先级高     )     ：              里程碑       任务ID       任务标题       优先级       sig组       关联仓库       任务路径        openEuler 20.03LTS SP1 update2103       I3E5C1       【20.03-SP1】【arm/x86】服务启动失败      主要      regression-failed      src-openEuler/hadoop       https://gitee.com/open_euler/dashboard?issue_id=I3E5C1        openEuler 20.03LTS SP1 update210901       I48GIM       【20.03LTS SP1 update 210901】ovirt-cockpit-sso.service服务启动失败      主要      sig-oVirt      src-openEuler/ovirt-cockpit-sso       https://gitee.com/open_euler/dashboard?issue_id=I48GIM        openEuler 20.03-LTS-SP1       I4J0OY       【20.03 SP1】【arm/x86】安装好libdap后，getdap4命令的-i和-k参数使用异常      主要      sig/sig-recycle      src-openEuler/libdap       https://gitee.com/open_euler/dashboard?issue_id=I4J0OY        openEuler 20.03-LTS-SP1       I4JMG4       【20.03 SP1】【arm/x86】robotframework包的三个命令：libdoc、rebot、robot执行--help/-h/-?/--version，查看帮助信息和版本信息，返回值为251      主要      sig/sig-ROS      src-openEuler/python-robotframework       https://gitee.com/open_euler/dashboard?issue_id=I4JMG4        openEuler 20.03-LTS-SP1       I5DLX7       [20.03 22.03] 管理员指南操作文档mysql服务搭建指导文档有误      主要      sig/doc      openEuler/docs       https://gitee.com/open_euler/dashboard?issue_id=I5DLX7        openEuler-20.03-LTS-SP1       I7XX6A       【20.03 LTS SP1 update20230830】【arm\x86】java-latest-openjdk-headless和java-latest-openjdk-devel安装失败      主要      sig/Compiler      src-openEuler/openjdk-latest       https://gitee.com/open_euler/dashboard?issue_id=I7XX6A        openEuler-20.03-LTS-SP1 update20230906       I7ZHSX       【20.03 LTS SP1 update20230906】【arm\x86】java-1.8.0-openjdk子包全量升级失败      主要      sig/Compiler      src-openEuler/openjdk-1.8.0       https://gitee.com/open_euler/dashboard?issue_id=I7ZHSX        openEuler 20.03-LTS-SP1      I6VFAE      [20.03 SP1] [x86/arm] mariadb授权给远程用户，远程连接服务失败      次要      sig/DB      src-openEuler/mariadb       https://gitee.com/open_euler/dashboard?issue_id=I6VFAE        openEuler 20.03-LTS-SP1      I7ZNHN      【openEuler-20.03-LTS-SP1 update0906】【arm/x86】在虚拟机中创建转测版本docker，安装selinux-policy（默认未安装），selinux状态由Disabled变为Permissive      次要      sig/sig-security-fac      src-openEuler/selinux-policy       https://gitee.com/open_euler/dashboard?issue_id=I7ZNHN        openEuler 20.03-LTS-SP1      I7ZOX9      【20.03 LTS SP1】【arm/x86】 qdbuscpp2xml-qt5的help信息名称不一致      次要      sig/Programming-lang      src-openEuler/qt5-qtbase       https://gitee.com/open_euler/dashboard?issue_id=I7ZOX9        openEuler-20.03-LTS-SP1      I3QGU7      系统不支持GB18030      无优先级      sig/TC      openEuler/community       https://gitee.com/open_euler/dashboard?issue_id=I3QGU7        openEuler 20.03LTS SP1 update210926      I4CMSV      【20.03-LTS-SP1】【arm/x86】搭建Kubernetes 集群缺少包etcd      无优先级      sig/TC      openEuler/community       https://gitee.com/open_euler/dashboard?issue_id=I4CMSV        openEuler 20.03-LTS-SP1      I4G4A5      Undefine-shift in _bfd_safe_read_leb128      无优先级      sig/Base-service      src-openEuler/binutils       https://gitee.com/open_euler/dashboard?issue_id=I4G4A5        openEuler 20.03-LTS-SP1      I4G4B1      Integer overflow in print_vms_time      无优先级      sig/Base-service      src-openEuler/binutils       https://gitee.com/open_euler/dashboard?issue_id=I4G4B1        openEuler 20.03-LTS-SP1      I4G4VY      memleak in parse_gnu_debugaltlink      无优先级      sig/Base-service      src-openEuler/binutils       https://gitee.com/open_euler/dashboard?issue_id=I4G4VY        openEuler 20.03-LTS-SP1      I4G4WF      Heap-buffer-overflow in slurp_hppa_unwind_table      无优先级      sig/Base-service      src-openEuler/binutils       https://gitee.com/open_euler/dashboard?issue_id=I4G4WF        openEuler 20.03-LTS-SP1      I4G4WW      Use-after-free in make_qualified_name      无优先级      sig/Base-service      src-openEuler/binutils       https://gitee.com/open_euler/dashboard?issue_id=I4G4WW        openEuler 20.03-LTS-SP1      I4G4X6      memleak in byte_get_little_endian      无优先级      sig/Base-service      src-openEuler/binutils       https://gitee.com/open_euler/dashboard?issue_id=I4G4X6        