Sa-announce September 2022

sa-announce@openeuler.org

1 participants
3 discussions

openEuler update_20220919 版本发布公告
by chemingdao 24 Sep '22

24 Sep '22

Dear all，经社区Release SIG、QA SIG及 CICD SIG 评估，openEuler-20.03-LTS-SP1、openEuler-20.03-LTS-SP3及openEuler-22.03-LTS update版本满足版本出口质量，现进行发布公示。本公示分为五部分： 1、openEuler-20.03-LTS-SP1 Update 20220919发布情况及待修复缺陷 2、openEuler-20.03-LTS-SP3 Update 20220919 发布情况及待修复缺陷 3、openEuler-22.03-LTS Update 20220919发布情况及待修复缺陷 4、openEuler 关键组件待修复CVE 清单 5、openEuler 社区指导文档及开放平台链接本次update版本发布后，下一个版本里程碑点（预计在2022/09/30）提供 update_20220926版本。 openEuler-20.03-LTS-SP1 Update 20220919 经各SIG及社区开发者贡献，本周openEuler-20.03-LTS-SP1修复版本已知问题11个，已知漏洞37个。目前版本分支剩余待修复缺陷67个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP1 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I5ROVZ?from=project-i… CVE修复： CVE 仓库 CVSS评分 CVE-2022-40674 expat 9.8 CVE-2022-36109 docker 6.3 CVE-2022-3202 kernel 7.1 CVE-2022-27664 golang 7.5 CVE-2022-2520 libtiff 6.5 CVE-2022-1292 linux-sgx 9.8 CVE-2022-0778 shim 7.5 CVE-2022-0322 kernel 5.5 CVE-2021-45868 kernel 5.5 CVE-2021-4157 kernel 5.9 CVE-2021-3894 kernel 5.5 CVE-2021-3712 shim 7.4 CVE-2021-3656 kernel 8.8 CVE-2021-3505 libtpms 5.5 CVE-2021-33503 python-pip 7.5 CVE-2021-23840 shim 7.5 CVE-2020-1971 shim 5.9 CVE-2020-15025 ntp 4.9 CVE-2020-14422 python-pip 5.9 CVE-2018-0732 shim 7.5 CVE-2017-3735 shim 5.3 CVE-2022-40320 libconfuse 8.8 CVE-2021-45105 log4j 7.5 CVE-2021-44832 log4j 6.6 CVE-2021-22918 nodejs 5.3 CVE-2021-20191 ansible 5.5 CVE-2020-1753 ansible 5.5 CVE-2020-1740 ansible 4.7 CVE-2020-1739 ansible 3.9 CVE-2020-1737 ansible 7.8 CVE-2020-1735 ansible 4.6 CVE-2020-10729 ansible 5.5 CVE-2020-10684 ansible 7.1 CVE-2019-14904 ansible 7.3 CVE-2022-2735 pcs 7.8 CVE-2021-44228 flink 10 CVE-2020-36403 htslib 8.8 Bugfix： issue 仓库 #I5RPNP:spec文件里recommend了help文件，事实上不需要该依赖<https://gitee.com/open_euler/dashboard?issue_id=I5RPNP> python3 #I5RPRZ:spec文件里recommend了help文件，事实上不需要该依赖<https://gitee.com/open_euler/dashboard?issue_id=I5RPRZ> libxml2 #I5QU41:安全扫描出postfix的许多文件需要对rpath进行处理<https://gitee.com/open_euler/dashboard?issue_id=I5QU41> postfix #I5NUO6:注意spec中changelog撰写规范<https://gitee.com/open_euler/dashboard?issue_id=I5NUO6> libproxy #I5QIKV:【20.03 SP1 update20220907】sgx-pck-id-retrieval-tool升级有Error信息<https://gitee.com/open_euler/dashboard?issue_id=I5QIKV> linux-sgx #I4M3KE:[20.03-lts-sp1]卸载abrt-addon-ccpp报错：Failed to disable unit: Unit file abrt-ccpp.service does not exist.<https://gitee.com/open_euler/dashboard?issue_id=I4M3KE> abrt #I4NO1Z:【SP1-arm/x86】openhpi升级有报错信息<https://gitee.com/open_euler/dashboard?issue_id=I4NO1Z> openhpi #I5RV05:spec文件里recommend了help文件，事实上不需要该依赖<https://gitee.com/open_euler/dashboard?issue_id=I5RV05> libseccomp #I5O7TI:【openEuler-20.03-LTS-SP1 】[arm/x86]traffic_layout remove core dump<https://gitee.com/open_euler/dashboard?issue_id=I5O7TI> trafficserver #I5QPB7:【openEuler-20.03-LTS-SP1】【arm/x86】passenger 软件包命令行执行报错<https://gitee.com/open_euler/dashboard?issue_id=I5QPB7> passenger #I5SEBM:update oec hardware version to 1.1.2-4<https://gitee.com/open_euler/dashboard?issue_id=I5SEBM> oec-hardware openEuler-20.03-LTS-SP1版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1 https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1:Epol openEuler-20.03-LTS-SP1 Update版本发布源链接： https://repo.openeuler.org/openEuler-20.03-LTS-SP1/update/ https://repo.openeuler.org/openEuler-20.03-LTS-SP1/EPOL/update/ openEuler CVE 及安全公告公示链接： https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-20.03-LTS-SP1 Update版本待修复问题清单公示：任务ID 任务标题关联仓库 SIG I281C1 【fuzz】runtime error: libsass Base-service I437CR [SP1][arm/x86]obs-server包下11个服务启动关闭，出现报错 obs-server Others I43OSX [clamav] 执行clamscan --statistics pcre命令会出现error，但是最终返回码为0 clamav Others I44RHB large loop in OBJ_obj2txt openssl sig-security-facility I44RIX large loop in bn_lshift_fixed_top openssl sig-security-facility I47I56 yum升级出现dkms的错误告警打印 dkms Others I48GIM 【20.03LTS SP1 update 210901】ovirt-cockpit-sso.service服务启动失败 ovirt-cockpit-sso oVirt I490MU Uncaught exception in get_tokens_unprocessed python-pygments Programming-language I4CJX9 [20.03-LTS-SP1] 389-ds-base包下的部分命令-v参数不显示版本号 three-eight-nine-ds-base Application I4CM78 [20.03-LTS-SP1]389-ds-base和389-ds-base-legacy-tools包的部分命令执行返回No instances found in /etc/sysconfig three-eight-nine-ds-base Application I4F8YQ integer overflow in start_input_bmp libjpeg-turbo Desktop I4F8ZI heap-buffer-overflow in get_word_rgb_row libjpeg-turbo Desktop I4F903 Unexpect-exit in start_input_tga libjpeg-turbo Desktop I4F913 Timeout in tjDecompress2 libjpeg-turbo Desktop I4FRSL Undefined-shift in bitset_set augeas Desktop I4FT5J Timeout in fa_from_re augeas Desktop I4FT5U stack overflow in fa_from_re augeas Desktop I4FT61 stack overflow in re_case_expand augeas Desktop I4FT67 memleaks in ref_make_ref augeas Desktop I4FT6B SEGV in re_case_expand augeas Desktop I4FT6F stack overflow in parse_concat_exp augeas Desktop I4FT7B stack overflow in calc_eclosure_iter augeas Desktop I4FT8E stack overflow in peek_token augeas Desktop I4FT8P stack overflow in parse_path_expr augeas Desktop I4FT97 Out of memory in ns_from_locpath augeas Desktop I4FT9A SEGV in eval_expr augeas Desktop I4FT9C SEGV in tree_prev augeas Desktop I4FT9G stack overflow in check_expr augeas Desktop I4FT9I stack overflow in free_expr augeas Desktop I4G4A5 Undefine-shift in _bfd_safe_read_leb128 binutils Compiler I4G4B1 Integer overflow in print_vms_time binutils Compiler I4G4VY memleak in parse_gnu_debugaltlink binutils Compiler I4G4WF Heap-buffer-overflow in slurp_hppa_unwind_table binutils Compiler I4G4WW Use-after-free in make_qualified_name binutils Compiler I4G4X6 memleak in byte_get_little_endian binutils Compiler I4G4XF memleak in process_mips_specific binutils Compiler I4G4Y0 out-of-memory in vms_lib_read_index binutils Compiler I4G4YJ Heap-buffer-overflow in bfd_getl16 binutils Compiler I4G4YV Floating point exception in _bfd_vms_slurp_etir binutils Compiler I4G5TL stack-buffer-overflow in redisvFormatCommand hiredis Base-service I4G5U2 AddressSanitizer CHECK failed in sdscatvprintf hiredis Base-service I4G5UN SEGV in redisvFormatCommand hiredis Base-service I4G5WG AddressSanitizer CHECK failed in sdscatlen hiredis Base-service I4G5XO Attempting free wild-addr in hi_free hiredis Base-service I4J0OY 【20.03 SP1】【arm/x86】安装好libdap后，getdap4命令的-i和-k参数使用异常 libdap sig-recycle I4JMG4 【20.03 SP1】【arm/x86】robotframework包的三个命令：libdoc、rebot、robot执行--help/-h/-?/--version，查看帮助信息和版本信息，返回值为251 python-robotframework sig-ROS I4K6ES stack-buffer-overflow in UINT32_Marshal libtpms sig-security-facility I4K6FU global-buffer-overflow in Array_Marshal libtpms sig-security-facility I4K6R7 memleak in wrap_nettle_mpi_init gnutls sig-security-facility I4K6UI Timeout in _asn1_find_up gnutls sig-security-facility I4KT2A integer overflow in luaV_execute lua Base-service I4KT3D integer overflow in intarith lua Base-service I4KT3Q Division by zero in luaV_execute lua Base-service I4KT40 Timeout in luaV_finishget lua Base-service I4M3KE [20.03-lts-sp1]卸载abrt-addon-ccpp报错：Failed to disable unit: Unit file abrt-ccpp.service does not exist. abrt Application I4NNTR [SP1][x86/arm]执行isula pull busybox,报错"fetch and parse manifest failed" iSulad iSulad I4NO1Z 【SP1-arm/x86】openhpi升级有报错信息 openhpi System-tool I4O16Z 【SP1_update/arm】安装kernel-4.19.90-2108版本有错误提示信息 kernel Kernel I4QV6N 【openEuler-20.03-LTS-SP1】flink命令执行失败 flink sig-bigdata I5G81X 【20.03 SP1】selinux-policy卸载异常 selinux-policy sig-security-facility I5GT2K 【20.03-SP1】【arm/x86】pcp-system-tools包下的pcp-mpstat命令执行报错 pcp Application I5IG1V 【20.03-SP1】【x86/arm】epol源下的efl、efl-devel软件包安装报错，gpg检查失败 efl sig-compat-winapp I5IG6K 【20.03-SP1】【x86/arm】epol源下的opencryptoki、opencryptoki-devel软件包安装报错，gpg检查失败 opencryptoki dev-utils I5JHX2 【20.03 SP1 update 20220727】ovirt-engine在update 20220727版本安装失败 ovirt-engine oVirt I5JNSL 【20.03 SP1 update 20220727】【arm】htcacheclean.service服务启动之后，日志中提示”Can't open PID file /run/httpd/htcacheclean/pid“ httpd Networking I5O40D 【20.03 SP1】linux-sgx-driver在20.03 SP1分支安装有异常告警 linux-sgx-driver sig-confidential-computing I5Q5D1 【20.03 SP1】ibus在sp1分支安装有异常告警 ibus Desktop openEuler-20.03-LTS-SP3 Update 20220919 经各SIG及社区开发者贡献，本周openEuler-20.03-LTS-SP3修复版本已知问题8个，已知漏洞108个。