Sa-announce October 2023

sa-announce@openeuler.org

1 participants
3 discussions

[Release] openEuler update_20231025版本发布公告
by update版本发布邮箱 28 Oct '23

28 Oct '23

主题: openEuler update_20231025版本发布公告 Dear all，经社区Release SIG、QA SIG及 CICD SIG 评估，openEuler-20.03-LTS-SP1、openEuler-20.03-LTS-SP3、openEuler-22.03-LTS、openEuler-22.03-LTS-SP1及openEuler-22.03-LTS-SP2 update版本满足版本出口质量，现进行发布公示。本公示分为八部分： 1、openEuler-20.03-LTS-SP1 Update 20231025发布情况及待修复缺陷 2、openEuler-20.03-LTS-SP3 Update 20231025发布情况及待修复缺陷 3、openEuler-22.03-LTS Update 20231025发布情况及待修复缺陷 4、openEuler-22.03-LTS-SP1 Update 20231025发布情况及待修复缺陷 5、openEuler-22.03-LTS-SP2 Update 20231025发布情况及待修复缺陷 6、openEuler 关键组件待修复CVE 清单 7、openEuler 关键组件待修复缺陷清单 8、openEuler 社区指导文档及开放平台链接本次update版本发布后，下一个版本里程碑点（预计在2023/11/03）提供 update_20231101 版本。 openEuler-20.03-LTS-SP1 Update 20231025 经各SIG及社区开发者贡献，本周openEuler-20.03-LTS-SP1修复版本已知问题3个，已知漏洞6个。目前版本分支剩余待修复缺陷10个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP1 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I8A0BN?from=project-i… CVE修复： CVE 仓库 score #I885FJ:CVE-2023-45862<https://gitee.com/open_euler/dashboard?issue_id=I885FJ> kernel 7.5 #I89ET5:CVE-2020-4030<https://gitee.com/open_euler/dashboard?issue_id=I89ET5> freerdp 6.5 #I85CAT:CVE-2023-39192<https://gitee.com/open_euler/dashboard?issue_id=I85CAT> kernel 6 #I85DZB:CVE-2023-42754<https://gitee.com/open_euler/dashboard?issue_id=I85DZB> kernel 5.5 #I89672:CVE-2023-44487<https://gitee.com/open_euler/dashboard?issue_id=I89672> nghttp2 1 #I885ON:CVE-2023-45871<https://gitee.com/open_euler/dashboard?issue_id=I885ON> kernel 1 Bugfix： issue 仓库 #I8AQGX:升级oec-hardware到v1.1.5版本<https://gitee.com/open_euler/dashboard?issue_id=I8AQGX> oec-hardware #I85XYV:[openEuler-1.0-LTS] 修复ktask_init()内存泄漏<https://gitee.com/open_euler/dashboard?issue_id=I85XYV> kernel #I85XYM:[openEuler-1.0-LTS] 修复ktask_init()空指针解引用<https://gitee.com/open_euler/dashboard?issue_id=I85XYM> kernel openEuler-20.03-LTS-SP1版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1 https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1:Epol openEuler-20.03-LTS-SP1 Update版本发布源链接： https://repo.openeuler.org/openEuler-20.03-LTS-SP1/update/ https://repo.openeuler.org/openEuler-20.03-LTS-SP1/EPOL/update/ https://repo.openeuler.org/openEuler-20.03-LTS-SP1/docker_img/update/ openEuler CVE 及安全公告公示链接： https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-20.03-LTS-SP1 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高)：里程碑任务ID 任务标题优先级 sig组关联仓库任务路径 openEuler 20.03LTS SP1 update2103 I3E5C1 【20.03-SP1】【arm/x86】服务启动失败主要 regression-failed src-openEuler/hadoop https://gitee.com/open_euler/dashboard?issue_id=I3E5C1 openEuler 20.03LTS SP1 update210901 I48GIM 【20.03LTS SP1 update 210901】ovirt-cockpit-sso.service服务启动失败主要 sig-oVirt src-openEuler/ovirt-cockpit-sso https://gitee.com/open_euler/dashboard?issue_id=I48GIM openEuler 20.03-LTS-SP1 I4J0OY 【20.03 SP1】【arm/x86】安装好libdap后，getdap4命令的-i和-k参数使用异常主要 sig/sig-recycle src-openEuler/libdap https://gitee.com/open_euler/dashboard?issue_id=I4J0OY openEuler 20.03-LTS-SP1 I4JMG4 【20.03 SP1】【arm/x86】robotframework包的三个命令：libdoc、rebot、robot执行--help/-h/-?/--version，查看帮助信息和版本信息，返回值为251 主要 sig/sig-ROS src-openEuler/python-robotframework https://gitee.com/open_euler/dashboard?issue_id=I4JMG4 openEuler 20.03-LTS-SP1 I5DLX7 [20.03 22.03] 管理员指南操作文档mysql服务搭建指导文档有误主要 sig/doc openEuler/docs https://gitee.com/open_euler/dashboard?issue_id=I5DLX7 openEuler 20.03-LTS-SP1 I6VFAE [20.03 SP1] [x86/arm] mariadb授权给远程用户，远程连接服务失败次要 sig/DB src-openEuler/mariadb https://gitee.com/open_euler/dashboard?issue_id=I6VFAE openEuler-20.03-LTS-SP1 I3QGU7 系统不支持GB18030 无优先级 sig/TC openEuler/community https://gitee.com/open_euler/dashboard?issue_id=I3QGU7 openEuler 20.03LTS SP1 update210926 I4CMSV 【20.03-LTS-SP1】【arm/x86】搭建Kubernetes 集群缺少包etcd 无优先级 sig/TC openEuler/community https://gitee.com/open_euler/dashboard?issue_id=I4CMSV openEuler 20.03LTS SP1 update220111 I4QV6N 【openEuler-20.03-LTS-SP1】flink命令执行失败无优先级 sig/sig-ai-bigdata src-openEuler/flink https://gitee.com/open_euler/dashboard?issue_id=I4QV6N openEuler-20.03-LTS-SP1-dailybuild I5Y99T mate-desktop install problem in openEuler:20:03:LTS:SP1 无优先级 sig/sig-mate-desktop src-openEuler/mate-desktop https://gitee.com/open_euler/dashboard?issue_id=I5Y99T openEuler-20.03-LTS-SP3 Update 20231025 经各SIG及社区开发者贡献，本周openEuler-20.03-LTS-SP3修复版本已知问3个，已知漏洞7个。目前版本分支剩余待修复缺陷 6个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP3 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I8A0BO?from=project-i… CVE修复： CVE 仓库 score #I885FJ:CVE-2023-45862<https://gitee.com/open_euler/dashboard?issue_id=I885FJ> kernel 7.5 #I84XBX:CVE-2023-40660<https://gitee.com/open_euler/dashboard?issue_id=I84XBX> opensc 6.3 #I85CAT:CVE-2023-39192<https://gitee.com/open_euler/dashboard?issue_id=I85CAT> kernel 6 #I85DZB:CVE-2023-42754<https://gitee.com/open_euler/dashboard?issue_id=I85DZB> kernel 5.5 #I89GY7:CVE-2023-5625<https://gitee.com/open_euler/dashboard?issue_id=I89GY7> python-eventlet 5.3 #I89672:CVE-2023-44487<https://gitee.com/open_euler/dashboard?issue_id=I89672> nghttp2 1 #I885ON:CVE-2023-45871<https://gitee.com/open_euler/dashboard?issue_id=I885ON> kernel 1 Bugfix： issue 仓库 #I85XYM:[openEuler-1.0-LTS] 修复ktask_init()空指针解引用<https://gitee.com/open_euler/dashboard?issue_id=I85XYM> kernel #I85XYV:[openEuler-1.0-LTS] 修复ktask_init()内存泄漏<https://gitee.com/open_euler/dashboard?issue_id=I85XYV> kernel #I8AQGX:升级oec-hardware到v1.1.5版本<https://gitee.com/open_euler/dashboard?issue_id=I8AQGX> oec-hardware openEuler-20.03-LTS-SP3版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3 https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3:Epol openEuler-20.03-LTS-SP3 Update版本发布源链接： https://repo.openeuler.org/openEuler-20.03-LTS-SP3/update/ https://repo.openeuler.org/openEuler-20.03-LTS-SP3/EPOL/update/main/ https://repo.openeuler.org/openEuler-20.03-LTS-SP3/docker_img/update/ openEuler CVE及安全公告公示链接： https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-20.03-LTS-SP3 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高)：里程碑任务ID 任务标题优先级 sig组关联仓库任务路径 openEuler 20.03-LTS-SP3 I5KXUY 【20.03 LTS SP3 update 20220803】【arm/x86】ovirt-cockpit-sso.service服务启动失败主要 sig/oVirt src-openEuler/ovirt-cockpit-sso https://gitee.com/open_euler/dashboard?issue_id=I5KXUY openEuler-20.03-LTS-SP3 I5KY4S 【20.03 LTS SP3 update 20220803】【arm/x86】vdsmd.service服务启动失败，导致mom-vdsm.service服务无法启动成功主要 sig/oVirt src-openEuler/vdsm https://gitee.com/open_euler/dashboard?issue_id=I5KY4S openEuler-20.03-LTS-SP3 I6VFMI [20.03 SP3] [x86/arm] mariadb授权给远程用户，远程连接服务失败次要 sig/DB src-openEuler/mariadb https://gitee.com/open_euler/dashboard?issue_id=I6VFMI openEuler-20.03-LTS-SP3 I72HWV 【20.03-lts-sp3】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败次要 sig/Base-service src-openEuler/php https://gitee.com/open_euler/dashboard?issue_id=I72HWV openEuler-20.03-LTS-SP3 I7QP67 [20.03-LTS-SP3]openssh自编译失败，提示缺少bc命令次要 sig/Base-service src-openEuler/openEuler-release https://gitee.com/open_euler/dashboard?issue_id=I7QP67 openEuler 20.03LTS SP3 update220111 I4QV7S 【openEuler-20.03-LTS-SP3】flink run 命令执行失败无优先级 sig/sig-ai-bigdata src-openEuler/flink https://gitee.com/open_euler/dashboard?issue_id=I4QV7S openEuler-22.03-LTS Update 20231025 经各SIG及社区开发者贡献，本周openEuler-22.03-LTS修复版本已知问题2个，已知漏洞4个。目前版本分支剩余待修复缺陷4个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I8A0BQ?from=project-i… CVE修复： CVE 仓库 score #I89456:CVE-2023-5632<https://gitee.com/open_euler/dashboard?issue_id=I89456> mosquitto 7.5 #I7Z2PQ:CVE-2023-3592<https://gitee.com/open_euler/dashboard?issue_id=I7Z2PQ> mosquitto 5.8 #I6Q3J1:CVE-2023-1625<https://gitee.com/open_euler/dashboard?issue_id=I6Q3J1> openstack-heat 5 #I89672:CVE-2023-44487<https://gitee.com/open_euler/dashboard?issue_id=I89672> nghttp2 1 Bugfix： issue 仓库 #I89ZH5:SSLEngine throws NPE parsing CertificateRequests<https://gitee.com/open_euler/dashboard?issue_id=I89ZH5> openjdk-11 #I8AQGX:升级oec-hardware到v1.1.5版本<https://gitee.com/open_euler/dashboard?issue_id=I8AQGX> oec-hardware openEuler-22.03-LTS版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:22.03:LTS https://build.openeuler.org/project/show/openEuler:22.03:LTS:Epol openEuler-22.03-LTS Update版本发布源链接： https://repo.openeuler.org/openEuler-22.03-LTS/update/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/main/ https://repo.openeuler.org/openEuler-22.03-LTS/docker_img/update/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/ob… openEuler CVE 及安全公告公示链接： https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-22.03-LTS Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高)：里程碑任务ID 任务标题优先级 sig组关联仓库任务路径 openEuler-22.03-LTS update20230726 I7ORCE 【22.03 LTS update20230726】【arm\x86】selinux-policy-base的版本不符合ceph子包的安装条件，ceph子包安装失败; cephadm卸载有异常打印主要 sig/sig-SDS src-openEuler/ceph https://gitee.com/open_euler/dashboard?issue_id=I7ORCE openEuler-22.03-LTS I596H5 openEuler官网中安全加固指南模块—>加固指导—>系统服务—>ssh加固项说明：加固建议中多添加了@符号次要 sig/doc openEuler/docs https://gitee.com/open_euler/dashboard?issue_id=I596H5 openEuler-22.03-LTS I6VFRX [22.03-LTS][x86/arm]mariadb授权给远程用户，远程连接服务失败次要 sig/DB src-openEuler/mariadb https://gitee.com/open_euler/dashboard?issue_id=I6VFRX openEuler-22.03-LTS I72N5G 【22.03-lts】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败次要 sig/Base-service src-openEuler/php https://gitee.com/open_euler/dashboard?issue_id=I72N5G openEuler-22.03-LTS-SP1 Update 20231025 经各SIG及社区开发者贡献，本周openEuler-22.03-LTS-SP1修复版本已知问题2个，已知漏洞5个。目前版本分支剩余待修复缺陷10个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS SP1 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I8A0BM?from=project-i… CVE修复： CVE 仓库 score #I89456:CVE-2023-5632<https://gitee.com/open_euler/dashboard?issue_id=I89456> mosquitto 7.5 #I7Z2PQ:CVE-2023-3592<https://gitee.com/open_euler/dashboard?issue_id=I7Z2PQ> mosquitto 5.8 #I6Q3J1:CVE-2023-1625<https://gitee.com/open_euler/dashboard?issue_id=I6Q3J1> openstack-heat 5 #I78FS1:CVE-2023-2898<https://gitee.com/open_euler/dashboard?issue_id=I78FS1> kernel 4.4 #I89672:CVE-2023-44487<https://gitee.com/open_euler/dashboard?issue_id=I89672> nghttp2 1 Bugfix： issue 仓库 #I898S0:[22.03 LST][Train]nova高低优先级特性cpu_priority_mix_enable找不到<https://gitee.com/open_euler/dashboard?issue_id=I898S0> openstack-nova #I8AQGX:升级oec-hardware到v1.1.5版本<https://gitee.com/open_euler/dashboard?issue_id=I8AQGX> oec-hardware openEuler-22.03-LTS SP1版本编译构建信息查询链接： https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP1 https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP1:Ep… openEuler-22.03-LTS SP1 Update版本发布源链接： https://repo.openeuler.org/openEuler-22.03-LTS-SP1/update/ https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/main/ https://repo.openeuler.org/openEuler-22.03-LTS-SP1/docker_img/update/ https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_versio… https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_versio… https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_versio… openEuler CVE 及安全公告公示链接： https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-22.03-LTS-SP1 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高)：里程碑任务ID 任务标题优先级 sig组关联仓库任务路径 openEuler 22.03-SP1 I6B4V1 【22.03 SP1 update 20230118】【arm】libhdfs在arm架构降级失败，x86正常主要 sig/bigdata src-openEuler/hadoop https://gitee.com/open_euler/dashboard?issue_id=I6B4V1 openEuler-22.03-LTS-SP1 I7LW30 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during IPA pass: struct_reorg(in wide_int_to_tree_1, at tree.c:1575) 主要 sig/Compiler openEuler/gcc https://gitee.com/open_euler/dashboard?issue_id=I7LW30 openEuler-22.03-LTS-SP1 I7LWCW 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:internal compiler error: Segmentation fault 主要 sig/Compiler openEuler/gcc https://gitee.com/open_euler/dashboard?issue_id=I7LWCW openEuler-22.03-LTS-SP1 I7LWK7 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during IPA pass: struct_reorg(in get_type_field, at ipa-struct-reorg/ipa-struct-reorg.c:4394) 主要 sig/Compiler openEuler/gcc https://gitee.com/open_euler/dashboard?issue_id=I7LWK7 openEuler-22.03-LTS-SP1 I7LWO1 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during RTL pass: expand(in convert_move, at expr.c:219) 主要 sig/Compiler openEuler/gcc https://gitee.com/open_euler/dashboard?issue_id=I7LWO1 openEuler-22.03-LTS-SP1 I7LX07 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during IPA pass: struct_reorg(in get_type_field, at ipa-struct-reorg/ipa-struct-reorg.c:4379) 主要 sig/Compiler openEuler/gcc https://gitee.com/open_euler/dashboard?issue_id=I7LX07 openEuler-22.03-LTS-SP1 update20230726 I7OR2I 【22.03 LTS SP1 update20230726】【arm\x86】selinux-policy-base的版本不符合ceph子包的安装条件，ceph子包安装失败主要 sig/sig-SDS src-openEuler/ceph https://gitee.com/open_euler/dashboard?issue_id=I7OR2I openEuler-22.03-LTS-SP1 I6VFV6 [22.03 SP1] [x86/arm] mariadb授权给远程用户，远程连接服务失败次要 sig/DB src-openEuler/mariadb https://gitee.com/open_euler/dashboard?issue_id=I6VFV6 openEuler-22.03-LTS-SP1 I73CKF 【22.03-lts-sp1】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败次要 sig/Base-service src-openEuler/php https://gitee.com/open_euler/dashboard?issue_id=I73CKF openEuler-20.03-LTS-SP1-dailybuild I5Y99T mate-desktop install problem in openEuler:20:03:LTS:SP1 无优先级 sig/sig-mate-desktop src-openEuler/mate-desktop https://gitee.com/open_euler/dashboard?issue_id=I5Y99T openEuler-22.03-LTS-SP2 Update 20231025 经各SIG及社区开发者贡献，本周openEuler-22.03-LTS-SP2修复版本已知问题2个，已知漏洞4个。目前版本分支剩余待修复缺陷2个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS-SP2 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I88AE9?from=project-i… CVE修复： CVE 仓库 score #I89456:CVE-2023-5632<https://gitee.com/open_euler/dashboard?issue_id=I89456> mosquitto 7.5 #I84XBX:CVE-2023-40660<https://gitee.com/open_euler/dashboard?issue_id=I84XBX> opensc 6.3 #I7Z2PQ:CVE-2023-3592<https://gitee.com/open_euler/dashboard?issue_id=I7Z2PQ> mosquitto 5.8 #I89672:CVE-2023-44487<https://gitee.com/open_euler/dashboard?issue_id=I89672> nghttp2 1 Bugfix： issue 仓库 #I8AQGX:升级oec-hardware到v1.1.5版本<https://gitee.com/open_euler/dashboard?issue_id=I8AQGX> oec-hardware #I7Y90Y:回合上游社区补丁,补丁数量：3<https://gitee.com/open_euler/dashboard?issue_id=I7Y90Y> python3 openEuler-22.03-LTS SP2版本编译构建信息查询链接： https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP2 https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP2:Ep… openEuler-22.03-LTS SP2 Update版本发布源链接： https://repo.openeuler.org/openEuler-22.03-LTS-SP2/update/ https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/main/ https://repo.openeuler.org/openEuler-22.03-LTS-SP2/hotpatch_update/ https://repo.openeuler.org/openEuler-22.03-LTS-SP2/docker_img/update/ https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/multi_versio… https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/multi_versio… openEuler CVE 及安全公告公示链接： https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ https://repo.openeuler.org/security/data/hotpatch_cvrf/ openEuler-22.03-LTS-SP2 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高)：里程碑任务ID 任务标题优先级 sig组关联仓库任务路径 openEuler-22.03-LTS-SP2-round-2 I795G3 【22.03-LTS-SP2 round2】本次转测源中出现多个版本的containers-common 主要 sig/sig-CloudNative src-openEuler/skopeo https://gitee.com/open_euler/dashboard?issue_id=I795G3 openEuler-22.03-LTS-SP2-SEC I7AFIR 【22.03-LTS-SP2 round2】【x86/arm】libkae-1.2.10-6.oe2203sp2安全编译选项Rpath/Runpath不满足主要 sig-AccLib src-openEuler/libkae https://gitee.com/open_euler/dashboard?issue_id=I7AFIR 社区待修复漏洞： openEuler社区根据漏洞严重等级采取差异化的修复策略，请各个SIG 关注涉及CVE组件的修复情况。