openEuler 20.03-LTS-SP1      I4G4XF      memleak in process_mips_specific      无优先级      sig/Base-service      src-openEuler/binutils       https://gitee.com/open_euler/dashboard?issue_id=I4G4XF        openEuler 20.03-LTS-SP1      I4G4Y0      out-of-memory in vms_lib_read_index      无优先级      sig/Base-service      src-openEuler/binutils       https://gitee.com/open_euler/dashboard?issue_id=I4G4Y0        openEuler 20.03-LTS-SP1      I4G4YJ      Heap-buffer-overflow in bfd_getl16      无优先级      sig/Base-service      src-openEuler/binutils       https://gitee.com/open_euler/dashboard?issue_id=I4G4YJ        openEuler 20.03-LTS-SP1      I4G4YV      Floating point exception in _bfd_vms_slurp_etir      无优先级      sig/Base-service      src-openEuler/binutils       https://gitee.com/open_euler/dashboard?issue_id=I4G4YV        openEuler 20.03LTS SP1 update220111      I4QV6N      【openEuler-20.03-LTS-SP1】flink命令执行失败       无优先级      sig/sig-ai-bigdata      src-openEuler/flink       https://gitee.com/open_euler/dashboard?issue_id=I4QV6N        openEuler-20.03-LTS-SP1-dailybuild      I5Y99T      mate-desktop install problem in openEuler:20:03:LTS:SP1      无优先级      sig/sig-mate-desktop      src-openEuler/mate-desktop       https://gitee.com/open_euler/dashboard?issue_id=I5Y99T            openEuler-20.03-LTS-SP3 Update 2023     0906       经各    SIG    及社区开发者贡献，本周    openEuler-20.03-LTS-SP3    修复版本已知问6个，已知漏洞    37    个。目前版本分支剩余待修复缺陷     8    个，缺陷    /    漏洞统计详见清单，缺陷    /    漏洞问题详见各软件包源码仓库                openEuler-20.03-LTS-SP3 Update     版本     CVE     修复             及     Bugfix list     公示链接：        https://gitee.com/openeuler/release-management/issues/I7Y6TP?from=project-is...                 CVE修复：            CVE       仓库       score        CVE-2023-28879      ghostscript       9.8        CVE-2023-36664      ghostscript       9.8        CVE-2022-48565      python3       9.8        CVE-2022-31631      php       8.8        CVE-2023-0568      php       8.1        CVE-2023-0662      php       7.5        CVE-2023-37369      qt5-qtbase       7.5        CVE-2020-23804      poppler       7.5        CVE-2023-21930      openjdk-latest       7.4        CVE-2022-31630      php       7.1        CVE-2022-40090      libtiff      6.5       CVE-2022-37051      poppler      6.5       CVE-2022-37050      poppler      6.5       CVE-2022-37052      poppler      6.5       CVE-2022-38349      poppler      6.5       CVE-2023-0567      php      6.2       CVE-2023-21954      openjdk-latest      5.9       CVE-2023-21967      openjdk-latest      5.9       CVE-2023-38559      ghostscript      5.5       CVE-2023-28711      hyperscan      5.5       CVE-2022-48064      binutils      5.5       CVE-2023-39128      gdb      5.5       CVE-2023-3824      php      5.5       CVE-2023-3823      php      5.5       CVE-2022-21549      openjdk-latest      5.3       CVE-2023-21835      openjdk-latest      5.3       CVE-2023-21830      openjdk-latest      5.3       CVE-2023-21939      openjdk-latest      5.3       CVE-2023-22041      openjdk-latest      5.1       CVE-2022-40433      openjdk-latest      3.9       CVE-2023-21843      openjdk-latest      3.7       CVE-2023-21968      openjdk-latest      3.7       CVE-2023-21938      openjdk-latest      3.7       CVE-2023-21937      openjdk-latest      3.7       CVE-2023-22045      openjdk-latest      3.7       CVE-2023-22006      openjdk-latest      3.1       CVE-2023-3247      php      3.0           Bugfix：           issue       仓库        #I7YPBI:openEuler 20.03 SP1、20.03 SP3、22.03 LTS和22.03 SP1版本配置metalink      openEuler-repos       #I7UVFT: 创建多个ipv6地址，使用nping命令coredump      nmap       #I7VU25:【20.03 LTS SP1 】poppler子包从0.67.0-8版本向0.90.0-2版本升级有冲突      poppler       #I7YXWB:【20.03 LTS SP3】llvm-bolt需要升级      llvm-bolt       #I7UG7O:wpebackend-fdo组件的changelog首行末尾版本号与release对应的版本号不符      wpebackend-fdo       #I7SHZP:【OLK-5.10】arm64 ci概率出现trace日志不记录      kernel              openEuler-20.03-LTS-SP3     版本编译构建信息查询链接：        https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3        