目前版本分支剩余待修复缺陷18个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP3 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I5ROW0?from=project-i… CVE修复：需求类型软件包 CVSS评分 CVE-2022-40674 expat 9.8 CVE-2022-36109 docker 6.3 CVE-2022-3202 kernel 7.1 CVE-2022-27664 golang 7.5 CVE-2022-2520 libtiff 6.5 CVE-2022-1292 linux-sgx 9.8 CVE-2022-0778 shim 7.5 CVE-2022-0322 kernel 5.5 CVE-2021-3894 kernel 5.5 CVE-2021-3712 shim 7.4 CVE-2021-33503 python-pip 7.5 CVE-2021-23840 shim 7.5 CVE-2020-1971 shim 5.9 CVE-2020-15025 ntp 4.9 CVE-2020-14422 python-pip 5.9 CVE-2018-0732 shim 7.5 CVE-2017-3735 shim 5.3 CVE-2022-40320 libconfuse 8.8 CVE-2021-45105 log4j 7.5 CVE-2021-45046 log4j 3.7 CVE-2021-44832 log4j 6.6 CVE-2021-44227 mailman 8.8 CVE-2021-43813 grafana 4.3 CVE-2021-43809 rubygem-bundler 7.3 CVE-2021-43797 netty 6.5 CVE-2021-43332 mailman 6.5 CVE-2021-43331 mailman 6.1 CVE-2021-42717 mod_security 7.5 CVE-2021-42550 logback 6.6 CVE-2021-4048 lapack 5.9 CVE-2021-39226 grafana 7.3 CVE-2021-37623 exiv2 5.5 CVE-2021-37622 exiv2 5.5 CVE-2021-37621 exiv2 5.5 CVE-2021-37620 exiv2 5.5 CVE-2021-37618 exiv2 5.5 CVE-2021-37616 exiv2 5.5 CVE-2021-37615 exiv2 5.5 CVE-2021-35648 mysql 4.9 CVE-2021-35647 mysql 4.9 CVE-2021-35646 mysql 4.9 CVE-2021-35645 mysql 4.9 CVE-2021-35644 mysql 4.9 CVE-2021-35643 mysql 4.9 CVE-2021-35642 mysql 4.9 CVE-2021-35641 mysql 4.9 CVE-2021-35640 mysql 2.7 CVE-2021-35639 mysql 4.9 CVE-2021-35638 mysql 4.9 CVE-2021-35637 mysql 4.9 CVE-2021-35636 mysql 4.9 CVE-2021-35635 mysql 4.9 CVE-2021-35634 mysql 4.9 CVE-2021-35633 mysql 2.7 CVE-2021-35632 mysql 4.4 CVE-2021-35631 mysql 4.9 CVE-2021-35630 mysql 4.9 CVE-2021-35628 mysql 4.9 CVE-2021-35627 mysql 4.9 CVE-2021-35626 mysql 4.9 CVE-2021-35625 mysql 2.7 CVE-2021-35624 mysql 4.9 CVE-2021-35623 mysql 2.7 CVE-2021-35622 mysql 4.9 CVE-2021-35621 mysql 6.3 CVE-2021-35618 mysql 1.8 CVE-2021-35612 mysql 5.5 CVE-2021-35610 mysql 7.1 CVE-2021-35608 mysql 5.3 CVE-2021-35607 mysql 6.5 CVE-2021-35604 mysql 5.5 CVE-2021-35602 mysql 5 CVE-2021-35597 mysql 6.5 CVE-2021-35596 mysql 4.9 CVE-2021-35591 mysql 4.9 CVE-2021-35577 mysql 4.9 CVE-2021-35575 mysql 4.9 CVE-2021-35546 mysql 4.9 CVE-2021-34335 exiv2 5.5 CVE-2021-34334 exiv2 5.5 CVE-2021-32815 exiv2 5.5 CVE-2021-31292 exiv2 7.5 CVE-2021-2481 mysql 6.5 CVE-2021-2479 mysql 4.9 CVE-2021-2478 mysql 4.9 CVE-2021-2471 mysql 5.9 CVE-2019-13504 exiv2 6.5 CVE-2019-13108 exiv2 6.5 CVE-2021-4011 xorg-x11-server 7.8 CVE-2021-4010 xorg-x11-server 7.8 CVE-2021-4009 xorg-x11-server 7.8 CVE-2021-4008 xorg-x11-server 7.8 CVE-2022-2735 pcs 7.8 CVE-2021-41099 redis5 7.5 CVE-2021-41099 redis6 7.5 CVE-2021-39358 gfbgraph 5.9 CVE-2021-32762 redis5 8.8 CVE-2021-32762 redis6 8.8 CVE-2021-32687 redis5 7.5 CVE-2021-32687 redis6 7.5 CVE-2021-32675 redis5 7.5 CVE-2021-32675 redis6 7.5 CVE-2021-32628 redis5 7.5 CVE-2021-32628 redis6 7.5 CVE-2021-32627 redis5 7.5 CVE-2021-32627 redis6 7.5 CVE-2021-32626 redis5 8.8 CVE-2020-36403 htslib 8.8 Bugfix： issue 仓库 #I5RPNP:spec文件里recommend了help文件，事实上不需要该依赖<https://gitee.com/open_euler/dashboard?issue_id=I5RPNP> python3 #I5RPRZ:spec文件里recommend了help文件，事实上不需要该依赖<https://gitee.com/open_euler/dashboard?issue_id=I5RPRZ> libxml2 #I5QU41:安全扫描出postfix的许多文件需要对rpath进行处理<https://gitee.com/open_euler/dashboard?issue_id=I5QU41> postfix #I5NUO6:注意spec中changelog撰写规范<https://gitee.com/open_euler/dashboard?issue_id=I5NUO6> libproxy #I5RV05:spec文件里recommend了help文件，事实上不需要该依赖<https://gitee.com/open_euler/dashboard?issue_id=I5RV05> libseccomp #I5O7IX:【openEuler-20.03-LTS-SP3 】[arm/x86]traffic_layout remove core dump<https://gitee.com/open_euler/dashboard?issue_id=I5O7IX> trafficserver #I5QPA1:【openEuler-20.03-LTS-sp3】【arm/x86】passenger 软件包命令行执行报错<https://gitee.com/open_euler/dashboard?issue_id=I5QPA1> passenger #I5SEBM:update oec hardware version to 1.1.2-4<https://gitee.com/open_euler/dashboard?issue_id=I5SEBM> oec-hardware openEuler-20.03-LTS-SP3版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3 https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3:Epol openEuler-20.03-LTS-SP3 Update版本发布源链接： https://repo.openeuler.org/openEuler-20.03-LTS-SP3/update/ https://repo.openeuler.org/openEuler-20.03-LTS-SP3/EPOL/update/main/ openEuler CVE 及安全公告公示链接： https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-20.03-LTS-SP3 Update版本待修复问题清单公示：任务ID 任务标题关联仓库 SIG I4QV7S 【openEuler-20.03-LTS-SP3】flink run 命令执行失败 flink sig-bigdata I4RVHE losetup : 当loop设备编号超过7位时，losetup命令无法操作该设备 util-linux Base-service I4UMEV [openEuler 20.03-LTS SP3]openEuler开启crash_kexec_post_notifiers后，panic通知链无法完全遍历 kernel Kernel I5IGAS 【20.03-SP3】【x86/arm】epol源下的opencryptoki、opencryptoki-devel软件包安装报错，gpg检查失败 opencryptoki dev-utils I5IGOR 【20.03-SP3】【x86/arm】epol源下的fluidsynth、fluidsynth-devel、fluidsynth-help软件包安装报错，gpg检查失败 fluidsynth Application I5JBJ9 【20.03 SP3_EPOL_update20220727】ovirt-engine-backend包卸载过程的告警信息需要优化 ovirt-engine oVirt I5JLNF 【20.03 SP3 update 20220727】【arm/x86】ovirt-websocket-proxy.service服务启动失败 ovirt-engine oVirt I5JLRQ 【20.03 SP3 update 20220727】【arm/x86】ovirt-engine-notifier.service服务启动失败 ovirt-engine oVirt I5KXUY 【20.03 LTS SP3 update 20220803】【arm/x86】ovirt-cockpit-sso.service服务启动失败 ovirt-cockpit-sso oVirt I5KY4S 【20.03 LTS SP3 update 20220803】【arm/x86】vdsmd.service服务启动失败，导致mom-vdsm.service服务无法启动成功 vdsm oVirt I5LYJK 【20.03-sp3_update20220801】【x86】对内核版进行升级后，TCP_option_address安装异常 TCP_option_address Kernel I5NU6W [20.03-LTS-SP3]dnf无法安装libtirpc-devel dnf sig-OS-Builder I5PHJA [20.03-LTS-SP3]spec文件存在软件包编译依赖自身，且打包包含系统环境文件 hunspell Desktop I5PT12 [20.03-LTS-SP3]spec文件存在软件包编译依赖自身，且打包包含系统环境文件 ima-evm-utils Base-service I5PUIA [20.03-LTS-SP3]spec文件存在软件包编译依赖自身，且打包包含系统环境文件 qrencode Desktop I5RHBG 【20.03_SP3】【arm/x86】iSulad降级时依赖包未同步降级，导致依赖包版本不匹配出现报错 iSulad iSulad I5SCLC 【20.03 SP3】selinux-policy卸载异常 selinux-policy sig-security-facility I5SS97 【openEuler-20.03-SP3】[arm/x86]trafficserver指定配置文件进行查看/扫描失败 trafficserver Networking openEuler-22.03-LTS Update 20220919 经各SIG及社区开发者贡献，本周openEuler-22.03-LTS修复版本已知问题8个，已知漏洞18个。目前版本分支剩余待修复缺陷11个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I5ROW1?from=project-i… CVE修复： CVE 仓库 CVSS评分 CVE-2017-3735 shim 5.3 CVE-2018-0732 shim 7.5 CVE-2020-1971 shim 5.9 CVE-2021-23840 shim 7.5 CVE-2021-3712 shim 7.4 CVE-2022-0778 shim 7.5 CVE-2022-29901 linux-sgx 9.8 CVE-2022-2520 libtiff 6.5 CVE-2022-26373 kernel 5.5 CVE-2022-2905 kernel 5.5 CVE-2022-2991 kernel 6.7 CVE-2022-3078 kernel 5.5 CVE-2022-40307 kernel 4.7 CVE-2022-27664 golang 7.5 CVE-2022-40674 expat 9.8 CVE-2022-36109 docker 6.3 CVE-2022-40320 libconfuse 8.8 CVE-2022-2735 pcs 7.8 Bugfix： issue 仓库 #I5RQKG:lws_service() triggered assert<https://gitee.com/open_euler/dashboard?issue_id=I5RQKG> libwebsockets #I5P7EI:【openEuler-22.09-RC3】【arm/x86】lxc 软件包 "-?" 参数执行返回"invalid option"<https://gitee.com/open_euler/dashboard?issue_id=I5P7EI> lxc #I5RQPC:删除daemon json中无用的字段<https://gitee.com/open_euler/dashboard?issue_id=I5RQPC> lcr #I5PEOK:【22.03_LTS_update0831】【arm/x86】iSulad包升级、降级过程存在错误信息<https://gitee.com/open_euler/dashboard?issue_id=I5PEOK> iSulad #I5QJZI:【openEuler-22.03-LTS】【arm/x86】passenger 软件包命令行执行报错<https://gitee.com/open_euler/dashboard?issue_id=I5QJZI> passenger #I5SEBM:update oec hardware version to 1.1.2-4<https://gitee.com/open_euler/dashboard?issue_id=I5SEBM> oec-hardware #I5DC4A:【OLK-5.10】内存扩展特性中添加指定内存页面换出、swapcache回收等功能<https://gitee.com/open_euler/dashboard?issue_id=I5DC4A> kernel #I5RUMQ:upgrade to jdk11.0.17-06<https://gitee.com/open_euler/dashboard?issue_id=I5RUMQ> openjdk-11 openEuler-22.03-LTS版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:22.03:LTS https://build.openeuler.org/project/show/openEuler:22.03:LTS:Epol openEuler-22.03-LTS Update版本发布源链接： https://repo.openeuler.org/openEuler-22.03-LTS/update/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/main/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… openEuler-22.03-LTS Update版本待修复问题清单公示：任务标题关联仓库 SIG firefox浏览器无法播放音频和视频 firefox Application 【openEuler 22.03-LTS】5.10内核执行ltp用例出现softlockup问题 kernel Kernel 【openEuler22.03】【arm】ltp执行proc01用例失败 kernel Kernel 升级iinstall-scripts包会导致系统启动异常 install-scripts sig-OS-Builder 【22.03 LTS update 20220727】ovirt-engine在update 20220727版本安装失败 ovirt-engine oVirt 【22.03_update20220727】【x86/arm】ovirt-engine源码包本地自编译失败，缺少编译依赖ovirt-jboss-modules-maven-plugin ovirt-engine oVirt libbluray build problem in openEuler:22.03:LTS libbluray Desktop libxshmfence build problem in openEuler:22.03:LTS libxshmfence Desktop yaffs2 build problem in openEuler:22.03:LTS yaffs2 sig-embedded [22.03-LTS]x86虚拟机卸载qxl模块，机器自动重启 kernel Kernel 【22.09 RC4】【arm/x86】package.ini中的redis_host配置为不存在的ip，重启pkgship服务失败，服务一直在尝试重启 pkgship sig-EasyLife 社区待修复漏洞： openEuler社区根据漏洞严重等级采取差异化的修复策略，请各个SIG 关注涉及CVE组件的修复情况。