严重等级（Severity Rating）漏洞修复时长致命（Critical） 7天高（High） 14天中（Medium） 30天低（Low） 30天可参考社区安全委员会漏洞：https://gitee.com/openeuler/security-committee/wikis/%E7%A4%BE… 近14天将超期CVE（10.28日数据）: 漏洞编号 Issue ID 剩余天数 CVSS评分软件包责任SIG CVE-2023-45871 I885ON 0.14 9.8 kernel Kernel CVE-2023-41419 I84A04 5.55 9.8 python-gevent Programming-language CVE-2023-4584 I7WZ0C 1.14 8.8 firefox Application CVE-2023-32215 I71R4G 6.64 8.8 firefox Application CVE-2023-32213 I71R3Y 6.64 8.8 firefox Application CVE-2023-32207 I71R3W 6.64 8.8 firefox Application CVE-2023-29536 I6UVEI 6.64 8.8 firefox Application CVE-2023-29541 I6UVDN 6.64 8.8 firefox Application CVE-2023-29539 I6UVDJ 6.64 8.8 firefox Application CVE-2023-29550 I6UVCU 6.64 8.8 firefox Application CVE-2023-5217 I8AM9P 10.65 8.8 firefox Application CVE-2022-4886 I8B7TO 12.65 8.8 kubernetes sig-CloudNative CVE-2023-32254 I74FJA 10.65 8.1 kernel Kernel CVE-2019-16549 I8AXKW 12.65 8.1 maven sig-Java CVE-2023-46136 I8B1W7 12.65 8.0 python-werkzeug Programming-language CVE-2023-5717 I8B1X3 12.65 7.8 kernel Kernel CVE-2023-5557 I8BFS5 13.65 7.7 tracker3-miners GNOME CVE-2023-5044 I8B7T9 12.65 7.6 kubernetes sig-CloudNative CVE-2023-1999 I6VVSM 0.64 7.5 firefox Application CVE-2023-5632 I89456 4.66 7.5 mosquitto Application CVE-2023-45862 I885FJ 7.14 7.5 kernel Kernel CVE-2023-39325 I87L5D 8.98 7.5 golang sig-golang CVE-2023-31418 I8B9NG 13.65 7.5 python-elasticsearch7 sig-EasyLife CVE-2023-45677 I89S80 7.65 7.3 stb UKUI CVE-2023-45666 I89S7V 7.65 7.3 stb UKUI CVE-2023-45681 I89S7R 7.65 7.3 stb UKUI CVE-2023-45679 I89S7J 7.65 7.3 stb UKUI CVE-2023-45676 I89S6R 7.65 7.3 stb UKUI CVE-2023-45664 I89S4Q 7.65 7.3 stb UKUI CVE-2023-4575 I7WYY3 1.14 6.5 firefox Application CVE-2023-43898 I85EOY 5.75 5.5 stb UKUI CVE-2023-42754 I85DZB 10.47 5.5 kernel Kernel CVE-2023-4039 I80VW6 3.14 4.8 gcc Compiler CVE-2023-39194 I85DZ6 14.65 4.4 kernel Kernel CVE-2023-46604 I8BKJ8 6.65 10.0 activemq Application CVE-2023-42117 I8579C 1.56 0.0 exim Application CVE-2023-42116 I8579B 1.56 0.0 exim Application CVE-2023-42115 I8579A 1.56 0.0 exim Application CVE-2023-42119 I85799 1.56 0.0 exim Application CVE-2023-42114 I85797 1.56 0.0 exim Application CVE-2023-42118 I85795 1.56 0.0 exim Application CVE-2023-5388 I87Q34 14.51 0.0 nss sig-security-facility 社区关键组件待修复缺陷： openEuler社区存在无版本里程碑的缺陷，请各个SIG 关注涉及质量等级为L1-L2软件包的缺陷修复情况。社区提单可参考社区QA 版本测试提单规范 https://gitee.com/openeuler/QA/blob/master/%E7%A4%BE%E5%8C%BA%E7%89%88%E6%9… 关键组件待修复缺陷清单（无版本里程碑）：序号任务ID 任务标题任务类型创建时间优先级 sig组关联仓库任务路径 1 I8A77R Upgrade to latest release [alsa-lib: 1.2.9 2023/05/04 -> 1.2.10 2023/09/01] 任务 2023/10/23 16:22 无优先级 Computing src-openEuler/alsa-lib https://gitee.com/open_euler/dashboard?issue_id=I8A77R 2 I8AEZV openEuler bash 稀疏数组问题 (sparse array issue) 缺陷 2023/10/24 12:31 无优先级 Base-service src-openEuler/bash https://gitee.com/open_euler/dashboard?issue_id=I8AEZV 3 I7YM8F bunzip2 -L/-V和bzcat -L/-V查询信息打印异常且返回值不为0 任务 2023/9/5 11:06 无优先级 Base-service src-openEuler/bzip2 https://gitee.com/open_euler/dashboard?issue_id=I7YM8F 4 I6TQ8W curl命令向hadoop3.2.1 webhdfs put文件失败任务 2023/4/7 18:02 严重 Networking src-openEuler/curl https://gitee.com/open_euler/dashboard?issue_id=I6TQ8W 5 I80L4F [openEuler-22.03-LTS-Next]引入Lustre 修改版本e2fsprogs多版本支持任务 2023/9/12 10:26 无优先级 Storage src-openEuler/e2fsprogs https://gitee.com/open_euler/dashboard?issue_id=I80L4F 6 I89C8M 回合上游社区补丁,补丁数量：12 缺陷 2023/10/19 15:38 无优先级 Storage src-openEuler/e2fsprogs https://gitee.com/open_euler/dashboard?issue_id=I89C8M 7 I4V9K0 gcc 10.3.0 __libc_vfork符号丢失（i686架构）任务 2022/2/25 14:24 无优先级 Compiler src-openEuler/gcc https://gitee.com/open_euler/dashboard?issue_id=I4V9K0 8 I5RTUS X86架构下无法对mysql8进行autobolt模式反馈编译，报错缺陷 2022/9/19 15:47 无优先级 Compiler src-openEuler/gcc https://gitee.com/open_euler/dashboard?issue_id=I5RTUS 9 I5XP8E Bug in openEuler/gcc (10.3.0) ，22.03-LTS-performance 分支缺陷 2022/10/26 9:13 无优先级 Compiler src-openEuler/gcc https://gitee.com/open_euler/dashboard?issue_id=I5XP8E 10 I65UF9 aarch64架构boost icl模板库优化错误缺陷 2022/12/12 17:17 无优先级 Compiler src-openEuler/gcc https://gitee.com/open_euler/dashboard?issue_id=I65UF9 11 I6UDV8 Bug in openEuler/gcc (10.3.0) support for ARM SVE openmp 任务 2023/4/10 16:14 无优先级 Compiler src-openEuler/gcc https://gitee.com/open_euler/dashboard?issue_id=I6UDV8 12 I70VML 指针压缩选项的错误提示内容有误。缺陷 2023/5/6 16:45 无优先级 Compiler src-openEuler/gcc https://gitee.com/open_euler/dashboard?issue_id=I70VML 13 I7B6X5 gcc-pie-arm64架构和操作手册结果不同缺陷 2023/6/6 10:11 无优先级 Compiler src-openEuler/gcc https://gitee.com/open_euler/dashboard?issue_id=I7B6X5 14 I7BM6U 【openEuler-22.03-LTS-SP1 】548子项异常波动问题跟踪任务 2023/6/7 14:54 无优先级 Compiler src-openEuler/gcc https://gitee.com/open_euler/dashboard?issue_id=I7BM6U 15 I7CKVY peneuler 20.03 LTS arrch64 上安装 libreoffice 7.4.7.2 报错缺陷 2023/6/11 22:45 无优先级 Compiler src-openEuler/gcc https://gitee.com/open_euler/dashboard?issue_id=I7CKVY 16 I7CWOS Bug in openEuler/gcc (10.3.1) support for ARM SVE under O0 compiler level 任务 2023/6/12 20:51 无优先级 Compiler src-openEuler/gcc https://gitee.com/open_euler/dashboard?issue_id=I7CWOS 17 I7EZAZ 无法在sw_64下编译nodejs 任务 2023/6/20 16:50 无优先级 Compiler src-openEuler/gcc https://gitee.com/open_euler/dashboard?issue_id=I7EZAZ 18 I7YRN6 openEuler-20.03-LTS-SP3版本与openEuler-22.03-LTS版本x86上gcc参数差异导致编译出的二进制性能下降任务 2023/9/5 17:06 无优先级 Compiler src-openEuler/gcc https://gitee.com/open_euler/dashboard?issue_id=I7YRN6 19 I84L9F openEuler 22.03 LTS-SP1版本上编译node-v18.18.0的代码失败缺陷 2023/9/26 19:24 无优先级 Compiler src-openEuler/gcc https://gitee.com/open_euler/dashboard?issue_id=I84L9F 20 I8B80Y gcc中LTO的功能好像出现异常任务 2023/10/26 19:15 无优先级 Compiler src-openEuler/gcc https://gitee.com/open_euler/dashboard?issue_id=I8B80Y 21 I7TS5R master分支上glibc x86上构建出现“copy relocation against non-copyable protected