https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3:Epol                 openEuler-20.03-LTS-SP3 Update     版本             发布源链接：        https://repo.openeuler.org/openEuler-20.03-LTS-SP3/update/        https://repo.openeuler.org/openEuler-20.03-LTS-SP3/EPOL/update/main/        https://repo.openeuler.org/openEuler-20.03-LTS-SP3/docker_img/update/                 openEuler CVE     及安全公告公示链接：        https://www.openeuler.org/zh/security/cve/        https://www.openeuler.org/zh/security/safety-bulletin/        https://repo.openeuler.org/security/data/cvrf/                 openEuler-20.03-LTS-SP3 Update     版本待修复问题清单公示     (     任务     ID     标注红色的问题单优先级高     )     ：              里程碑       任务ID       任务标题       优先级       sig组       关联仓库       任务路径        openEuler 20.03-LTS-SP3       I5KXUY       【20.03 LTS SP3 update 20220803】【arm/x86】ovirt-cockpit-sso.service服务启动失败      主要      sig/oVirt      src-openEuler/ovirt-cockpit-sso       https://gitee.com/open_euler/dashboard?issue_id=I5KXUY        openEuler-20.03-LTS-SP3       I5KY4S       【20.03 LTS SP3 update 20220803】【arm/x86】vdsmd.service服务启动失败，导致mom-vdsm.service服务无法启动成功      主要      sig/oVirt      src-openEuler/vdsm       https://gitee.com/open_euler/dashboard?issue_id=I5KY4S        openEuler-20.03-LTS-SP3 update20230906       I7ZHTJ       【20.03 LTS SP3 update20230906】【arm\x86】java-1.8.0-openjdk子包全量升级失败      主要      sig/Compiler      src-openEuler/openjdk-1.8.0       https://gitee.com/open_euler/dashboard?issue_id=I7ZHTJ        openEuler-20.03-LTS-SP3      I6VFMI      [20.03 SP3] [x86/arm] mariadb授权给远程用户，远程连接服务失败      次要      sig/DB      src-openEuler/mariadb      https://gitee.com/open_euler/dashboard?issue_id=I6VFMI       openEuler-20.03-LTS-SP3      I72HWV      【20.03-lts-sp3】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败      次要      sig/Base-service      src-openEuler/php      https://gitee.com/open_euler/dashboard?issue_id=I72HWV       openEuler-20.03-LTS-SP3      I7QP67      [20.03-LTS-SP3]openssh自编译失败，提示缺少bc命令      次要      sig/Base-service      src-openEuler/openEuler-release      https://gitee.com/open_euler/dashboard?issue_id=I7QP67       openEuler-20.03-LTS-SP3      I7ZOZZ      【20.03 LTS SP3】【arm/x86】 qdbuscpp2xml-qt5的help信息名称不一致      次要      sig/Programming-lang      src-openEuler/qt5-qtbase      https://gitee.com/open_euler/dashboard?issue_id=I7ZOZZ       openEuler 20.03LTS SP3 update220111      I4QV7S      【openEuler-20.03-LTS-SP3】flink run 命令执行失败      无优先级      sig/sig-ai-bigdata      src-openEuler/flink      https://gitee.com/open_euler/dashboard?issue_id=I4QV7S           openEuler-22.03-LTS Update 2023     0906       经各    SIG    及社区开发者贡献，本周    openEuler-22.03-LTS    修复版本已知问题6个，已知漏洞    41    个。目前版本分支剩余待修复缺陷6个，缺陷    /    漏洞统计详见清单，缺陷    /    漏洞问题详见各软件包源码仓库                openEuler-22.03-LTS Update     版本     CVE     修复             及     Bugfix list     公示链接：        https://gitee.com/openeuler/release-management/issues/I7Y6TQ?from=project-is...                 CVE修复：            CVE       仓库       score        CVE-2023-28879      ghostscript       9.8        CVE-2023-36664      ghostscript       9.8        CVE-2022-31631      php       8.8        CVE-2023-0568      php       8.1        CVE-2023-37369      qt5-qtbase       7.5        CVE-2020-23804      poppler       7.5        CVE-2023-0662      php       7.5        CVE-2023-21930      openjdk-latest       7.4        CVE-2023-3865      kernel       7.1        CVE-2023-4273      kernel      6.7       CVE-2022-37051      poppler      6.5       CVE-2022-37050      poppler      6.5       CVE-2022-37052      poppler      6.5       CVE-2022-38349      poppler      6.5       CVE-2022-40090      libtiff      6.5       CVE-2023-1972      binutils      6.5       CVE-2023-0567      php      6.2       CVE-2023-21954      openjdk-latest      5.9       CVE-2023-21967      openjdk-latest      5.9       CVE-2023-3866      kernel      5.9       CVE-2023-39128      gdb      5.5       CVE-2023-38559      ghostscript      5.5       CVE-2023-28711      hyperscan      5.5       CVE-2023-4132      kernel      5.5       CVE-2022-4285      binutils      