严重等级（Severity Rating）漏洞修复时长致命（Critical） 7天高（High） 14天中（Medium） 30天低（Low） 30天可参考社区安全委员会漏洞：https://gitee.com/openeuler/security-committee/wikis/%E7%A4%BE… 近14天将超期CVE: 漏洞编号 Issue ID 剩余天数 CVSS评分软件包责任SIG CVE-2022-2991 I5O6AA 0.37 6.7 risc-v-kernel sig-RISC-V CVE-2021-43767 I5O6QO 0.6 5.9 postgresql DB CVE-2022-38533 I5OCPG 1.15 5.5 mingw-binutils sig-compat-winapp CVE-2022-38533 I5OCPF 1.15 5.5 binutils Compiler CVE-2022-3170 I5QMYH 1.26 7.8 risc-v-kernel sig-RISC-V CVE-2022-2905 I5OCW4 1.42 5.5 risc-v-kernel sig-RISC-V CVE-2022-2840 I5RWZL 2.16 9.8 zephyr 　 CVE-2022-39955 I5S5XG 3.2 9.8 mod_security_crs Base-service CVE-2022-39956 I5S5YT 3.22 9.8 mod_security_crs Base-service CVE-2022-3202 I5QWJO 3.28 7.1 risc-v-kernel sig-RISC-V CVE-2022-36033 I5OPAV 4.29 　 jsoup sig-Java CVE-2022-34169 I5HV9H 4.37 7.5 openjdk-1.8.0 Compiler CVE-2020-35536 I5OS1X 4.74 5.5 mingw-gcc sig-compat-winapp CVE-2020-35536 I5OV75 4.95 5.5 gcc Compiler CVE-2022-3061 I5OVRO 5.01 5.5 risc-v-kernel sig-RISC-V CVE-2022-38126 I5OWHY 5.3 5.5 mingw-binutils sig-compat-winapp CVE-2022-38126 I5OWHX 5.3 5.5 binutils Compiler CVE-2022-38128 I5OWIK 5.38 5.5 mingw-binutils sig-compat-winapp CVE-2022-38128 I5OWIJ 5.38 5.5 binutils Compiler CVE-2022-38127 I5OWII 5.38 5.5 mingw-binutils sig-compat-winapp CVE-2022-38127 I5OWIH 5.38 5.5 binutils Compiler CVE-2022-28321 I5SND3 5.39 9.8 pam sig-security-facility CVE-2022-1976 I5RGF6 5.83 7.8 risc-v-kernel sig-RISC-V CVE-2022-40150 I5RJ5B 6 7.5 jettison dev-utils CVE-2022-40149 I5RJ57 6 7.5 jettison dev-utils CVE-2022-3176 I5RJNX 6.16 7.8 risc-v-kernel sig-RISC-V CVE-2022-3176 I5RJNS 6.16 7.8 kernel Kernel CVE-2022-32087 I5RJTQ 6.22 7.5 mariadb DB CVE-2022-32091 I5RJTP 6.22 7.5 mariadb DB CVE-2022-32085 I5RJTO 6.22 7.5 mariadb DB CVE-2022-32084 I5RJTN 6.22 7.5 mariadb DB CVE-2022-32088 I5RJTM 6.22 7.5 mariadb DB CVE-2022-32083 I5RJTF 6.22 7.5 mariadb DB CVE-2022-35940 I5RJXA 6.41 7.5 tensorflow sig-ai CVE-2022-35935 I5RJX4 6.41 7.5 tensorflow sig-ai CVE-2022-35952 I5RJX0 6.41 7.5 tensorflow sig-ai CVE-2022-35963 I5RJWZ 6.41 7.5 tensorflow sig-ai CVE-2022-1841 I5P3I2 6.41 5.3 zephyr 　 CVE-2022-35986 I5RJYX 6.54 7.5 tensorflow sig-ai CVE-2022-35985 I5RJYN 6.54 7.5 tensorflow sig-ai CVE-2022-35994 I5RJYJ 6.54 7.5 tensorflow sig-ai CVE-2022-35983 I5RJYE 6.54 7.5 tensorflow sig-ai CVE-2022-35970 I5RJYB 6.54 7.5 tensorflow sig-ai CVE-2022-35971 I5RJY8 6.54 7.5 tensorflow sig-ai CVE-2022-35989 I5RJY2 6.54 7.5 tensorflow sig-ai CVE-2022-35991 I5RJXY 6.54 7.5 tensorflow sig-ai CVE-2022-35984 I5RJXX 6.54 7.5 tensorflow sig-ai CVE-2022-35965 I5RJXV 6.54 7.5 tensorflow sig-ai CVE-2022-36014 I5RKJ5 6.63 7.5 tensorflow sig-ai CVE-2022-36000 I5RKIO 6.63 7.5 tensorflow sig-ai CVE-2022-36002 I5RKI5 6.63 7.5 tensorflow sig-ai CVE-2022-36018 I5RKHT 6.63 7.5 tensorflow sig-ai CVE-2022-36003 I5RKHE 6.63 7.5 tensorflow sig-ai CVE-2022-36026 I5RKGS 6.63 7.5 tensorflow sig-ai CVE-2022-36017 I5RKGF 6.63 7.5 tensorflow sig-ai CVE-2022-36013 I5RKG9 6.63 7.5 tensorflow sig-ai CVE-2022-36005 I5RKFV 6.63 7.5 tensorflow sig-ai CVE-2022-36019 I5RKFQ 6.63 7.5 tensorflow sig-ai CVE-2022-36011 I5RKFB 6.63 7.5 tensorflow sig-ai CVE-2022-36027 I5RKF9 6.63 7.5 tensorflow sig-ai CVE-2022-36001 I5RKF2 6.63 7.5 tensorflow sig-ai CVE-2022-36016 I5RKES 6.63 7.5 tensorflow sig-ai CVE-2022-36015 I5RKEN 6.63 7.5 tensorflow sig-ai CVE-2022-35990 I5RKNH 6.64 7.5 tensorflow sig-ai CVE-2022-35998 I5RKN6 6.64 7.5 tensorflow sig-ai CVE-2022-35979 I5RKMX 6.64 7.5 tensorflow sig-ai CVE-2022-35967 I5RKMV 6.64 7.5 tensorflow sig-ai CVE-2022-35941 I5RKMP 6.64 7.5 tensorflow sig-ai CVE-2022-35959 I5RKMG 6.64 7.5 tensorflow sig-ai CVE-2022-35964 I5RKME 6.64 7.5 tensorflow sig-ai CVE-2022-35934 I5RKM5 6.64 7.5 tensorflow sig-ai CVE-2022-35966 I5RKM0 6.64 7.5 tensorflow sig-ai CVE-2022-35992 I5RKLN 6.64 7.5 tensorflow sig-ai CVE-2022-35988 I5RKLI 6.64 7.5 tensorflow sig-ai CVE-2022-35973 I5RKL2 6.64 7.5 tensorflow sig-ai CVE-2022-35999 I5RKKW 6.64 7.5 tensorflow sig-ai CVE-2022-35993 I5RKKT 6.64 7.5 tensorflow sig-ai CVE-2022-35972 I5RKKF 6.64 7.5 tensorflow sig-ai CVE-2022-36012 I5RKJX 6.64 7.5 tensorflow sig-ai CVE-2022-36004 I5RKJF 6.64 7.5 tensorflow sig-ai CVE-2022-35968 I5RKQP 6.65 7.5 tensorflow sig-ai CVE-2022-35960 I5RKQJ 6.65 7.5 tensorflow sig-ai CVE-2022-35995 I5RKPU 6.65 7.5 tensorflow sig-ai CVE-2022-35996 I5RKPE 6.65 7.5 tensorflow sig-ai CVE-2022-35981 I5RKP6 6.65 7.5 tensorflow sig-ai CVE-2022-35974 I5RKO5 6.65 7.5 tensorflow sig-ai CVE-2022-35969 I5RKO1 6.65 7.5 tensorflow sig-ai CVE-2022-35982 I5RKNU 6.65 7.5 tensorflow sig-ai CVE-2022-35987 I5RKNR 6.65 7.5 tensorflow sig-ai CVE-2022-35997 I5RKNK 6.65 7.5 tensorflow sig-ai CVE-2021-3714 I5RLWB 6.84 7.5 kernel Kernel CVE-2022-30550 I5RM9Q 6.91 8.8 dovecot Application CVE-2022-3077 I5PAV0 7.15 5.5 risc-v-kernel sig-RISC-V CVE-2020-27784 I5PB1F 7.36 5.5 risc-v-kernel sig-RISC-V CVE-2022-39190 I5PEDX 7.81 5.5 risc-v-kernel sig-RISC-V CVE-2022-39188 I5PEA3 7.81 4.7 risc-v-kernel sig-RISC-V CVE-2022-39188 I5PE9S 7.81 4.7 kernel Kernel CVE-2022-2226 I5PJ3N 8.64 　 thunderbird sig-desktop-apps CVE-2022-1798 I5PJ3L 8.64 6.5 kubevirt sig-CloudNative CVE-2021-25215 I5RQRE 8.65 7.5 dhcp Networking CVE-2022-36059 I5PJ90 8.67 　 thunderbird sig-desktop-apps CVE-2022-3034 I5PJ8X 8.67 　 thunderbird sig-desktop-apps CVE-2022-3033 I5PJ8V 8.67 　 thunderbird sig-desktop-apps CVE-2022-3032 I5PJ8P 8.67 　 thunderbird sig-desktop-apps CVE-2021-25220 I5RRPB 8.7 8.6 dhcp Networking CVE-2022-40023 I5RTRP 8.85 7.5 python-mako Base-service CVE-2022-32912 I5RX0A 9.17 8.8 webkit2gtk3 Desktop CVE-2022-32886 I5RX09 9.17 8.8 webkit2gtk3 Desktop CVE-2022-3239 I5RX5Z 9.28 7.8 risc-v-kernel sig-RISC-V CVE-2022-3239 I5RX5X 9.28 7.8 kernel Kernel CVE-2022-34917 I5RZUH 9.68 7.5 kafka sig-bigdata CVE-2022-39958 I5S5Y1 10.21 7.5 mod_security_crs Base-service CVE-2022-39957 I5S5ZB 10.22 7.5 mod_security_crs Base-service CVE-2018-3615 I5PRU5 10.9 　 microcode_ctl System-tool CVE-2022-2795 I5SEM1 11.16 7.5 bind Networking CVE-2022-38178 I5SELZ 11.16 7.5 bind Networking CVE-2022-38177 I5SELX 11.16 7.5 bind Networking CVE-2022-3080 I5SELJ 11.16 7.5 bind Networking CVE-2022-2906 I5SGK9 11.64 7.5 bind Networking CVE-2022-2881 I5SGJ9 11.64 8.2 bind Networking CVE-2022-38928 I5SMOS 12.04 7.8 poppler Desktop CVE-2022-3256 I5SN6M 12.16 7.8 vim Base-service CVE-2022-1292 I5QBRK 13.81 6.7 linux-sgx sig-confidential-computing CVE-2022-40307 I5QI0Z 14.79 4.7 risc-v-kernel sig-RISC-V CVE-2022-40307 I5QI0W 14.79 4.7 kernel Kernel openEuler 社区指导文档及开放平台链接： openEuler 版本分支维护规范： https://gitee.com/openeuler/release-management/blob/master/openEuler%E7%89%… openEuler release-management 版本分支PR指导： https://gitee.com/openeuler/release-management/blob/master/openEuler%E5%BC%… 社区QA 版本测试提单规范 https://gitee.com/openeuler/QA/blob/839f952696f271f83c018ccf3218cf493b92d65… 社区QA 测试平台 radiates https://radiatest.openeuler.org<https://radiatest.openeuler.org/> 车明道（openEuler release SIG） Mobile: +86 15345431107 中国(China)-杭州(Hangzhou)-滨江区江淑路360号华为杭州研发中心 HUAWEI , Jiangshu Road., Binjiang District, Hangzhou, P.R.China E-mail: chemingdao(a)huawei.com<mailto:chemingdao@huawei.com> [cid:image003.png@01D8D038.61EF7A60]Open Source OS for Digital Infrastructure 本邮件及其附件含有华为公司的保密信息，仅限于发送给上面地址中列出的个人或群组。禁止任何其他人以任何形式使用（包括但不限于全部或部分地泄露、复制、或散发）本邮件中的信息。如果您错收了本邮件，请您立即电话或邮件通知发件人并删除本邮件！ This e-mail and its attachments contain confidential information from HUAWEI, which is intended only for the person or entity whose address is listed above. Any use of the information contained herein in any way (including, but not limited to, total or partial disclosure, reproduction, or dissemination) by persons other than the intended recipient(s) is prohibited. If you receive this e-mail in error, please notify the sender by phone or email immediately and delete it