symbol `protvaritcpt'”链接错误任务 2023/8/16 19:35 无优先级 Computing src-openEuler/glibc https://gitee.com/open_euler/dashboard?issue_id=I7TS5R 22 I57O76 从gnutls主包拆分gnutls-dane 任务 2022/5/16 17:18 无优先级 sig-security-facility src-openEuler/gnutls https://gitee.com/open_euler/dashboard?issue_id=I57O76 23 I6ZAYW spec 文件内指定了仅 gcc 支持的 CCASFLAGS 导致 LLVM 下 configure 错误任务 2023/4/27 13:20 无优先级 sig-security-facility src-openEuler/gnutls https://gitee.com/open_euler/dashboard?issue_id=I6ZAYW 24 I7LSWG Upgrade to latest release [gtk2: 2.24.33 2020/12/20 -> 4.11.4 2023/07/03] 任务 2023/7/17 20:50 无优先级 Desktop src-openEuler/gtk2 https://gitee.com/open_euler/dashboard?issue_id=I7LSWG 25 I6VDW2 打开一个80万行的文本，滑动滚轮，背景颜色会变黑任务 2023/4/13 15:15 无优先级 Desktop src-openEuler/gtk3 https://gitee.com/open_euler/dashboard?issue_id=I6VDW2 26 I80GMD ipv6 DNAT组网不通任务 2023/9/11 18:10 无优先级 Networking src-openEuler/iputils https://gitee.com/open_euler/dashboard?issue_id=I80GMD 27 I4UTGM 22.03分支kernel子包perf与libtraceevent有安装冲突任务 2022/2/22 20:23 无优先级 Kernel src-openEuler/kernel https://gitee.com/open_euler/dashboard?issue_id=I4UTGM 28 I4YT2R iscsi登录操作并发sysfs读操作概率导致空指针访问任务 2022/3/21 15:36 无优先级 Kernel src-openEuler/kernel https://gitee.com/open_euler/dashboard?issue_id=I4YT2R 29 I58CJR 删除iptable_filter.ko时出现空指针问题任务 2022/5/19 20:36 无优先级 Kernel src-openEuler/kernel https://gitee.com/open_euler/dashboard?issue_id=I58CJR 30 I59BY7 [openEuler-20.03-LTS-SP3] kernel build failed 20220525 任务 2022/5/26 11:08 无优先级 Kernel src-openEuler/kernel https://gitee.com/open_euler/dashboard?issue_id=I59BY7 31 I5C33B OLK-5.10 page owner功能增强任务 2022/6/13 20:30 无优先级 Kernel src-openEuler/kernel https://gitee.com/open_euler/dashboard?issue_id=I5C33B 32 I5D9J8 Upgrade to latest release [kernel: 5.10.0 -> 5.17] 任务 2022/6/21 10:01 无优先级 Kernel src-openEuler/kernel https://gitee.com/open_euler/dashboard?issue_id=I5D9J8 33 I5G321 【openEuler-1.0-LTS】nbd 加载/卸载模组和 alloc config并发导致 panic 任务 2022/7/8 9:05 无优先级 Kernel src-openEuler/kernel https://gitee.com/open_euler/dashboard?issue_id=I5G321 34 I5H311 修复CVE-2022-2380 任务 2022/7/14 15:27 无优先级 Kernel src-openEuler/kernel https://gitee.com/open_euler/dashboard?issue_id=I5H311 35 I5I2M8 x86: Improve testing false positive for tst-cpu-features-cpuinfo with bad hardware. 任务 2022/7/21 9:47 无优先级 Kernel src-openEuler/kernel https://gitee.com/open_euler/dashboard?issue_id=I5I2M8 36 I5JKG6 【安装冲突arm/x86_64】openEuler:22.09分支libtraceevent与kernel子包perf安装冲突任务 2022/7/29 14:57 无优先级 Kernel src-openEuler/kernel https://gitee.com/open_euler/dashboard?issue_id=I5JKG6 37 I5LO4A 【22.03 LTS ARM】鲲鹏 920 x8 安装 OS 时，卡死在内核启动界面。任务 2022/8/10 17:19 无优先级 Kernel src-openEuler/kernel https://gitee.com/open_euler/dashboard?issue_id=I5LO4A 38 I5NXF8 当前kernel提供的spec中，定义了kernel-headers，但是未定义版本号，部分依赖于kernel-headers高版本的软件包错误的被安装在了低版本内核上任务 2022/8/24 17:00 无优先级 Kernel src-openEuler/kernel https://gitee.com/open_euler/dashboard?issue_id=I5NXF8 39 I5OOLB 反复触发i40e网卡sriov增删vf后，iavf_remove触发BUG_ON at drivers/pci/msi.c:397 任务 2022/8/29 20:23 无优先级 Kernel src-openEuler/kernel https://gitee.com/open_euler/dashboard?issue_id=I5OOLB 40 I5OYJZ kernel源码包构建失败任务 2022/8/31 11:21 无优先级 Kernel src-openEuler/kernel https://gitee.com/open_euler/dashboard?issue_id=I5OYJZ 41 I5PBRB 注入内存申请故障，i40iw_initialize_dev失败时出现oops复位任务 2022/9/2 9:56 无优先级 Kernel src-openEuler/kernel https://gitee.com/open_euler/dashboard?issue_id=I5PBRB 42 I5RH8C 内存可靠性分级需求任务 2022/9/16 16:16 无优先级 Kernel src-openEuler/kernel https://gitee.com/open_euler/dashboard?issue_id=I5RH8C 43 I5V92B openEuler是否有开启CONFIG_AUXILIARY_BUS配置的计划任务 2022/10/12 11:37 无优先级 Kernel src-openEuler/kernel https://gitee.com/open_euler/dashboard?issue_id=I5V92B 44 I5VCIJ openEuler如何适配新硬件，请提供适配流程指导任务 2022/10/12 17:14 无优先级 Kernel src-openEuler/kernel https://gitee.com/open_euler/dashboard?issue_id=I5VCIJ 45 I5WCP1 回合bpftool prog attach/detach命令任务 2022/10/18 16:10 无优先级 Kernel src-openEuler/kernel https://gitee.com/open_euler/dashboard?issue_id=I5WCP1 46 I63MC3 openEuler20.03-LTS-SP1 raid4 出现D状态缺陷 2022/11/29 10:04 主要 Kernel src-openEuler/kernel https://gitee.com/open_euler/dashboard?issue_id=I63MC3 47 I65BIS swapoff 与 do_swap_page race问题任务 2022/12/8 16:32 无优先级 Kernel src-openEuler/kernel https://gitee.com/open_euler/dashboard?issue_id=I65BIS 48 I6FZWY 主线回合scsi: iscsi_tcp: Fix UAF during logout and login 任务 2023/2/18 11:10 无优先级 Kernel src-openEuler/kernel https://gitee.com/open_euler/dashboard?issue_id=I6FZWY 49 I6HXB9 kernel.spec中是否会新增打包intel-sst工具任务 2023/2/27 10:06 无优先级 Kernel src-openEuler/kernel https://gitee.com/open_euler/dashboard?issue_id=I6HXB9 50 I6LBR9 【oe 23.03】/proc/sys/kernel/core_pattern中写脚本时收集不到core文件任务 2023/3/9 14:20 无优先级 Kernel src-openEuler/kernel https://gitee.com/open_euler/dashboard?issue_id=I6LBR9 51 I6N49D 【openeuler-22.03-LTS-SP】任务 2023/3/14 20:12 无优先级 Kernel src-openEuler/kernel https://gitee.com/open_euler/dashboard?issue_id=I6N49D 52 I6N49G 【openeuler-22.03-LTS-SP1】openeuler-22.03-LTS-SP1 x86默认不再编译bcache，导致bcache业务无法正常使用任务 2023/3/14 20:13 无优先级 Kernel src-openEuler/kernel https://gitee.com/open_euler/dashboard?issue_id=I6N49G 53 I6OEXX 5.10按照per-node配置大页数量hugepages=0:5,4:6,2:-2,7:3现象和6.1不一致缺陷 2023/3/20 10:37 无优先级 Kernel src-openEuler/kernel https://gitee.com/open_euler/dashboard?issue_id=I6OEXX 54 I6OLND 关闭kdump情况下触发panic可能会卡死任务 