5.5       CVE-2022-48064      binutils      5.5       CVE-2023-3824      php      5.5       CVE-2023-3823      php      5.5       CVE-2022-21549      openjdk-latest      5.3       CVE-2023-21835      openjdk-latest      5.3       CVE-2023-21830      openjdk-latest      5.3       CVE-2023-21939      openjdk-latest      5.3       CVE-2023-22041      openjdk-latest      5.1       CVE-2022-40433      openjdk-latest      3.9       CVE-2023-21843      openjdk-latest      3.7       CVE-2023-21968      openjdk-latest      3.7       CVE-2023-21938      openjdk-latest      3.7       CVE-2023-21937      openjdk-latest      3.7       CVE-2023-22045      openjdk-latest      3.7       CVE-2023-22006      openjdk-latest      3.1       CVE-2023-3247      php      3.0           Bugfix：           issue       仓库        #I7SOHC:上游社区补丁分析回合      grub2       #I7YPBI:openEuler 20.03 SP1、20.03 SP3、22.03 LTS和22.03 SP1版本配置metalink      openEuler-repos       #I7TFS0:edk2组件的各个子包在202011-12版本丢失changelog信息，202011-11版本存在changelog      edk2       #I7UVFT: 创建多个ipv6地址，使用nping命令coredump      nmap       #I7UG7O:wpebackend-fdo组件的changelog首行末尾版本号与release对应的版本号不符      wpebackend-fdo       #I7LJO8:【OLK 5.10】dm_pool_dec_data_range()默认返回值变化可能导致discard失败      kernel           openEuler-22.03-LTS     版本编译构建信息查询链接：        https://build.openeuler.org/project/show/openEuler:22.03:LTS        https://build.openeuler.org/project/show/openEuler:22.03:LTS:Epol                 openEuler-22.03-LTS Update     版本             发布源链接：        https://repo.openeuler.org/openEuler-22.03-LTS/update/        https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/main/        https://repo.openeuler.org/openEuler-22.03-LTS/docker_img/update/        https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Ope...        https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Ope...        https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/obs...                 openEuler CVE      及             安全公告公示链接：        https://www.openeuler.org/zh/security/cve/        https://www.openeuler.org/zh/security/safety-bulletin/        https://repo.openeuler.org/security/data/cvrf/                 openEuler-22.03-LTS Update     版本待修复问题清单公示     (     任务     ID     标注红色的问题单优先级高     )     ：              里程碑       任务ID       任务标题       优先级       sig组       关联仓库       任务路径        openEuler-22.03-LTS update20230726       I7ORCE       【22.03 LTS update20230726】【arm\x86】selinux-policy-base的版本不符合ceph子包的安装条件，ceph子包安装失败; cephadm卸载有异常打印      主要      sig/sig-SDS      src-openEuler/ceph      https://gitee.com/open_euler/dashboard?issue_id=I7ORCE       openEuler-22.03-LTS       I7XWWC       【22.03 LTS update20230830】【arm\x86】java-1.8.0-openjdk子包全量升级失败      主要      sig/Compiler      src-openEuler/openjdk-1.8.0      https://gitee.com/open_euler/dashboard?issue_id=I7XWWC       openEuler-22.03-LTS      I596H5      openEuler官网中安全加固指南模块—>;加固指导—>;系统服务—>;ssh加固项说明：加固建议中多添加了@符号      次要      sig/doc      openEuler/docs      https://gitee.com/open_euler/dashboard?issue_id=I596H5       openEuler-22.03-LTS      I6VFRX      [22.03-LTS][x86/arm]mariadb授权给远程用户，远程连接服务失败      次要      sig/DB      src-openEuler/mariadb      https://gitee.com/open_euler/dashboard?issue_id=I6VFRX       openEuler-22.03-LTS      I72N5G      【22.03-lts】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败      次要      sig/Base-service      src-openEuler/php      https://gitee.com/open_euler/dashboard?issue_id=I72N5G       openEuler-22.03-LTS      I7ZP1J      【22.03 LTS】【arm/x86】 qdbuscpp2xml-qt5的help信息名称不一致      次要      sig/Programming-lang      src-openEuler/qt5-qtbase      https://gitee.com/open_euler/dashboard?issue_id=I7ZP1J           openEuler-22.03-LTS-SP1 Update 2023     0906       经各    SIG    及社区开发者贡献，本周    openEuler-22.03-LTS-SP1    修复版本已知问题9个，已知漏洞    52    个。目前版本分支剩余待修复缺陷13个，缺陷    /    漏洞统计详见清单，缺陷    /    漏洞问题详见各软件包源码仓库                openEuler-22.03-LTS SP1 Update     版本     CVE     修复             及     Bugfix list     公示链接：        https://gitee.com/openeuler/release-management/issues/I7Y6TM?from=project-is...                 