1 0

openEuler update_20220912 版本发布公告
by chemingdao 17 Sep '22

17 Sep '22

Dear all，经社区Release SIG、QA SIG及 CICD SIG 评估，openEuler-20.03-LTS-SP1、openEuler-20.03-LTS-SP3及openEuler-22.03-LTS update版本满足版本出口质量，现进行发布公示。本公示分为五部分： 1、openEuler-20.03-LTS-SP1 Update 20220912 发布情况及待修复缺陷 2、openEuler-20.03-LTS-SP3 Update 20220912 发布情况及待修复缺陷 3、openEuler-22.03-LTS Update 20220912 发布情况及待修复缺陷 4、openEuler 关键组件待修复CVE 清单 5、openEuler 社区指导文档及开放平台链接本次update版本发布后，下一个版本里程碑点（预计在2022/09/23）提供 update_20220919版本。 openEuler-20.03-LTS-SP1 Update 20220912 经各SIG及社区开发者贡献，本周openEuler-20.03-LTS-SP1修复版本已知问题7个，已知漏洞24个。目前版本分支剩余待修复缺陷75个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP1 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I5QMYB?from=project-i… CVE修复： CVE 仓库 CVSS 评分 CVE-2022-39177 bluez 6.8 CVE-2022-39176 bluez 8.8 CVE-2021-42523 colord 7.5 CVE-2022-2132 dpdk 8.6 CVE-2022-25310 fribidi 5.5 CVE-2022-25309 fribidi 5.5 CVE-2022-25308 fribidi 7.8 CVE-2022-39189 kernel 7.8 CVE-2022-3061 kernel 6.2 CVE-2022-2991 kernel 1 CVE-2022-2663 kernel 5.9 CVE-2020-27784 kernel 5.1 CVE-2020-35538 libjpeg-turbo 5.5 CVE-2022-2953 libtiff 5.5 CVE-2022-2521 libtiff 6.5 CVE-2022-2519 libtiff 6.5 CVE-2020-10735 python3 7.5 CVE-2021-33503 python-pip 7.5 CVE-2020-14394 qemu 3.2 CVE-2022-3153 vim 5.5 CVE-2022-3134 vim 7.8 CVE-2022-3099 vim 7.8 CVE-2021-3782 wayland 6.6 CVE-2022-24795 yajl 7.5 Bugfix： issue 仓库 #I5NUO9:注意spec中changelog撰写规范<https://gitee.com/open_euler/dashboard?issue_id=I5NUO9> lorax #I5NUO7:注意spec中changelog撰写规范<https://gitee.com/open_euler/dashboard?issue_id=I5NUO7> libserf #I5NUO6:注意spec中changelog撰写规范<https://gitee.com/open_euler/dashboard?issue_id=I5NUO6> libproxy #I5OYON:注意spec中changelog撰写规范<https://gitee.com/open_euler/dashboard?issue_id=I5OYON> libgpg-error #I5QR6C:【openEuler 20.03 LTS SP3】回合社区补丁，解决Windows虚拟机概率性无法启动<https://gitee.com/open_euler/dashboard?issue_id=I5QR6C> kernel #I5LS0U:changelog多个作者，影响编译，建议删除<https://gitee.com/open_euler/dashboard?issue_id=I5LS0U> GeoIP-GeoLite-data #I5GW3V:[合规提升]spec文件的License声明有歧义<https://gitee.com/open_euler/dashboard?issue_id=I5GW3V> anaconda-user-help openEuler-20.03-LTS-SP1版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1 https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1:Epol openEuler-20.03-LTS-SP1 Update版本发布源链接： https://repo.openeuler.org/openEuler-20.03-LTS-SP1/update/ https://repo.openeuler.org/openEuler-20.03-LTS-SP1/EPOL/update/ openEuler CVE 及安全公告公示链接： https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-20.03-LTS-SP1 Update版本待修复问题清单公示：任务ID 任务标题关联仓库 SIG I4CJX9 [20.03-LTS-SP1] 389-ds-base包下的部分命令-v参数不显示版本号 three-eight-nine-ds-base Application I4CM78 [20.03-LTS-SP1]389-ds-base和389-ds-base-legacy-tools包的部分命令执行返回No instances found in /etc/sysconfig three-eight-nine-ds-base Application I4CMKY [20.03-LTS-SP1]389-ds-base-legacy-tools包中dn2rdn -v未正常返回版本信息 three-eight-nine-ds-base Application I4M3KE [20.03-lts-sp1]卸载abrt-addon-ccpp报错：Failed to disable unit: Unit file abrt-ccpp.service does not exist. abrt Application I5GT2K 【20.03-SP1】【arm/x86】pcp-system-tools包下的pcp-mpstat命令执行报错 pcp Application I281C1 【fuzz】runtime error: libsass Base-service I4G5TL stack-buffer-overflow in redisvFormatCommand hiredis Base-service I4G5U2 AddressSanitizer CHECK failed in sdscatvprintf hiredis Base-service I4G5UN SEGV in redisvFormatCommand hiredis Base-service I4G5WG AddressSanitizer CHECK failed in sdscatlen hiredis Base-service I4G5XO Attempting free wild-addr in hi_free hiredis Base-service I4KT2A integer overflow in luaV_execute lua Base-service I4KT3D integer overflow in intarith lua Base-service I4KT3Q Division by zero in luaV_execute lua Base-service I4KT40 Timeout in luaV_finishget lua Base-service I5QE7L 【20.03 SP1 update20220907】批量安装 update20220907中的包后reboot失败，打印出libsystemd-shared-243.so相关信息并持续刷屏，无法启动 systemd Base-service I5QPB7 【openEuler-20.03-LTS-SP1】【arm/x86】passenger 软件包命令行执行报错 passenger Base-service I4G4A5 Undefine-shift in _bfd_safe_read_leb128 binutils Compiler I4G4AL Undefine-shift in unw_decode_uleb128 binutils Compiler I4G4B1 Integer overflow in print_vms_time binutils Compiler I4G4VY memleak in parse_gnu_debugaltlink binutils Compiler I4G4WF Heap-buffer-overflow in slurp_hppa_unwind_table binutils Compiler I4G4WW Use-after-free in make_qualified_name binutils Compiler I4G4X6 memleak in byte_get_little_endian binutils Compiler I4G4XF memleak in process_mips_specific binutils Compiler I4G4Y0 out-of-memory in vms_lib_read_index binutils Compiler I4G4YJ Heap-buffer-overflow in bfd_getl16 binutils Compiler I4G4YP Heap-buffer-overflow in _bfd_vms_save_sized_string binutils Compiler I4G4YV Floating point exception in _bfd_vms_slurp_etir binutils Compiler I466R6 Stack overflow in pt::read_json() boost Computing I467MQ Stack overflow in pt::read_xml() boost Computing I467T6 Stack overflow in pt::read_info() boost Computing I4F8YQ integer overflow in start_input_bmp libjpeg-turbo Desktop I4F8ZI heap-buffer-overflow in get_word_rgb_row libjpeg-turbo Desktop I4F903 Unexpect-exit in start_input_tga libjpeg-turbo Desktop I4F913 Timeout in tjDecompress2 libjpeg-turbo Desktop I4FRSL Undefined-shift in bitset_set augeas Desktop I4FT5J Timeout in fa_from_re augeas Desktop I4FT5U stack overflow in fa_from_re augeas Desktop I4FT61 stack overflow in re_case_expand augeas Desktop I4FT67 memleaks in ref_make_ref augeas Desktop I4FT6B SEGV in re_case_expand augeas Desktop I4FT6F stack overflow in parse_concat_exp augeas Desktop I4FT7B stack overflow in calc_eclosure_iter augeas Desktop I4FT8E stack overflow in peek_token augeas Desktop I4FT8P stack overflow in parse_path_expr augeas Desktop I4FT97 Out of memory in ns_from_locpath augeas Desktop I4FT9A SEGV in eval_expr augeas Desktop I4FT9C SEGV in tree_prev augeas Desktop I4FT9G stack overflow in check_expr augeas Desktop I4FT9I stack overflow in free_expr augeas Desktop I5Q5D1 【20.03 SP1】ibus在sp1分支安装有异常告警 ibus Desktop I5IG6K 【20.03-SP1】【x86/arm】epol源下的opencryptoki、opencryptoki-devel软件包安装报错，gpg检查失败 opencryptoki dev-utils I4NNTR [SP1][x86/arm]执行isula pull busybox,报错"fetch and parse manifest failed" iSulad iSulad I4O16Z 【SP1_update/arm】安装kernel-4.19.90-2108版本有错误提示信息 kernel Kernel I5JNSL 【20.03 SP1 update 20220727】【arm】htcacheclean.service服务启动之后，日志中提示”Can't open PID file /run/httpd/htcacheclean/pid“ httpd Networking I437CR [SP1][arm/x86]obs-server包下11个服务启动关闭，出现报错 obs-server Others I43OSX [clamav] 执行clamscan --statistics pcre命令会出现error，但是最终返回码为0 clamav Others I47I56 yum升级出现dkms的错误告警打印 dkms Others I4OLAW 【20.03-LTS-SP1】【arm/x86】gcc_secure脚本中的exclude字段判断它期望排除gcc包，但实际上它依然会影响到gcc的构建 gcc_secure Others I48GIM 【20.03LTS SP1 update 210901】ovirt-cockpit-sso.service服务启动失败 ovirt-cockpit-sso oVirt I5JHX2 【20.03 SP1 update 20220727】ovirt-engine在update 20220727版本安装失败 ovirt-engine oVirt I490MU Uncaught exception in get_tokens_unprocessed python-pygments Programming-language I4QV6N 【openEuler-20.03-LTS-SP1】flink命令执行失败 flink sig-bigdata I5IG1V 【20.03-SP1】【x86/arm】epol源下的efl、efl-devel软件包安装报错，gpg检查失败 efl sig-compat-winapp I5O40D 【20.03 SP1】linux-sgx-driver在20.03 SP1分支安装有异常告警 linux-sgx-driver sig-confidential-computing I4JMG4 【20.03 SP1】【arm/x86】robotframework包的三个命令：libdoc、rebot、robot执行--help/-h/-?/--version，查看帮助信息和版本信息，返回值为251 python-robotframework sig-ROS I44RHB large loop in OBJ_obj2txt openssl sig-security-facility I44RIX large loop in bn_lshift_fixed_top openssl sig-security-facility I4K6ES stack-buffer-overflow in UINT32_Marshal libtpms sig-security-facility I4K6FU global-buffer-overflow in Array_Marshal libtpms sig-security-facility I4K6R7 memleak in wrap_nettle_mpi_init gnutls sig-security-facility I4K6UI Timeout in _asn1_find_up gnutls sig-security-facility I5G81X 【20.03 SP1】selinux-policy卸载异常 selinux-policy sig-security-facility I4NO1Z 【SP1-arm/x86】openhpi升级有报错信息 openhpi System-tool openEuler-20.03-LTS-SP3 Update 20220912 经各SIG及社区开发者贡献，本周openEuler-20.03-LTS-SP3修复版本已知问题11个，已知漏洞24个。目前版本分支剩余待修复缺陷18个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP3 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I5QMYC?from=project-i… CVE修复：需求类型软件包 CVSS 评分 CVE-2022-39177 bluez 6.8 CVE-2022-39176 bluez 8.8 CVE-2021-42523 colord 7.5 CVE-2022-2132 dpdk 8.6 CVE-2022-25310 fribidi 5.5 CVE-2022-25309 fribidi 5.5 CVE-2022-25308 fribidi 7.8 CVE-2022-39189 kernel 7.8 CVE-2022-3061 kernel 6.2 CVE-2022-2991 kernel 1 CVE-2022-2663 kernel 5.9 CVE-2020-27784 kernel 5.1 CVE-2020-35538 libjpeg-turbo 5.5 CVE-2022-2953 libtiff 5.5 CVE-2022-2521 libtiff 6.5 CVE-2022-2519 libtiff 6.5 CVE-2020-10735 python3 7.5 CVE-2021-33503 python-pip 7.5 CVE-2020-14394 qemu 3.2 CVE-2022-3153 vim 5.5 CVE-2022-3134 vim 7.8 CVE-2022-3099 vim 7.8 CVE-2021-3782 wayland 6.6 CVE-2022-24795 yajl 7.5 Bugfix： issue 仓库 #I5NUO9:注意spec中changelog撰写规范<https://gitee.com/open_euler/dashboard?issue_id=I5NUO9> lorax #I5R56Z:【软件升级】openEuler-20.03-LTS-SP3 版本libwebsockets软件升级至4.3.0<https://gitee.com/open_euler/dashboard?issue_id=I5R56Z> libwebsockets #I5NUO7:注意spec中changelog撰写规范<https://gitee.com/open_euler/dashboard?issue_id=I5NUO7> libserf #I5OYON:注意spec中changelog撰写规范<https://gitee.com/open_euler/dashboard?issue_id=I5OYON> libgpg-error #I5R58W:同步上游openeuler lcr修改代码<https://gitee.com/open_euler/dashboard?issue_id=I5R58W> lcr #I5QR6C:【openEuler 20.03 LTS SP3】回合社区补丁，解决Windows虚拟机概率性无法启动<https://gitee.com/open_euler/dashboard?issue_id=I5QR6C> kernel #I5R5AS:isulad同步上游openeuler stable代码<https://gitee.com/open_euler/dashboard?issue_id=I5R5AS> iSulad #I5LFLY:Isula在容器环境中Home环境变量值异常<https://gitee.com/open_euler/dashboard?issue_id=I5LFLY> iSulad #I5LS0U:changelog多个作者，影响编译，建议删除<https://gitee.com/open_euler/dashboard?issue_id=I5LS0U> GeoIP-GeoLite-data #I5R5A0:clibcni版本升级至2.0.7<https://gitee.com/open_euler/dashboard?issue_id=I5R5A0> clibcni #I5GW3V:[合规提升]spec文件的License声明有歧义<https://gitee.com/open_euler/dashboard?issue_id=I5GW3V> anaconda-user-help openEuler-20.03-LTS-SP3版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3 https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3:Epol openEuler-20.03-LTS-SP3 Update版本发布源链接： https://repo.openeuler.org/openEuler-20.03-LTS-SP3/update/ https://repo.openeuler.org/openEuler-20.03-LTS-SP3/EPOL/update/main/ openEuler CVE 及安全公告公示链接： https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-20.03-LTS-SP3 Update版本待修复问题清单公示：任务ID 任务标题关联仓库 SIG I4OLHP 【20.03-LTS-SP3】【arm/x86】gcc_secure脚本中的exclude字段判断它期望排除gcc包，但实际上它依然会影响到gcc的构建 gcc_secure Others I4QV7S 【openEuler-20.03-LTS-SP3】flink run 命令执行失败 flink sig-bigdata I4RVHE losetup : 当loop设备编号超过7位时，losetup命令无法操作该设备 util-linux Base-service I4UMEV [openEuler 20.03-LTS SP3]openEuler开启crash_kexec_post_notifiers后，panic通知链无法完全遍历 kernel Kernel I5IGAS 【20.03-SP3】【x86/arm】epol源下的opencryptoki、opencryptoki-devel软件包安装报错，gpg检查失败 opencryptoki dev-utils I5IGOR 【20.03-SP3】【x86/arm】epol源下的fluidsynth、fluidsynth-devel、fluidsynth-help软件包安装报错，gpg检查失败 fluidsynth Application I5JBJ9 【20.03 SP3_EPOL_update20220727】ovirt-engine-backend包卸载过程的告警信息需要优化 ovirt-engine oVirt I5JLNF 【20.03 SP3 update 20220727】【arm/x86】ovirt-websocket-proxy.service服务启动失败 ovirt-engine oVirt I5JLRQ 【20.03 SP3 update 20220727】【arm/x86】ovirt-engine-notifier.service服务启动失败 ovirt-engine oVirt I5KXUY 【20.03 LTS SP3 update 20220803】【arm/x86】ovirt-cockpit-sso.service服务启动失败 ovirt-cockpit-sso oVirt I5KY4S 【20.03 LTS SP3 update 20220803】【arm/x86】vdsmd.service服务启动失败，导致mom-vdsm.service服务无法启动成功 vdsm oVirt I5LYJK 【20.03-sp3_update20220801】【x86】对内核版进行升级后，TCP_option_address安装异常 TCP_option_address Kernel I5NU6W [20.03-LTS-SP3]dnf无法安装libtirpc-devel dnf sig-OS-Builder I5PH70 [20.03-LTS-SP3]spec文件存在软件包编译依赖自身，且打包包含系统环境文件 brltty Desktop I5PHJA [20.03-LTS-SP3]spec文件存在软件包编译依赖自身，且打包包含系统环境文件 hunspell Desktop I5PT12 [20.03-LTS-SP3]spec文件存在软件包编译依赖自身，且打包包含系统环境文件 ima-evm-utils Base-service I5PUIA [20.03-LTS-SP3]spec文件存在软件包编译依赖自身，且打包包含系统环境文件 qrencode Desktop I5QPA1 【openEuler-20.03-LTS-sp3】【arm/x86】passenger 软件包命令行执行报错 passenger Base-service openEuler-22.03-LTS Update 20220912 经各SIG及社区开发者贡献，本周openEuler-22.03-LTS修复版本已知问题10个，已知漏洞26个。目前版本分支剩余待修复缺陷16个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I5QMYD?from=project-i… CVE修复： CVE 仓库 score CVE-2022-39176 bluez 8.8 CVE-2022-39177 bluez 6.8 CVE-2021-42523 colord 7.5 CVE-2022-2132 dpdk 8.6 CVE-2022-25308 fribidi 7.8 CVE-2022-25309 fribidi 5.5 CVE-2022-25310 fribidi 5.5 CVE-2022-2663 kernel 5.9 CVE-2022-3061 kernel 6.2 CVE-2022-39189 kernel 7.8 CVE-2022-39190 kernel 5.5 CVE-2022-39842 kernel 6.7 CVE-2022-2519 libtiff 6.5 CVE-2022-2521 libtiff 6.5 CVE-2022-2953 libtiff 5.5 CVE-2020-10735 python3 7.5 CVE-2021-33503 python-pip 7.5 CVE-2021-33503 python-pip 7.5 CVE-2020-14394 qemu 3.2 CVE-2022-3099 vim 7.8 CVE-2022-3134 vim 7.8 CVE-2022-3134 vim 7.8 CVE-2022-3153 vim 5.5 CVE-2022-3153 vim 5.5 CVE-2021-3782 wayland 6.6 CVE-2022-24795 yajl 7.5 Bugfix： issue 仓库 #I5GW3V:[合规提升]spec文件的License声明有歧义<https://gitee.com/open_euler/dashboard?issue_id=I5GW3V> anaconda-user-help #I5BFKM:[openEuler-22.03-LTS]ARM环境，bpftrace安装后执行coredump<https://gitee.com/open_euler/dashboard?issue_id=I5BFKM> bpftrace #I5LS0U:changelog多个作者，影响编译，建议删除<https://gitee.com/open_euler/dashboard?issue_id=I5LS0U> GeoIP-GeoLite-data #I5OYON:注意spec中changelog撰写规范<https://gitee.com/open_euler/dashboard?issue_id=I5OYON> libgpg-error #I5NUO6:注意spec中changelog撰写规范<https://gitee.com/open_euler/dashboard?issue_id=I5NUO6> libproxy #I5NUO7:注意spec中changelog撰写规范<https://gitee.com/open_euler/dashboard?issue_id=I5NUO7> libserf #I5R043:修改sqlite.spec文件，将autoconf移入%build步骤<https://gitee.com/open_euler/dashboard?issue_id=I5R043> sqlite #I5OT3G:回合上游补丁,对于非致命信号添加SA_RESTART，避免损坏pcap二进制字节流输出 (sync from https://gitee.com/src-openeuler/tcpdump/pulls/19)<https://gitee.com/open_euler/dashboard?issue_id=I5OT3G> tcpdump #I5PFGJ:Update changelog release<https://gitee.com/open_euler/dashboard?issue_id=I5PFGJ> tcpdump #I5QJTG:【22.03LTS】修改unixODBC.spec文件，将autoconf移入%build步骤<https://gitee.com/open_euler/dashboard?issue_id=I5QJTG> unixODBC openEuler-22.03-LTS版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:22.03:LTS https://build.openeuler.org/project/show/openEuler:22.03:LTS:Epol openEuler-22.03-LTS Update版本发布源链接： https://repo.openeuler.org/openEuler-22.03-LTS/update/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/main/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… openEuler-22.03-LTS Update版本待修复问题清单公示：任务ID 任务标题关联仓库 SIG I51DP2 firefox浏览器无法播放音频和视频 firefox Application I5LKKX libbluray build problem in openEuler:22.03:LTS libbluray Desktop I5LKM6 libxshmfence build problem in openEuler:22.03:LTS libxshmfence Desktop I5PEOK 【22.03_LTS_update0831】【arm/x86】iSulad包升级、降级过程存在错误信息 iSulad iSulad I5E2N2 【openEuler 22.03-LTS】5.10内核执行ltp用例出现softlockup问题 kernel Kernel I5F3QI 【openEuler22.03】【arm】ltp执行proc01用例失败 kernel Kernel I5Q4S3 [22.03-LTS]x86虚拟机卸载qxl模块，机器自动重启 kernel Kernel I5LKQ9 obs-server build problem in openEuler:22.03:LTS obs-server Others I5JIA6 【22.03 LTS update 20220727】ovirt-engine在update 20220727版本安装失败 ovirt-engine oVirt I5JPII 【22.03_update20220727】【x86/arm】ovirt-engine源码包本地自编译失败，缺少编译依赖ovirt-jboss-modules-maven-plugin ovirt-engine oVirt I5LKR3 perl-Software-License build problem in openEuler:22.03:LTS perl-Software-License Programming-language I5LKVE socket_wrapper build problem in openEuler:22.03:LTS socket_wrapper Programming-language I5LKY8 yaffs2 build problem in openEuler:22.03:LTS yaffs2 sig-embedded I5LKHK glassfish-hk2 build problem in openEuler:22.03:LTS glassfish-hk2 sig-Java I5G9CY 升级iinstall-scripts包会导致系统启动异常 install-scripts sig-OS-Builder I5LKS8 rubygem-puma build problem in openEuler:22.03:LTS rubygem-puma sig-ruby 社区待修复漏洞： openEuler社区根据漏洞严重等级采取差异化的修复策略，请各个SIG 关注涉及CVE组件的修复情况。严重等级（Severity Rating）漏洞修复时长致命（Critical） 7天高（High） 14天中（Medium） 30天低（Low） 30天可参考社区安全委员会漏洞：https://gitee.com/openeuler/security-committee/wikis/%E7%A4%BE… 近14天将超期CVE: 漏洞编号 Issue ID 剩余天数 CVSS评分软件包责任SIG CVE-2022-2873 I5MZPG 0.07 5.5 risc-v-kernel sig-RISC-V CVE-2022-1122334 I5N6VL 1 　 risc-v-kernel sig-RISC-V CVE-2021-43612 I5N8O6 1.72 　 openvswitch Networking CVE-2022-39842 I5PRMW 1.97 7.8 risc-v-kernel sig-RISC-V CVE-2022-3202 I5QWJO 10.37 7.1 risc-v-kernel sig-RISC-V CVE-2022-3202 I5QWJN 10.37 7.1 kernel Kernel CVE-2018-0732 I5QX9V 10.7 7.5 shim Base-service CVE-2021-23840 I5QX98 10.7 7.5 shim Base-service CVE-2022-0778 I5QX8U 10.7 7.5 shim Base-service CVE-2021-3712 I5QX89 10.7 7.4 shim Base-service CVE-2022-36033 I5OPAV 11.38 　 jsoup sig-Java CVE-2022-28199 I5OQSE 11.73 6.5 dpdk sig-high-performance-network CVE-2020-35536 I5OS1X 11.83 5.5 mingw-gcc sig-compat-winapp CVE-2022-32190 I5RAQW 12.03 7.5 golang sig-golang CVE-2020-35536 I5OV75 12.04 5.5 gcc Compiler CVE-2022-3061 I5OVRO 12.09 5.5 risc-v-kernel sig-RISC-V CVE-2022-3061 I5OVRU 12.1 6.2 kernel Kernel CVE-2022-38126 I5OWHY 12.39 5.5 mingw-binutils sig-compat-winapp CVE-2022-38126 I5OWHX 12.39 5.5 binutils Compiler CVE-2022-38128 I5OWIK 12.47 5.5 mingw-binutils sig-compat-winapp CVE-2022-38128 I5OWIJ 12.47 5.5 binutils Compiler CVE-2022-38127 I5OWII 12.47 5.5 mingw-binutils sig-compat-winapp CVE-2022-38127 I5OWIH 12.47 5.5 binutils Compiler CVE-2022-2663 I5OWZ7 12.69 5.9 kernel Kernel CVE-2022-1976 I5RGF6 12.92 7.8 risc-v-kernel sig-RISC-V CVE-2022-1976 I5RG9U 12.92 7.8 kernel Kernel CVE-2022-3176 I5RJNX 13.25 7.8 risc-v-kernel sig-RISC-V CVE-2022-3176 I5RJNS 13.25 7.8 kernel Kernel CVE-2022-32087 I5RJTQ 13.31 7.5 mariadb DB CVE-2022-32091 I5RJTP 13.31 7.5 mariadb DB CVE-2022-32085 I5RJTO 13.31 7.5 mariadb DB CVE-2022-32084 I5RJTN 13.31 7.5 mariadb DB CVE-2022-32088 I5RJTM 13.31 7.5 mariadb DB CVE-2022-32083 I5RJTF 13.31 7.5 mariadb DB CVE-2022-1841 I5P3I2 13.5 5.3 zephyr 　 openEuler 社区指导文档及开放平台链接： openEuler 版本分支维护规范： https://gitee.com/openeuler/release-management/blob/master/openEuler%E7%89%… openEuler release-management 版本分支PR指导： https://gitee.com/openeuler/release-management/blob/master/openEuler%E5%BC%… 社区QA 版本测试提单规范 https://gitee.com/openeuler/QA/blob/839f952696f271f83c018ccf3218cf493b92d65… 社区QA 测试平台 radiates https://radiatest.openeuler.org<https://radiatest.openeuler.org/> 车明道（openEuler release SIG） Mobile: +86 15345431107 中国(China)-杭州(Hangzhou)-滨江区江淑路360号华为杭州研发中心 HUAWEI , Jiangshu Road., Binjiang District, Hangzhou, P.R.China E-mail: chemingdao(a)huawei.com<mailto:chemingdao@huawei.com> [cid:image002.png@01D8CA8A.2A5FD210]Open Source OS for Digital Infrastructure 本邮件及其附件含有华为公司的保密信息，仅限于发送给上面地址中列出的个人或群组。禁止任何其他人以任何形式使用（包括但不限于全部或部分地泄露、复制、或散发）本邮件中的信息。如果您错收了本邮件，请您立即电话或邮件通知发件人并删除本邮件！ This e-mail and its attachments contain confidential information from HUAWEI, which is intended only for the person or entity whose address is listed above. Any use of the information contained herein in any way (including, but not limited to, total or partial disclosure, reproduction, or dissemination) by persons other than the intended recipient(s) is prohibited. If you receive this e-mail in error, please notify the sender by phone or email immediately and delete it