2023/3/20 16:58 无优先级 Kernel src-openEuler/kernel https://gitee.com/open_euler/dashboard?issue_id=I6OLND 55 I6ORVZ 【22.03-LTS-SP1】modprobe强制加载内核模块失败Key was rejected by service 任务 2023/3/21 10:52 无优先级 Kernel src-openEuler/kernel https://gitee.com/open_euler/dashboard?issue_id=I6ORVZ 56 I6P3II [openEuler-22.03-LTS-SP1] arm 内核不支持files cgroup 任务 2023/3/22 10:20 无优先级 Kernel src-openEuler/kernel https://gitee.com/open_euler/dashboard?issue_id=I6P3II 57 I6PV1X 【openEuler-20.03-LTS-SP3】客户现网两台openEuler宿主机的两台centos虚拟机之间通信，10分之一的概率出现udp丢包导致业务异常任务 2023/3/24 12:25 无优先级 Kernel src-openEuler/kernel https://gitee.com/open_euler/dashboard?issue_id=I6PV1X 58 I6VWNS 主线补丁：udp: skip L4 aggregation for UDP tunnel packets分析任务 2023/4/15 10:37 无优先级 Kernel src-openEuler/kernel https://gitee.com/open_euler/dashboard?issue_id=I6VWNS 59 I70U2A 【openEuler-23.03】wifi功能使用问题任务 2023/5/6 15:21 无优先级 Kernel src-openEuler/kernel https://gitee.com/open_euler/dashboard?issue_id=I70U2A 60 I73TNL 开启FIPS模式重启系统内核自检ofb(aes)算法失败导致panic 任务 2023/5/17 14:33 无优先级 Kernel src-openEuler/kernel https://gitee.com/open_euler/dashboard?issue_id=I73TNL 61 I73Z10 openeuler 23.03 kernel-6.1.19.src.rpm 编译打包报错任务 2023/5/17 18:52 无优先级 Kernel src-openEuler/kernel https://gitee.com/open_euler/dashboard?issue_id=I73Z10 62 I7BRC1 perf 与 libtraceevent 软件包存在安装冲突缺陷 2023/6/7 20:42 无优先级 Kernel src-openEuler/kernel https://gitee.com/open_euler/dashboard?issue_id=I7BRC1 63 I7F55T lmbench 时延测试在kunpeng 5250场景下 SP2相比SP1回退缺陷 2023/6/21 10:47 无优先级 Kernel src-openEuler/kernel https://gitee.com/open_euler/dashboard?issue_id=I7F55T 64 I7JFSR openEuler-22.03-LTS-SP1 Bcache I/O跌零严重持续时间长且很频繁，基本无法使用缺陷 2023/7/7 15:22 无优先级 Kernel src-openEuler/kernel https://gitee.com/open_euler/dashboard?issue_id=I7JFSR 65 I7O8KA 【openEuler-22.03-LTS-SP2】修改虚拟机内核启动参数，Guest-Idle-Haltpoll特性无法生效缺陷 2023/7/26 17:27 无优先级 Kernel src-openEuler/kernel https://gitee.com/open_euler/dashboard?issue_id=I7O8KA 66 I855U7 编译内核make menuconfig报make: *** [Makefile:603: menuconfig] Error 2 错误任务 2023/9/29 8:42 无优先级 Kernel src-openEuler/kernel https://gitee.com/open_euler/dashboard?issue_id=I855U7 67 I85V5C kernel-rt.spec、raspberrypi-kernel.spec、raspberrypi-kernel-rt.spec编译失败缺陷 2023/10/7 16:15 无优先级 Kernel src-openEuler/kernel https://gitee.com/open_euler/dashboard?issue_id=I85V5C 68 I88MZV [EulerMaker] kernel: kernel-rt/raspberrypi-kernel-rt/raspberrypi-kernel build problem in openEuler-22.03-LTS-Next:everything 缺陷 2023/10/17 10:32 不重要 Kernel src-openEuler/kernel https://gitee.com/open_euler/dashboard?issue_id=I88MZV 69 I8ATME [20.03-lts-sp4]Add the feature of pcie PTT and Add support 4TB bar 任务 2023/10/25 16:08 无优先级 Kernel src-openEuler/kernel https://gitee.com/open_euler/dashboard?issue_id=I8ATME 70 I7B6KR kerberos安装缺少krb5-auth-dialog 和 krb5-workstation 任务 2023/6/6 9:51 无优先级 Base-service src-openEuler/krb5 https://gitee.com/open_euler/dashboard?issue_id=I7B6KR 71 I8AFBW pam_cgroup.so不生效缺陷 2023/10/24 13:28 无优先级 sig-CloudNative src-openEuler/libcgroup https://gitee.com/open_euler/dashboard?issue_id=I8AFBW 72 I82QEW 回合社区bugfix补丁任务 2023/9/19 20:34 无优先级 Base-service src-openEuler/libevent https://gitee.com/open_euler/dashboard?issue_id=I82QEW 73 I7L94Q Upgrade to latest release [libvirt: 6.2.0 2020/04/02 -> 9.5.0 2023/07/03] 任务 2023/7/14 17:07 无优先级 Virt src-openEuler/libvirt https://gitee.com/open_euler/dashboard?issue_id=I7L94Q 74 I7LTBB Upgrade to latest release [libXi: 1.8 2021/09/15 -> 1.8.1 2023/05/04] 任务 2023/7/17 21:54 无优先级 Desktop src-openEuler/libXi https://gitee.com/open_euler/dashboard?issue_id=I7LTBB 75 I89B05 R8全量升级R12重启后，dracut重做initrd后重启，概率性出现重启时/boot/efi挂载失败，环境重启失败缺陷 2023/10/19 14:34 无优先级 Storage src-openEuler/lvm2 https://gitee.com/open_euler/dashboard?issue_id=I89B05 76 I8A6GB Upgrade to latest release [lvm2: 2.03.21 2023/04/21 -> 2.03.22 2023/08/02] 任务 2023/10/23 15:49 无优先级 Storage src-openEuler/lvm2 https://gitee.com/open_euler/dashboard?issue_id=I8A6GB 77 I6MJB4 openssl 3.0 支持TLCP特性任务 2023/3/13 11:35 无优先级 sig-security-facility src-openEuler/openssl https://gitee.com/open_euler/dashboard?issue_id=I6MJB4 78 I6YYXA OpenEuler23.03不支持platform-python，如何解决任务 2023/4/26 10:55 无优先级 Base-service src-openEuler/python3 https://gitee.com/open_euler/dashboard?issue_id=I6YYXA 79 I71KX8 python3.spec文件中，无效的ifarch语句任务 2023/5/9 15:00 无优先级 Base-service src-openEuler/python3 https://gitee.com/open_euler/dashboard?issue_id=I71KX8 80 I7KA4H Upgrade to latest release [python3: 3.10.9 2022/12/06 -> 3.11.4 2023/06/06] 任务 2023/7/11 15:13 无优先级 Base-service src-openEuler/python3 https://gitee.com/open_euler/dashboard?issue_id=I7KA4H 81 I7KBUF pyconfig-64.h中定义了__CHAR_UNSIGNED__ 改变了编译行为，导致程序运行出错任务 2023/7/11 16:27 无优先级 Base-service src-openEuler/python3 https://gitee.com/open_euler/dashboard?issue_id=I7KBUF 82 I80GO2 python执行正则表达式的时候，由于匹配范围较大，导致占用内存超10M 任务 2023/9/11 18:16 无优先级 Base-service src-openEuler/python3 https://gitee.com/open_euler/dashboard?issue_id=I80GO2 83 I6PA84 神威架构，虚拟化启动失败任务 2023/3/22 17:20 无优先级 Virt src-openEuler/qemu https://gitee.com/open_euler/dashboard?issue_id=I6PA84 84 I6ZOUM qemu-6.2.0 内存预分配性能比 qemu-4.1.0有严重下降任务 2023/4/28 17:37 无优先级 Virt src-openEuler/qemu https://gitee.com/open_euler/dashboard?issue_id=I6ZOUM 85 I7A5FW Fixed CPU topology issues and add lbt support for kvm. 