CVE修复：            CVE       仓库       score        CVE-2023-28879      ghostscript       9.8        CVE-2023-36664      ghostscript       9.8        CVE-2022-31631      php       8.8        CVE-2023-0568      php       8.1        CVE-2023-36328      libtommath       7.8        CVE-2023-37369      qt5-qtbase       7.5        CVE-2023-0662      php       7.5        CVE-2022-40433      openjdk-11       7.5        CVE-2023-21930      openjdk-latest       7.4        CVE-2023-3865      kernel       7.1        CVE-2023-4273      kernel      6.7       CVE-2023-1972      binutils      6.5       CVE-2022-40090      libtiff      6.5       CVE-2023-0567      php      6.2       CVE-2023-21954      openjdk-latest      5.9       CVE-2023-21967      openjdk-latest      5.9       CVE-2023-21954      openjdk-11      5.9       CVE-2023-21967      openjdk-11      5.9       CVE-2023-3866      kernel      5.9       CVE-2023-22043      openjdk-latest      5.9       CVE-2023-28711      hyperscan      5.5       CVE-2023-38559      ghostscript      5.5       CVE-2022-4285      binutils      5.5       CVE-2022-48064      binutils      5.5       CVE-2023-39128      gdb      5.5       CVE-2023-4132      kernel      5.5       CVE-2022-21549      openjdk-latest      5.3       CVE-2023-21835      openjdk-latest      5.3       CVE-2023-21830      openjdk-latest      5.3       CVE-2023-21939      openjdk-latest      5.3       CVE-2023-21835      openjdk-11      5.3       CVE-2023-21939      openjdk-11      5.3       CVE-2023-22041      openjdk-latest      5.1       CVE-2023-22041      openjdk-11      5.1       CVE-2022-40433      openjdk-latest      3.9       CVE-2023-21843      openjdk-latest      3.7       CVE-2023-21968      openjdk-latest      3.7       CVE-2023-21938      openjdk-latest      3.7       CVE-2023-21937      openjdk-latest      3.7       CVE-2023-22045      openjdk-latest      3.7       CVE-2023-21843      openjdk-11      3.7       CVE-2023-21968      openjdk-11      3.7       CVE-2023-21938      openjdk-11      3.7       CVE-2023-21937      openjdk-11      3.7       CVE-2023-22036      openjdk-11      3.7       CVE-2023-22045      openjdk-11      3.7       CVE-2023-22049      openjdk-11      3.7       CVE-2023-22044      openjdk-latest      3.7       CVE-2023-22049      openjdk-latest      3.7       CVE-2023-22036      openjdk-latest      3.7       CVE-2023-22006      openjdk-latest      3.1       CVE-2023-22006      openjdk-11      3.1           Bugfix：           issue       仓库        #I7SOHC:上游社区补丁分析回合      grub2       #I7YPBI:openEuler 20.03 SP1、20.03 SP3、22.03 LTS和22.03 SP1版本配置metalink      openEuler-repos       #I7UVFT: 创建多个ipv6地址，使用nping命令coredump      nmap       #I7YY7S:【22.03 LTS SP1】llvm-bolt需要升级      llvm-bolt       #I7UG7O:wpebackend-fdo组件的changelog首行末尾版本号与release对应的版本号不符      wpebackend-fdo       #I7VR9G:网络域开源组件json-c回合上游社区补丁      json-c       #I7JD72:crash工具无法正常解析ARM V8以上新增的指令集      crash       #I7XVQD:【OLK 5.10】并发创建使用dm设备触发空指针解引用      kernel       #I7UYMV:更新gazelle的1.0.2版本源码包      gazelle           openEuler-22.03-LTS SP1     版本编译构建信息查询链接：        https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP1        https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP1:Epo...                 openEuler-22.03-LTS SP1 Update     版本             发布源链接：        https://repo.openeuler.org/openEuler-22.03-LTS-SP1/update/        https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/main/        https://repo.openeuler.org/openEuler-22.03-LTS-SP1/docker_img/update/        https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_version...        https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_version...        https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_version...                 