1 0

openEuler update_20220905 版本发布公告
by chemingdao 09 Sep '22

09 Sep '22

Dear all，经社区Release SIG、QA SIG及 CICD SIG 评估，openEuler-20.03-LTS-SP1、openEuler-20.03-LTS-SP3及openEuler-22.03-LTS update版本满足版本出口质量，现进行发布公示。本公示分为五部分： 1、openEuler-20.03-LTS-SP1 Update 20220905 发布情况及待修复缺陷 2、openEuler-20.03-LTS-SP3 Update 20220905 发布情况及待修复缺陷 3、openEuler-22.03-LTS Update 20220905 发布情况及待修复缺陷 4、openEuler 关键组件待修复CVE 清单 5、openEuler 社区指导文档及开放平台链接本次update版本发布后，下一个版本里程碑点（预计在2022/09/16）提供 update_20220913版本。 openEuler-20.03-LTS-SP1 Update 20220905 经各SIG及社区开发者贡献，本周openEuler-20.03-LTS-SP1修复版本已知问题46个，已知漏洞17个。目前版本分支剩余待修复缺陷74个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP1 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I5PM5T?from=project-i… CVE修复： CVE 仓库 CVSS评分 CVE-2022-38784 poppler 7.8 CVE-2022-35252 curl 3.1 CVE-2022-33070 sudo 5.5 CVE-2022-2097 intel-sgx-ssl 7.5 CVE-2022-2097 linux-sgx 7.5 CVE-2022-2068 intel-sgx-ssl 9.8 CVE-2022-2068 linux-sgx 9.8 CVE-2022-1292 intel-sgx-ssl 9.8 CVE-2022-0778 intel-sgx-ssl 7.5 CVE-2022-0216 qemu 5.3 CVE-2021-4217 unzip 7.8 CVE-2021-35939 rpm 7.8 CVE-2021-35938 rpm 7.8 CVE-2021-35937 rpm 6.4 CVE-2022-1115 ImageMagick 5.5 CVE-2022-35737 sqlite 7.5 CVE-2020-25654 pacemaker 7.2 Bugfix： issue 仓库 #I5PT71:删除无用的旧库 unbound #I5Q0NA:divide some future to some subpackages systemd #I48N3Z:systemd删除编译选项rpath systemd #I5P0X4:去除重复打包文件 sssd #I5P51H:同步国密特性补丁到20.03 SP1 shadow #I5P111:【openEuler-20.03-LTS-SP1】安全扫描出samba的部分文件需要对rpath进行处理 samba #I5P02X:注意spec中changelog撰写规范 rng-tools #I5P5HU:新增支持openEuler 22.03特性 python-cryptography #I5P9BI:支持国密算法sm3 python3 #I5NUPD:注意spec中changelog撰写规范 python3 #I5POOR:删除test目录下无用的文件 python3 #I5PV8D:删除无用的旧库 ppp #I5MTS1:popt 导致单包libuser 用例失败 popt #I5NUP3:注意spec中changelog撰写规范 pkgconf #I5NUOY:注意spec中changelog撰写规范 perl-Mozilla-CA #I5NUP2:注意spec中changelog撰写规范 perl #I4FYJ3:新增sm3算法支持 passwd #I4QUCH:新增支持SM3加密算法 pam #I5PRO7:支持国密后的openssh需要依赖已支持国密算法的openssl的版本 openssh #I5JNRY:remove dependency of nss-help for nss and nss-util nss #I24YZZ:nss spec编写错误 nss #I5LIE9:执行nghttpd 8080 --no-tls -v -n -1，出现core dumped nghttp2 #I5PT79:删除无用的旧库 nettle #I5P50O:add sm3 crypt support libxcrypt #I5P4RQ:20.03-LTS-SP1分支支持sm3算法 libuser #I5PQ7B:在spec文件中新增epoch版本号 libunwind #I5PQ9M:在spec文件中删除弱依赖help包 libtdb #I5OBU0: openssh,libssh, dnsmasq社区补丁回合 libssh #I5OBUK: 开源软件包openssh，libssh和内核netlink模块的社区补丁回合 libssh #I5DMLT:Upgrade to latest release [libselinux: 3.3 -> 20200710] libselinux #I5P0QU:[20.03-LTS-SP1]libmodulemd增加对glib2>=2.62.5版本的安装依赖 libmodulemd #I5P0VK:【openEuler-20.03-LTS-SP1、openEuler-20.03-LTS-SP3】安全扫描出libldb的部分文件需要进行rpath处理 libldb #I4FJJH:新增sm3算法支持 libgcrypt #I5Q7WS:libdnf need higher libsolv version libdnf #I5Q7WP:add remove unlink file in pretrans devel json-c #I5Q0N9:从gnutls 中拆分出 gnutls-utils 子包 gnutls #I5PYLA:20.03 LTS SP1分支暂不开启对xz等压缩特性的支持 elfutils #I5P17B:[20.03 LTS SP1分支]解除对libdb的依赖，使用gdbm替换libdb cyrus-sasl #I5OXSE:注意spec中changelog撰写规范 curl #I5OXRX:注意spec中changelog撰写规范 createrepo_c #I5G0HT:当使用'ls'命令时，不同的文件属性回显不同的颜色 coreutils #I5PKI1:2003 版本bind回合上游社区补丁 bind #I4SAFX:anaconda国密sm3支持 anaconda #I5P5EA:add sm3 crypt support aide #I5OZWV:单包存在安全编译选项rpatch问题 acl #I5PHYF:【20.03 LTS SP1 update0831】【arm/x86】oech.service服务stop之后状态为failed oec-hardware openEuler-20.03-LTS-SP1版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1 https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1:Epol openEuler-20.03-LTS-SP1 Update版本发布源链接： https://repo.openeuler.org/openEuler-20.03-LTS-SP1/update/ https://repo.openeuler.org/openEuler-20.03-LTS-SP1/EPOL/update/ openEuler CVE 及安全公告公示链接： https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-20.03-LTS-SP1 Update版本待修复问题清单公示：任务ID 任务标题关联仓库 SIG I281C1 【fuzz】runtime error: libsass Base-service I2AVD2 【20.03-LTS-SP1】obs-server包下的obs_admin命令执行报错 obs-server Others I42M57 【20.03-LTS-SP1】安装obs-api存在报错信息 obs-server Others I437CR [SP1][arm/x86]obs-server包下11个服务启动关闭，出现报错 obs-server Others I437TW obsservice启动失败 obs-server Others I43OSX [clamav] 执行clamscan --statistics pcre命令会出现error，但是最终返回码为0 clamav Others I44RHB large loop in OBJ_obj2txt openssl sig-security-facility I44RIX large loop in bn_lshift_fixed_top openssl sig-security-facility I47I56 yum升级出现dkms的错误告警打印 dkms Others I48GIM 【20.03LTS SP1 update 210901】ovirt-cockpit-sso.service服务启动失败 ovirt-cockpit-sso oVirt I490MU Uncaught exception in get_tokens_unprocessed python-pygments Programming-language I4CJX9 [20.03-LTS-SP1] 389-ds-base包下的部分命令-v参数不显示版本号 three-eight-nine-ds-base Application I4CM78 [20.03-LTS-SP1]389-ds-base和389-ds-base-legacy-tools包的部分命令执行返回No instances found in /etc/sysconfig three-eight-nine-ds-base Application I4CMKY [20.03-LTS-SP1]389-ds-base-legacy-tools包中dn2rdn -v未正常返回版本信息 three-eight-nine-ds-base Application I4F8YQ integer overflow in start_input_bmp libjpeg-turbo Desktop I4F8ZI heap-buffer-overflow in get_word_rgb_row libjpeg-turbo Desktop I4F903 Unexpect-exit in start_input_tga libjpeg-turbo Desktop I4F913 Timeout in tjDecompress2 libjpeg-turbo Desktop I4FRSL Undefined-shift in bitset_set augeas Desktop I4FT5J Timeout in fa_from_re augeas Desktop I4FT5U stack overflow in fa_from_re augeas Desktop I4FT61 stack overflow in re_case_expand augeas Desktop I4FT67 memleaks in ref_make_ref augeas Desktop I4FT6B SEGV in re_case_expand augeas Desktop I4FT6F stack overflow in parse_concat_exp augeas Desktop I4FT7B stack overflow in calc_eclosure_iter augeas Desktop I4FT8E stack overflow in peek_token augeas Desktop I4FT8P stack overflow in parse_path_expr augeas Desktop I4FT97 Out of memory in ns_from_locpath augeas Desktop I4FT9A SEGV in eval_expr augeas Desktop I4FT9C SEGV in tree_prev augeas Desktop I4FT9G stack overflow in check_expr augeas Desktop I4FT9I stack overflow in free_expr augeas Desktop I4G4A5 Undefine-shift in _bfd_safe_read_leb128 binutils Compiler I4G4B1 Integer overflow in print_vms_time binutils Compiler I4G4VY memleak in parse_gnu_debugaltlink binutils Compiler I4G4WF Heap-buffer-overflow in slurp_hppa_unwind_table binutils Compiler I4G4WW Use-after-free in make_qualified_name binutils Compiler I4G4X6 memleak in byte_get_little_endian binutils Compiler I4G4XF memleak in process_mips_specific binutils Compiler I4G4Y0 out-of-memory in vms_lib_read_index binutils Compiler I4G4YJ Heap-buffer-overflow in bfd_getl16 binutils Compiler I4G4YV Floating point exception in _bfd_vms_slurp_etir binutils Compiler I4G5TL stack-buffer-overflow in redisvFormatCommand hiredis Base-service I4G5U2 AddressSanitizer CHECK failed in sdscatvprintf hiredis Base-service I4G5UN SEGV in redisvFormatCommand hiredis Base-service I4G5WG AddressSanitizer CHECK failed in sdscatlen hiredis Base-service I4G5XO Attempting free wild-addr in hi_free hiredis Base-service I4J0OY 【20.03 SP1】【arm/x86】安装好libdap后，getdap4命令的-i和-k参数使用异常 libdap sig-recycle I4JMG4 【20.03 SP1】【arm/x86】robotframework包的三个命令：libdoc、rebot、robot执行--help/-h/-?