任务 2023/6/1 17:18 无优先级 Virt src-openEuler/qemu https://gitee.com/open_euler/dashboard?issue_id=I7A5FW 86 I7AAWF 2203-SP2下安装虚拟机，CPU为FT-2000+，使用host-model启动虚拟机失败任务 2023/6/2 10:46 无优先级 Virt src-openEuler/qemu https://gitee.com/open_euler/dashboard?issue_id=I7AAWF 87 I7L968 Upgrade to latest release [qemu: 6.2.0 2021/12/14 -> 8.0.3 2023/07/09] 任务 2023/7/14 17:09 无优先级 Virt src-openEuler/qemu https://gitee.com/open_euler/dashboard?issue_id=I7L968 88 I8790J need EPYC-Genoa model support 任务 2023/10/11 16:53 无优先级 Virt src-openEuler/qemu https://gitee.com/open_euler/dashboard?issue_id=I8790J 89 I7EHM1 回合社区补丁到22.03 任务 2023/6/19 11:29 无优先级 Base-service src-openEuler/shadow https://gitee.com/open_euler/dashboard?issue_id=I7EHM1 90 I67IFE 建议sssd拆分出对应功能的子包任务 2022/12/26 16:49 无优先级 Base-service src-openEuler/sssd https://gitee.com/open_euler/dashboard?issue_id=I67IFE 91 I891RW sss_nss_mc_destroy_ctx()函数可能会关闭daemon进程打开的文件缺陷 2023/10/18 15:23 无优先级 Base-service src-openEuler/sssd https://gitee.com/open_euler/dashboard?issue_id=I891RW 92 I7VW3D tmp.mount状态是active，/tmp目录被挂载为tmpfs文件系统任务 2023/8/25 13:19 无优先级 Base-service src-openEuler/systemd https://gitee.com/open_euler/dashboard?issue_id=I7VW3D 93 I84DBH 使用x2openEuler把centos7.0升级到openEuler22.03LTS出现boot分区挂载不上的情况任务 2023/9/26 10:30 无优先级 Base-service src-openEuler/systemd https://gitee.com/open_euler/dashboard?issue_id=I84DBH 94 I89N38 ExecStartPre在x86_64环境下异常,启动服务失败缺陷 2023/10/20 15:23 无优先级 Base-service src-openEuler/systemd https://gitee.com/open_euler/dashboard?issue_id=I89N38 95 I8A9RQ /dev/vhost*设备权限不当，普通用户可以操作缺陷 2023/10/23 19:25 无优先级 Base-service src-openEuler/systemd https://gitee.com/open_euler/dashboard?issue_id=I8A9RQ openEuler 社区指导文档及开放平台链接： openEuler 版本分支维护规范： https://gitee.com/openeuler/release-management/blob/master/openEuler%E7%89%… openEuler release-management 版本分支PR指导： https://gitee.com/openeuler/release-management/blob/master/openEuler%E5%BC%… 社区QA 版本测试提单规范 https://gitee.com/openeuler/QA/blob/master/%E7%A4%BE%E5%8C%BA%E7%89%88%E6%9… 社区QA 测试平台 radiates https://radiatest.openeuler.org<https://radiatest.openeuler.org/>

1 0

[Release] openEuler update_20231018版本发布公告
by update版本发布邮箱 21 Oct '23

21 Oct '23

主题: openEuler update_20231018版本发布公告 Dear all，经社区Release SIG、QA SIG及 CICD SIG 评估，openEuler-20.03-LTS-SP1、openEuler-20.03-LTS-SP3、openEuler-22.03-LTS、openEuler-22.03-LTS-SP1及openEuler-22.03-LTS-SP2 update版本满足版本出口质量，现进行发布公示。本公示分为七部分： 1、openEuler-20.03-LTS-SP1 Update 20231018发布情况及待修复缺陷 2、openEuler-20.03-LTS-SP3 Update 20231018发布情况及待修复缺陷 3、openEuler-22.03-LTS Update 20231018发布情况及待修复缺陷 4、openEuler-22.03-LTS-SP1 Update 20231018发布情况及待修复缺陷 5、openEuler-22.03-LTS-SP2 Update 20231018发布情况及待修复缺陷 6、openEuler 关键组件待修复CVE 清单 7、openEuler 社区指导文档及开放平台链接本次update版本发布后，下一个版本里程碑点（预计在2023/10/27）提供 update_20231025 版本。 openEuler-20.03-LTS-SP1 Update 20231018 经各SIG及社区开发者贡献，本周openEuler-20.03-LTS-SP1修复版本已知问题11个，已知漏洞15个。目前版本分支剩余待修复缺陷10个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP1 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I88AEC?from=project-i… CVE修复： CVE 仓库 score #I85JSV:CVE-2023-5441<https://gitee.com/open_euler/dashboard?issue_id=I85JSV> vim 8.2 #I87OMW:CVE-2023-5535<https://gitee.com/open_euler/dashboard?issue_id=I87OMW> vim 7.8 #I849BM:CVE-2023-5157<https://gitee.com/open_euler/dashboard?issue_id=I849BM> mariadb 7.5 #I87062:CVE-2023-42669<https://gitee.com/open_euler/dashboard?issue_id=I87062> samba 6.5 #I87CXU:CVE-2023-4091<https://gitee.com/open_euler/dashboard?issue_id=I87CXU> samba 6.5 #I85U1I:CVE-2023-45322<https://gitee.com/open_euler/dashboard?issue_id=I85U1I> libxml2 6.5 #I7M5BR:CVE-2023-38470<https://gitee.com/open_euler/dashboard?issue_id=I7M5BR> avahi 6.2 #I85CAQ:CVE-2023-39193<https://gitee.com/open_euler/dashboard?issue_id=I85CAQ> kernel 6 #I86MTP:CVE-2023-39189<https://gitee.com/open_euler/dashboard?issue_id=I86MTP> kernel 6 #I84B2W:CVE-2023-42755<https://gitee.com/open_euler/dashboard?issue_id=I84B2W> kernel 5.5 #I7K39B:CVE-2018-2799<https://gitee.com/open_euler/dashboard?issue_id=I7K39B> xerces-j2 5.3 #I885C5:CVE-2023-45853<https://gitee.com/open_euler/dashboard?issue_id=I885C5> zlib 1 #I86P7R:CVE-2023-38545<https://gitee.com/open_euler/dashboard?issue_id=I86P7R> curl 1 #I86P7X:CVE-2023-38546<https://gitee.com/open_euler/dashboard?issue_id=I86P7X> curl 1 #I84TVR:CVE-2023-43040<https://gitee.com/open_euler/dashboard?issue_id=I84TVR> ceph 1 Bugfix： issue 仓库 #I50XDF:编译失败<https://gitee.com/open_euler/dashboard?issue_id=I50XDF> libdb #I6EACA:【22.03 SP1 update20230208】【arm/x86】newt编译失败<https://gitee.com/open_euler/dashboard?issue_id=I6EACA> newt #I6J2KR:CVE-2CVE-2021-36976上游社区补丁更新<https://gitee.com/open_euler/dashboard?issue_id=I6J2KR> libarchive #I841PH:glib2存在死锁场景，可能导致执行realm join --verbose HDOMAIN.LOCAL -U aduser(a)HDOMAIN.LOCAL --membership-software=samba 加入域会偶现卡住的情况<https://gitee.com/open_euler/dashboard?issue_id=I841PH> glib2 #I5UV2R: 回合上游社区补丁<https://gitee.com/open_euler/dashboard?issue_id=I5UV2R> libsolv #I7AW5E:logrotate配置prerotate执行失败时，已备份日志会被重命名<https://gitee.com/open_euler/dashboard?issue_id=I7AW5E> logrotate #I7OXK8: 【openEuler-1.0-LTS】TS200-2280K ,系统侧有inode的报错<https://gitee.com/open_euler/dashboard?issue_id=I7OXK8> kernel #I85XB3:[openEuler-1.0-LTS] 修复init_per_cpu()的空指针解引用<https://gitee.com/open_euler/dashboard?issue_id=I85XB3> kernel #I86GWG:针对某些盘NCQ场景通过D2H帧返回UNC场景优化<https://gitee.com/open_euler/dashboard?issue_id=I86GWG> kernel #I88UBD:【openEuler-1.0-LTS】The compilation fails due to the disabling of CONFIG_MICROCODE_AMD.