openEuler CVE      及             安全公告公示链接：        https://www.openeuler.org/zh/security/cve/        https://www.openeuler.org/zh/security/safety-bulletin/        https://repo.openeuler.org/security/data/cvrf/                 openEuler-22.03-LTS-SP1 Update     版本待修复问题清单公示     (     任务     ID     标注红色的问题单优先级高     )     ：              里程碑       任务ID       任务标题       优先级       sig组       关联仓库       任务路径        openEuler 22.03-SP1       I6B4V1       【22.03 SP1 update 20230118】【arm】libhdfs在arm架构降级失败，x86正常      主要      sig/bigdata      src-openEuler/hadoop      https://gitee.com/open_euler/dashboard?issue_id=I6B4V1       openEuler-22.03-LTS-SP1       I7LW30       【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during IPA pass: struct_reorg(in wide_int_to_tree_1, at tree.c:1575)      主要      sig/Compiler      openEuler/gcc      https://gitee.com/open_euler/dashboard?issue_id=I7LW30       openEuler-22.03-LTS-SP1       I7LWCW       【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:internal compiler error: Segmentation fault      主要      sig/Compiler      openEuler/gcc      https://gitee.com/open_euler/dashboard?issue_id=I7LWCW       openEuler-22.03-LTS-SP1       I7LWK7       【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during IPA pass: struct_reorg(in get_type_field, at ipa-struct-reorg/ipa-struct-reorg.c:4394)      主要      sig/Compiler      openEuler/gcc      https://gitee.com/open_euler/dashboard?issue_id=I7LWK7       openEuler-22.03-LTS-SP1       I7LWO1       【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during RTL pass: expand(in convert_move, at expr.c:219)      主要      sig/Compiler      openEuler/gcc      https://gitee.com/open_euler/dashboard?issue_id=I7LWO1       openEuler-22.03-LTS-SP1       I7LX07       【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during IPA pass: struct_reorg(in get_type_field, at ipa-struct-reorg/ipa-struct-reorg.c:4379)      主要      sig/Compiler      openEuler/gcc      https://gitee.com/open_euler/dashboard?issue_id=I7LX07       openEuler-22.03-LTS-SP1 update20230726       I7OR2I       【22.03 LTS SP1 update20230726】【arm\x86】selinux-policy-base的版本不符合ceph子包的安装条件，ceph子包安装失败      主要      sig/sig-SDS      src-openEuler/ceph      https://gitee.com/open_euler/dashboard?issue_id=I7OR2I       openEuler-22.03-LTS-SP1       I7XWXQ       【22.03 LTS SP1 update20230830】【arm\x86】java-1.8.0-openjdk子包全量升级失败      主要      sig/Compiler      src-openEuler/openjdk-1.8.0      https://gitee.com/open_euler/dashboard?issue_id=I7XWXQ       openEuler-20.03-LTS-SP1 update20230906       I7ZHSX       【20.03 LTS SP1 update20230906】【arm\x86】java-1.8.0-openjdk子包全量升级失败      主要      sig/Compiler      src-openEuler/openjdk-1.8.0      https://gitee.com/open_euler/dashboard?issue_id=I7ZHSX       openEuler-22.03-LTS-SP1      I6VFV6      [22.03 SP1] [x86/arm] mariadb授权给远程用户，远程连接服务失败      次要      sig/DB      src-openEuler/mariadb      https://gitee.com/open_euler/dashboard?issue_id=I6VFV6       openEuler-22.03-LTS-SP1      I73CKF      【22.03-lts-sp1】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败      次要      sig/Base-service      src-openEuler/php      https://gitee.com/open_euler/dashboard?issue_id=I73CKF       openEuler-22.03-LTS-SP1      I7ZP3M      【22.03 LTS SP1】【arm/x86】 qdbuscpp2xml-qt5的help信息名称不一致      次要      sig/Programming-lang      src-openEuler/qt5-qtbase      https://gitee.com/open_euler/dashboard?issue_id=I7ZP3M       openEuler-20.03-LTS-SP1-dailybuild      I5Y99T      mate-desktop install problem in openEuler:20:03:LTS:SP1      无优先级      sig/sig-mate-desktop      src-openEuler/mate-desktop      https://gitee.com/open_euler/dashboard?issue_id=I5Y99T           openEuler-22.03-LTS-SP2 Update 2023     0906       经各    SIG    及社区开发者贡献，本周    openEuler-22.03-LTS-SP2    修复版本已知问题6个，已知漏洞50个。目前版本分支剩余待修复缺陷4个，缺陷    /    漏洞统计详见清单，缺陷    /    漏洞问题详见各软件包源码仓库                openEuler-22.03-LTS-SP2 Update     版本     CVE     修复             及     Bugfix list     公示链接：        https://gitee.com/openeuler/release-management/issues/I7Y6TK?from=project-is...                 