/--version，查看帮助信息和版本信息，返回值为251 python-robotframework sig-ROS I4K6ES stack-buffer-overflow in UINT32_Marshal libtpms sig-security-facility I4K6FU global-buffer-overflow in Array_Marshal libtpms sig-security-facility I4K6R7 memleak in wrap_nettle_mpi_init gnutls sig-security-facility I4K6UI Timeout in _asn1_find_up gnutls sig-security-facility I4KT2A integer overflow in luaV_execute lua Base-service I4KT3D integer overflow in intarith lua Base-service I4KT3Q Division by zero in luaV_execute lua Base-service I4KT40 Timeout in luaV_finishget lua Base-service I4M3KE [20.03-lts-sp1]卸载abrt-addon-ccpp报错：Failed to disable unit: Unit file abrt-ccpp.service does not exist. abrt Application I4NNTR [SP1][x86/arm]执行isula pull busybox,报错"fetch and parse manifest failed" iSulad iSulad I4NO1Z 【SP1-arm/x86】openhpi升级有报错信息 openhpi System-tool I4O16Z 【SP1_update/arm】安装kernel-4.19.90-2108版本有错误提示信息 kernel Kernel I4OLAW 【20.03-LTS-SP1】【arm/x86】gcc_secure脚本中的exclude字段判断它期望排除gcc包，但实际上它依然会影响到gcc的构建 gcc_secure Others I4QV6N 【openEuler-20.03-LTS-SP1】flink命令执行失败 flink sig-bigdata I56KUR 【SP1 update 20220506】mysql5包在x86架构下，本地使用rpmbuild编译失败 mysql5 DB I5DKCS 【20.03 LTS SP1】【arm/x86】安装munge之后，缺少/usr/sbin/create-munge-key文件导致服务启动失败 munge Application I5G81X 【20.03 SP1】selinux-policy卸载异常 selinux-policy sig-security-facility I5GT2K 【20.03-SP1】【arm/x86】pcp-system-tools包下的pcp-mpstat命令执行报错 pcp Application I5IG1V 【20.03-SP1】【x86/arm】epol源下的efl、efl-devel软件包安装报错，gpg检查失败 efl sig-compat-winapp I5IG6K 【20.03-SP1】【x86/arm】epol源下的opencryptoki、opencryptoki-devel软件包安装报错，gpg检查失败 opencryptoki dev-utils I5JHX2 【20.03 SP1 update 20220727】ovirt-engine在update 20220727版本安装失败 ovirt-engine oVirt I5JNSL 【20.03 SP1 update 20220727】【arm】htcacheclean.service服务启动之后，日志中提示”Can't open PID file /run/httpd/htcacheclean/pid“ httpd Networking I5O40D 【20.03 SP1】linux-sgx-driver在20.03 SP1分支安装有异常告警 linux-sgx-driver sig-confidential-computing I5Q5D1 【20.03 SP1】ibus在sp1分支安装有异常告警 ibus Desktop openEuler-20.03-LTS-SP3 Update 20220905 经各SIG及社区开发者贡献，本周openEuler-20.03-LTS-SP3修复版本已知问题10个，已知漏洞17个。目前版本分支剩余待修复缺陷18个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP3 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I5PM5U?from=project-i… CVE修复：需求类型软件包优先级 CVE-2022-38784 poppler 7.8 CVE-2022-35252 curl 3.1 CVE-2022-33070 sudo 5.5 CVE-2022-2097 intel-sgx-ssl 7.5 CVE-2022-2097 linux-sgx 7.5 CVE-2022-2068 intel-sgx-ssl 9.8 CVE-2022-2068 linux-sgx 9.8 CVE-2022-1292 intel-sgx-ssl 9.8 CVE-2022-0778 intel-sgx-ssl 7.5 CVE-2022-0216 qemu 5.3 CVE-2021-4217 unzip 7.8 CVE-2021-35939 rpm 7.8 CVE-2021-35938 rpm 7.8 CVE-2021-35937 rpm 6.4 CVE-2022-1115 ImageMagick 5.5 CVE-2022-35737 sqlite 7.5 CVE-2020-25654 pacemaker 7.2 Bugfix： issue 仓库 #I5PT71:删除无用的旧库 unbound #I5PV8D:删除无用的旧库 ppp #I5MTS1:popt 导致单包libuser 用例失败 popt #I5LIE9:执行nghttpd 8080 --no-tls -v -n -1，出现core dumped nghttp2 #I5PT79:删除无用的旧库 nettle #I5OBU0: openssh,libssh, dnsmasq社区补丁回合 libssh #I5OBUK: 开源软件包openssh，libssh和内核netlink模块的社区补丁回合 libssh #I5P0VK:【openEuler-20.03-LTS-SP1、openEuler-20.03-LTS-SP3】安全扫描出libldb的部分文件需要进行rpath处理 libldb #I5OXSE:注意spec中changelog撰写规范 curl #I5PHZL:【20.03 LTS SP3 update0831】【arm/x86】oech.service服务stop之后状态为failed oec-hardware openEuler-20.03-LTS-SP3版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3 https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3:Epol openEuler-20.03-LTS-SP3 Update版本发布源链接： https://repo.openeuler.org/openEuler-20.03-LTS-SP3/update/ https://repo.openeuler.org/openEuler-20.03-LTS-SP3/EPOL/update/main/ openEuler CVE 及安全公告公示链接： https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-20.03-LTS-SP3 Update版本待修复问题清单公示：任务ID 任务标题关联仓库 SIG I4OLHP 【20.03-LTS-SP3】【arm/x86】gcc_secure脚本中的exclude字段判断它期望排除gcc包，但实际上它依然会影响到gcc的构建 gcc_secure Others I4QV7S 【openEuler-20.03-LTS-SP3】flink run 命令执行失败 flink sig-bigdata I4RVHE losetup : 当loop设备编号超过7位时，losetup命令无法操作该设备 util-linux Base-service I4UMEV [openEuler 20.03-LTS SP3]openEuler开启crash_kexec_post_notifiers后，panic通知链无法完全遍历 kernel Kernel I5IGAS 【20.03-SP3】【x86/arm】epol源下的opencryptoki、opencryptoki-devel软件包安装报错，gpg检查失败 opencryptoki dev-utils I5IGOR 【20.03-SP3】【x86/arm】epol源下的fluidsynth、fluidsynth-devel、fluidsynth-help软件包安装报错，gpg检查失败 fluidsynth Application I5JBJ9 【20.03 SP3_EPOL_update20220727】ovirt-engine-backend包卸载过程的告警信息需要优化 ovirt-engine oVirt I5JLNF 【20.03 SP3 update 20220727】【arm/x86】ovirt-websocket-proxy.service服务启动失败 ovirt-engine oVirt I5JLRQ 【20.03 SP3 update 20220727】【arm/x86】ovirt-engine-notifier.service服务启动失败 ovirt-engine oVirt I5KXUY 【20.03 LTS SP3 update 20220803】【arm/x86】ovirt-cockpit-sso.service服务启动失败 ovirt-cockpit-sso oVirt I5KY4S 【20.03 LTS SP3 update 20220803】【arm/x86】vdsmd.service服务启动失败，导致mom-vdsm.service服务无法启动成功 vdsm oVirt I5LYJK 【20.03-sp3_update20220801】【x86】对内核版进行升级后，TCP_option_address安装异常 TCP_option_address Kernel I5NU6W [20.03-LTS-SP3]dnf无法安装libtirpc-devel dnf sig-OS-Builder I5P8S5 【20.03_SP3_update0831】【arm/x86】iSulad因缺少依赖导致无法安装 iSulad iSulad I5PH70 [20.03-LTS-SP3]spec文件存在软件包编译依赖自身，且打包包含系统环境文件 brltty Desktop I5PHJA [20.03-LTS-SP3]spec文件存在软件包编译依赖自身，且打包包含系统环境文件 hunspell Desktop I5PT12 [20.03-LTS-SP3]spec文件存在软件包编译依赖自身，且打包包含系统环境文件 ima-evm-utils Base-service I5PUIA [20.03-LTS-SP3]spec文件存在软件包编译依赖自身，且打包包含系统环境文件 qrencode Desktop openEuler-22.03-LTS Update 20220905 经各SIG及社区开发者贡献，本周openEuler-22.03-LTS修复版本已知问题16个，已知漏洞19个。