CVE修复：            CVE       仓库       score        CVE-2023-28879      ghostscript       9.8        CVE-2023-36664      ghostscript       9.8        CVE-2023-37369      qt5-qtbase       7.5        CVE-2020-23804      poppler       7.5        CVE-2022-40433      openjdk-11       7.5        CVE-2023-21930      openjdk-11       7.4        CVE-2023-3865      kernel       7.1        CVE-2023-4273      kernel      6.7       CVE-2022-37051      poppler      6.5       CVE-2022-37050      poppler      6.5       CVE-2022-37052      poppler      6.5       CVE-2022-38349      poppler      6.5       CVE-2022-40090      libtiff      6.5       CVE-2023-1972      binutils      6.5       CVE-2023-21954      openjdk-latest      5.9       CVE-2023-21954      openjdk-11      5.9       CVE-2023-21967      openjdk-11      5.9       CVE-2023-3866      kernel      5.9       CVE-2023-28711      hyperscan      5.5       CVE-2023-39128      gdb      5.5       CVE-2023-38559      ghostscript      5.5       CVE-2022-4285      binutils      5.5       CVE-2022-48064      binutils      5.5       CVE-2023-4132      kernel      5.5       CVE-2023-3824      php      5.5       CVE-2023-3823      php      5.5       CVE-2022-21549      openjdk-latest      5.3       CVE-2023-21835      openjdk-latest      5.3       CVE-2023-21830      openjdk-latest      5.3       CVE-2023-21939      openjdk-latest      5.3       CVE-2023-21835      openjdk-11      5.3       CVE-2023-21939      openjdk-11      5.3       CVE-2023-22041      openjdk-latest      5.1       CVE-2023-22041      openjdk-11      5.1       CVE-2022-40433      openjdk-latest      3.9       CVE-2023-21843      openjdk-latest      3.7       CVE-2023-21968      openjdk-latest      3.7       CVE-2023-21938      openjdk-latest      3.7       CVE-2023-21937      openjdk-latest      3.7       CVE-2023-22045      openjdk-latest      3.7       CVE-2023-21843      openjdk-11      3.7       CVE-2023-21968      openjdk-11      3.7       CVE-2023-21938      openjdk-11      3.7       CVE-2023-21937      openjdk-11      3.7       CVE-2023-22036      openjdk-11      3.7       CVE-2023-22045      openjdk-11      3.7       CVE-2023-22049      openjdk-11      3.7       CVE-2023-22006      openjdk-latest      3.1       CVE-2023-22006      openjdk-11      3.1       CVE-2023-3247      php      3.0           Bugfix：           issue       仓库        #I7SOHC:上游社区补丁分析回合      grub2       #I7XIHZ:安装libvirt*，ping操作提示“sendmsg: Operation not permitted”      ebtables       #I7UVFT: 创建多个ipv6地址，使用nping命令coredump      nmap       #I7YY6C:【22.03 LTS SP2】llvm-bolt需要升级      llvm-bolt       #I7UG7O:wpebackend-fdo组件的changelog首行末尾版本号与release对应的版本号不符      wpebackend-fdo       #I7VR9G:网络域开源组件json-c回合上游社区补丁      json-c           openEuler-22.03-LTS SP2     版本编译构建信息查询链接：        https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP2        https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP2:Epo...                 openEuler-22.03-LTS SP2 Update     版本             发布源链接：        https://repo.openeuler.org/openEuler-22.03-LTS-SP2/update/        https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/main/        https://repo.openeuler.org/openEuler-22.03-LTS-SP2/hotpatch_update/        https://repo.openeuler.org/openEuler-22.03-LTS-SP2/docker_img/update/        https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/multi_version...        https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/multi_version...                 openEuler CVE      及             安全公告公示链接：        https://www.openeuler.org/zh/security/cve/        https://www.openeuler.org/zh/security/safety-bulletin/        https://repo.openeuler.org/security/data/cvrf/        https://repo.openeuler.org/security/data/hotpatch_cvrf/                 openEuler-22.03-LTS-SP2 Update     版本待修复问题清单公示     (     任务     ID     标注红色的问题单优先级高     )     ：              里程碑       任务ID       任务标题       优先级       sig组       关联仓库       任务路径        openEuler-22.03-LTS-SP2-round-2       I795G3       【22.03-LTS-SP2 round2】本次转测源中出现多个版本的containers-common      主要      sig/sig-CloudNative      src-openEuler/skopeo      https://gitee.com/open_euler/dashboard?issue_id=I795G3       openEuler-22.03-LTS-SP2-SEC       I7AFIR       【22.03-LTS-SP2 round2】【x86/arm】libkae-1.2.10-6.oe2203sp2安全编译选项Rpath/Runpath不满足      主要      sig-AccLib      src-openEuler/libkae      https://gitee.com/open_euler/dashboard?issue_id=I7AFIR       openEuler-22.03-LTS-SP2       I7XWZ2       【22.03 LTS SP2 update20230830】【arm\x86】java-1.8.0-openjdk子包全量升级失败      主要      sig/Compiler      src-openEuler/openjdk-1.8.0      https://gitee.com/open_euler/dashboard?issue_id=I7XWZ2       openEuler-22.03-LTS-SP2      I7ZP4V      【22.03 LTS SP2】【arm/x86】 qdbuscpp2xml-qt5的help信息名称不一致      次要      sig/Programming-lang      src-openEuler/qt5-qtbase      https://gitee.com/open_euler/dashboard?issue_id=I7ZP4V           社区待修复漏洞：       openEuler    社区根据漏洞严重等级采取差异化的修复策略，请各个    SIG     关注涉及    CVE    组件的修复情况。           严重等级（Severity Rating）       漏洞修复时长        致命（Critical）      7天       高（High）      14天       中（Medium）      30天       低（Low）      30天           可参考社区安全委员会漏洞：     https://gitee.com/openeuler/security-committee/wikis/%E7%A4%BE%E5%8C%BA%E6%B...                 近     14     天将超期     CVE     （     9.9     日数据）     :             漏洞编号       Issue ID       剩余天数       CVSS评分       软件包       责任SIG        CVE-2023-41910      I7YQBU      6.24       9.8       nodejs-with      sig-nodejs       CVE-2020-24165      I7WY1L      6.24       8.8       qemu      Virt       CVE-2023-4738      I7Y1XF      7.74       7.8       vim      Base-service       CVE-2023-4736      I7Y1XB      7.74       7.8       vim      Base-service       CVE-2023-4734      I7Y1WZ      7.74       7.8       vim      Base-service       CVE-2023-4752      I7YIF7      9.24       7.8       vim      Base-service       CVE-2023-4750      I7YIF0      9.24       7.8       vim      Base-service       CVE-2023-4751      I7YETA      9.24       7.8       vim      Base-service       CVE-2023-4781      I7YV9Y      10.74       7.8       vim      Base-service       CVE-2023-4623      I7Z7CD      11.24       7.8       kernel      Kernel       CVE-2023-4208      I7Z7CC      11.24       7.8       kernel      Kernel       CVE-2023-4206      I7Z7CB      11.24       7.8       kernel      Kernel       CVE-2023-4622      I7Z7C9      11.24       7.8       kernel      Kernel       CVE-2023-4244      I7Z7C3      11.24       7.8       kernel      Kernel       CVE-2023-4207      I7Z7BQ      11.24       7.8       kernel      Kernel       CVE-2023-4015      I7YIXO      11.24       7.8       kernel      Kernel       CVE-2023-3777      I7YIXI      11.24       7.8       kernel      Kernel       CVE-2023-39810      I7WN64      12.24       7.8       busybox      sig-CloudNative       CVE-2022-33275      I7YQAQ      13.24       7.8       nodejs-is      sig-nodejs       CVE-2021-34193      I7WN56      2.9       7.5       opensc      Base-service       CVE-2022-34038      I7V70G      4.24       7.5       etcd      sig-CloudNative       CVE-2023-39663      I7WZIV      5.67       7.5       mathjax      sig-UKUI       CVE-2023-3354      I7GURP      9.24       7.5       qemu      Virt       CVE-2023-20900      I7XLKS      11.24       7.5       open-vm-tools      sig/Virt       CVE-2023-4733      I7YIF8      9.24       7.3       vim      Base-service       CVE-2020-21528      I7V71T      13.46      5.9      nasm      Programming-language       CVE-2021-28429      I7SLVP      10.46      5.5      ffmpeg      sig-DDE       CVE-2023-4459      I7UWI8      12.46      5.5      kernel      Kernel       CVE-2023-4385      I7TT9F      13.46      5.5      kernel      Kernel       CVE-2023-40612      I7VHLO      13.93      5.3      openstack-horizon      sig-openstack       CVE-2023-28938      I7V4BK      11.82      4.4      mdadm      Storage       CVE-2020-21686      I7VCVA      12.74      4.3      nasm      Programming-language       CVE-2023-40027      I7TI35      6.46      3.7      openstack-keystone      sig-openstack           openEuler      社区指导文档及开放平台链接：                openEuler      版本分支维护规范：        https://gitee.com/openeuler/release-management/blob/master/openEuler%E7%89%8...        openEuler release-management      版本分支     PR     指导：        https://gitee.com/openeuler/release-management/blob/master/openEuler%E5%BC%8...        社区     QA      版本测试提单规范        https://gitee.com/openeuler/QA/blob/master/%E7%A4%BE%E5%8C%BA%E7%89%88%E6%9C...        社区     QA      测试平台      radiates        https://radiatest.openeuler.org