目前版本分支剩余待修复缺陷17个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I5PM5V?from=project-i… CVE修复： CVE 仓库 score CVE-2022-38784 poppler 7.8 CVE-2022-35252 curl 3.1 CVE-2022-33070 sudo 5.5 CVE-2022-2938 kernel 7.8 CVE-2022-2586 kernel 6.7 CVE-2022-2097 intel-sgx-ssl 7.5 CVE-2022-2097 linux-sgx 7.5 CVE-2022-2068 intel-sgx-ssl 9.8 CVE-2022-2068 linux-sgx 9.8 CVE-2022-1615 samba 5.1 CVE-2022-1292 intel-sgx-ssl 9.8 CVE-2022-0778 intel-sgx-ssl 7.5 CVE-2022-0216 qemu 5.3 CVE-2021-4217 unzip 7.8 CVE-2021-35939 rpm 7.8 CVE-2021-35938 rpm 7.8 CVE-2021-35937 rpm 6.4 CVE-2022-1115 ImageMagick 5.5 CVE-2022-35737 sqlite 7.5 Bugfix： issue 仓库 #I5OKLJ:rpmbuild -bp时会有额外警告信息 tcpdump #I5Q7A5:ruby添加multi-version分支 ruby #I5MTS1:popt 导致单包libuser 用例失败 popt #I5LIE9:执行nghttpd 8080 --no-tls -v -n -1，出现core dumped nghttp2 #I5OBU0: openssh,libssh, dnsmasq社区补丁回合 libssh #I5OBUK: 开源软件包openssh，libssh和内核netlink模块的社区补丁回合 libssh #I5POF1:Fix kernel BUG in purge_effective_progs kernel #I5G0HT:当使用'ls'命令时，不同的文件属性回显不同的颜色 coreutils #I5Q70S:autoconf添加multi-version分支 autoconf #I5Q76F:rubygem-bundler添加multi-version分支 rubygem-bundler #I5Q77G:passenger添加multi-version分支 passenger #I5PHWS:【22.03 LTS update0831】【arm/x86】oech.service服务stop之后状态为failed oec-hardware #I5Q79Q:obs-server添加multi-version分支 obs-server #I5Q78Z:obs-bundled-gems添加multi-version分支 obs-bundled-gems #I5P33I:【软件升级】openEuler 22.03-LTS\22.03-LTS-Next版本sqlite升级到3.37.2 sqlite #I5PS4C:integer overflow on gigabyte string sqlite openEuler-22.03-LTS版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:22.03:LTS https://build.openeuler.org/project/show/openEuler:22.03:LTS:Epol openEuler-22.03-LTS Update版本发布源链接： https://repo.openeuler.org/openEuler-22.03-LTS/update/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/main/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… openEuler-22.03-LTS Update版本待修复问题清单公示：任务ID 任务标题关联仓库 SIG I51DP2 firefox浏览器无法播放音频和视频 firefox Application I5E2N2 【openEuler 22.03-LTS】5.10内核执行ltp用例出现softlockup问题 kernel Kernel I5F3QI 【openEuler22.03】【arm】ltp执行proc01用例失败 kernel Kernel I5G9CY 升级iinstall-scripts包会导致系统启动异常 install-scripts sig-OS-Builder I5JIA6 【22.03 LTS update 20220727】ovirt-engine在update 20220727版本安装失败 ovirt-engine oVirt I5JPII 【22.03_update20220727】【x86/arm】ovirt-engine源码包本地自编译失败，缺少编译依赖ovirt-jboss-modules-maven-plugin ovirt-engine oVirt I5LKHK glassfish-hk2 build problem in openEuler:22.03:LTS glassfish-hk2 sig-Java I5LKKX libbluray build problem in openEuler:22.03:LTS libbluray Desktop I5LKM6 libxshmfence build problem in openEuler:22.03:LTS libxshmfence Desktop I5LKQ9 obs-server build problem in openEuler:22.03:LTS obs-server Others I5LKR3 perl-Software-License build problem in openEuler:22.03:LTS perl-Software-License Programming-language I5LKS8 rubygem-puma build problem in openEuler:22.03:LTS rubygem-puma sig-ruby I5LKVE socket_wrapper build problem in openEuler:22.03:LTS socket_wrapper Programming-language I5LKY8 yaffs2 build problem in openEuler:22.03:LTS yaffs2 sig-embedded I5LKYU zeromq build problem in openEuler:22.03:LTS zeromq dev-utils I5PEOK 【22.03_LTS_update0831】【arm/x86】iSulad包升级、降级过程存在错误信息 iSulad iSulad I5Q4S3 [22.03-LTS]x86虚拟机卸载qxl模块，机器自动重启 kernel Kernel 社区待修复漏洞： openEuler社区根据漏洞严重等级采取差异化的修复策略，请各个SIG 关注涉及CVE组件的修复情况。严重等级（Severity Rating）漏洞修复时长致命（Critical） 7天高（High） 14天中（Medium） 30天低（Low） 30天可参考社区安全委员会漏洞：https://gitee.com/openeuler/security-committee/wikis/%E7%A4%BE… 近14天将超期CVE: 漏洞编号 Issue ID 剩余天数 CVSS评分软件包责任SIG CVE-2020-19599 I5LYRN 1.08 　 mingw-binutils sig-compat-winapp CVE-2020-19599 I5LYRL 1.08 　 binutils Compiler CVE-2020-27834 I5M41P 1.79 　 zabbix Base-service CVE-2022-3028 I5OPA5 3.13 7 risc-v-kernel sig-RISC-V CVE-2022-2132 I5OUCA 3.75 8.6 ceph sig-ceph CVE-2019-1010180 I5OX4N 4.46 7.8 crash Base-service CVE-2014-3627 I5MF0I 4.87 　 hadoop sig-bigdata CVE-2015-3254 I5MF05 4.87 　 thrift Base-service CVE-2015-1776 I5MF03 4.87 　 hadoop sig-bigdata CVE-2018-1263 I5MF00 4.87 　 hadoop sig-bigdata CVE-2018-1261 I5MEZZ 4.87 　 hadoop sig-bigdata CVE-2018-8008 I5MEZX 4.87 　 hadoop sig-bigdata CVE-2018-1002207 I5MEZW 4.87 　 hadoop sig-bigdata CVE-2018-1002206 I5MEZT 4.87 　 hadoop sig-bigdata CVE-2018-1002205 I5MEZS 4.87 　 hadoop sig-bigdata CVE-2018-1002202 I5MEZN 4.87 　 hadoop sig-bigdata CVE-2018-1002201 I5MEZM 4.87 　 hadoop sig-bigdata CVE-2018-1002204 I5MEZK 4.87 　 hadoop sig-bigdata CVE-2018-1002203 I5MEZI 4.87 　 hadoop sig-bigdata CVE-2022-2586 I5MEZD 4.87 6.7 kernel Kernel CVE-2020-35537 I5P3HS 5.24 7.5 gcc Compiler CVE-2020-35537 I5P3HR 5.24 7.5 mingw-gcc sig-compat-winapp CVE-2022-1292 I5QBRK 5.67 9.8 linux-sgx sig-confidential-computing CVE-2018-18398 I5MM9C 5.91 4.7 Thunar xfce CVE-2022-2735 I5PB18 6.14 8.8 pcs sig-Ha CVE-2022-39170 I5PE5J 6.65 8.8 libdwarf Programming-language CVE-2021-34538 I5PJ0J 7.48 7.5 hive sig-bigdata CVE-2022-39189 I5PJ7H 7.52 7.8 kernel Kernel CVE-2022-2873 I5MZPG 7.84 5.5 risc-v-kernel sig-RISC-V CVE-2022-2873 I5MZPE 7.84 6.2 kernel Kernel CVE-2022-3099 I5PKPN 8.14 7.8 vim Base-service CVE-2022-26373 I5N1SO 8.48 5.5 kernel Kernel CVE-2022-1122334 I5N6VL 8.76 　 risc-v-kernel sig-RISC-V CVE-2022-1122334 I5N6VH 8.76 　 kernel Kernel CVE-2022-2308 I5N8AK 8.98 6.3 kernel Kernel CVE-2022-2526 I5N8FQ 9.11 　 NutShell-systemd sig-RISC-V CVE-2021-43612 I5N8O6 9.48 　 openvswitch Networking CVE-2022-39842 I5PRMW 9.74 7.8 risc-v-kernel sig-RISC-V CVE-2022-3134 I5Q1AB 11.31 7.8 vim Base-service CVE-2022-0778 I5Q1KA 11.44 7.5 openssl sig-security-facility CVE-2022-38060 I5Q6KF 11.78 8.8 openstack-kolla sig-openstack CVE-2020-0433 I5QBU1 12.67 7.8 kernel Kernel CVE-2019-9458 I5QBTO 12.67 7 kernel Kernel CVE-2022-25308 I5QBT3 12.67 7.8 fribidi Desktop CVE-2022-0778 I5QBRO 12.67 7.5 linux-sgx sig-confidential-computing CVE-2021-33503 I5QBQW 12.67 7.5 python-pip Base-service CVE-2022-24795 I5QBQ1 12.67 7.5 yajl Base-service CVE-2022-2977 I5NWQ0 13.72 　 risc-v-kernel sig-RISC-V CVE-2022-2964 I5NYSB 13.85 　 risc-v-kernel sig-RISC-V openEuler 社区指导文档及开放平台链接： openEuler 版本分支维护规范： https://gitee.com/openeuler/release-management/blob/master/openEuler%E7%89%… openEuler release-management 版本分支PR指导： https://gitee.com/openeuler/release-management/blob/master/openEuler%E5%BC%… 社区QA 版本测试提单规范 https://gitee.com/openeuler/QA/blob/839f952696f271f83c018ccf3218cf493b92d65… 社区QA 测试平台 radiates https://radiatest.openeuler.org<https://radiatest.openeuler.org/> 车明道（openEuler release SIG） Mobile: +86 15345431107 中国(China)-杭州(Hangzhou)-滨江区江淑路360号华为杭州研发中心 HUAWEI , Jiangshu Road., Binjiang District, Hangzhou, P.R.China E-mail: chemingdao(a)huawei.com<mailto:chemingdao@huawei.com> [cid:image003.png@01D8C491.862F2BD0]Open Source OS for Digital Infrastructure 本邮件及其附件含有华为公司的保密信息，仅限于发送给上面地址中列出的个人或群组。禁止任何其他人以任何形式使用（包括但不限于全部或部分地泄露、复制、或散发）本邮件中的信息。如果您错收了本邮件，请您立即电话或邮件通知发件人并删除本邮件！ This e-mail and its attachments contain confidential information from HUAWEI, which is intended only for the person or entity whose address is listed above. Any use of the information contained herein in any way (including, but not limited to, total or partial disclosure, reproduction, or dissemination) by persons other than the intended recipient(s) is prohibited. If you receive this e-mail in error, please notify the sender by phone or email immediately and delete it

1 0

2024

2023

2022

2021

2020

Sa-announce September 2022