<https://gitee.com/open_euler/dashboard?issue_id=I88UBD> kernel #I88WX3:syzkaller触发WARNING in armv8pmu_read_counter<https://gitee.com/open_euler/dashboard?issue_id=I88WX3> kernel openEuler-20.03-LTS-SP1版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1 https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1:Epol openEuler-20.03-LTS-SP1 Update版本发布源链接： https://repo.openeuler.org/openEuler-20.03-LTS-SP1/update/ https://repo.openeuler.org/openEuler-20.03-LTS-SP1/EPOL/update/ https://repo.openeuler.org/openEuler-20.03-LTS-SP1/docker_img/update/ openEuler CVE 及安全公告公示链接： https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-20.03-LTS-SP1 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高)：里程碑任务ID 任务标题优先级 sig组关联仓库任务路径 openEuler 20.03LTS SP1 update2103 I3E5C1 【20.03-SP1】【arm/x86】服务启动失败主要 regression-failed src-openEuler/hadoop https://gitee.com/open_euler/dashboard?issue_id=I3E5C1 openEuler 20.03LTS SP1 update210901 I48GIM 【20.03LTS SP1 update 210901】ovirt-cockpit-sso.service服务启动失败主要 sig-oVirt src-openEuler/ovirt-cockpit-sso https://gitee.com/open_euler/dashboard?issue_id=I48GIM openEuler 20.03-LTS-SP1 I4J0OY 【20.03 SP1】【arm/x86】安装好libdap后，getdap4命令的-i和-k参数使用异常主要 sig/sig-recycle src-openEuler/libdap https://gitee.com/open_euler/dashboard?issue_id=I4J0OY openEuler 20.03-LTS-SP1 I4JMG4 【20.03 SP1】【arm/x86】robotframework包的三个命令：libdoc、rebot、robot执行--help/-h/-?/--version，查看帮助信息和版本信息，返回值为251 主要 sig/sig-ROS src-openEuler/python-robotframework https://gitee.com/open_euler/dashboard?issue_id=I4JMG4 openEuler 20.03-LTS-SP1 I5DLX7 [20.03 22.03] 管理员指南操作文档mysql服务搭建指导文档有误主要 sig/doc openEuler/docs https://gitee.com/open_euler/dashboard?issue_id=I5DLX7 openEuler 20.03-LTS-SP1 I6VFAE [20.03 SP1] [x86/arm] mariadb授权给远程用户，远程连接服务失败次要 sig/DB src-openEuler/mariadb https://gitee.com/open_euler/dashboard?issue_id=I6VFAE openEuler-20.03-LTS-SP1 I3QGU7 系统不支持GB18030 无优先级 sig/TC openEuler/community https://gitee.com/open_euler/dashboard?issue_id=I3QGU7 openEuler 20.03LTS SP1 update210926 I4CMSV 【20.03-LTS-SP1】【arm/x86】搭建Kubernetes 集群缺少包etcd 无优先级 sig/TC openEuler/community https://gitee.com/open_euler/dashboard?issue_id=I4CMSV openEuler 20.03LTS SP1 update220111 I4QV6N 【openEuler-20.03-LTS-SP1】flink命令执行失败无优先级 sig/sig-ai-bigdata src-openEuler/flink https://gitee.com/open_euler/dashboard?issue_id=I4QV6N openEuler-20.03-LTS-SP1-dailybuild I5Y99T mate-desktop install problem in openEuler:20:03:LTS:SP1 无优先级 sig/sig-mate-desktop src-openEuler/mate-desktop https://gitee.com/open_euler/dashboard?issue_id=I5Y99T openEuler-20.03-LTS-SP3 Update 20231018 经各SIG及社区开发者贡献，本周openEuler-20.03-LTS-SP3修复版本已知问11个，已知漏洞15个。目前版本分支剩余待修复缺陷 6个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP3 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I88AEE?from=project-i… CVE修复： CVE 仓库 score #I85JSV:CVE-2023-5441<https://gitee.com/open_euler/dashboard?issue_id=I85JSV> vim 8.2 #I87OMW:CVE-2023-5535<https://gitee.com/open_euler/dashboard?issue_id=I87OMW> vim 7.8 #I849BM:CVE-2023-5157<https://gitee.com/open_euler/dashboard?issue_id=I849BM> mariadb 7.5 #I87062:CVE-2023-42669<https://gitee.com/open_euler/dashboard?issue_id=I87062> samba 6.5 #I87CXU:CVE-2023-4091<https://gitee.com/open_euler/dashboard?issue_id=I87CXU> samba 6.5 #I85U1I:CVE-2023-45322<https://gitee.com/open_euler/dashboard?issue_id=I85U1I> libxml2 6.5 #I7M5BR:CVE-2023-38470<https://gitee.com/open_euler/dashboard?issue_id=I7M5BR> avahi 6.2 #I85CAQ:CVE-2023-39193<https://gitee.com/open_euler/dashboard?issue_id=I85CAQ> kernel 6 #I86MTP:CVE-2023-39189<https://gitee.com/open_euler/dashboard?issue_id=I86MTP> kernel 6 #I84B2W:CVE-2023-42755<https://gitee.com/open_euler/dashboard?issue_id=I84B2W> kernel 5.5 #I7K39B:CVE-2018-2799<https://gitee.com/open_euler/dashboard?issue_id=I7K39B> xerces-j2 5.3 #I86P7R:CVE-2023-38545<https://gitee.com/open_euler/dashboard?issue_id=I86P7R> curl 1 #I86P7X:CVE-2023-38546<https://gitee.com/open_euler/dashboard?issue_id=I86P7X> curl 1 #I84TVR:CVE-2023-43040<https://gitee.com/open_euler/dashboard?issue_id=I84TVR> ceph 1 #I885C5:CVE-2023-45853<https://gitee.com/open_euler/dashboard?issue_id=I885C5> zlib 1 Bugfix： issue 仓库 #I6EACA:【22.03 SP1 update20230208】【arm/x86】newt编译失败<https://gitee.com/open_euler/dashboard?issue_id=I6EACA> newt #I6J2KR:CVE-2CVE-2021-36976上游社区补丁更新<https://gitee.com/open_euler/dashboard?issue_id=I6J2KR> libarchive #I841PH:glib2存在死锁场景，可能导致执行realm join --verbose HDOMAIN.LOCAL -U aduser(a)HDOMAIN.LOCAL --membership-software=samba 加入域会偶现卡住的情况<https://gitee.com/open_euler/dashboard?issue_id=I841PH> glib2 #I5UV2R: 回合上游社区补丁<https://gitee.com/open_euler/dashboard?issue_id=I5UV2R> libsolv #I7AW5E:logrotate配置prerotate执行失败时，已备份日志会被重命名<https://gitee.com/open_euler/dashboard?issue_id=I7AW5E> logrotate #I7OXK8: 【openEuler-1.0-LTS】TS200-2280K ,系统侧有inode的报错<https://gitee.com/open_euler/dashboard?issue_id=I7OXK8> kernel #I85XB3:[openEuler-1.0-LTS] 修复init_per_cpu()的空指针解引用<https://gitee.com/open_euler/dashboard?issue_id=I85XB3> kernel #I86GWG:针对某些盘NCQ场景通过D2H帧返回UNC场景优化<https://gitee.com/open_euler/dashboard?issue_id=I86GWG> kernel #I88UBD:【openEuler-1.0-LTS】The compilation fails due to the disabling of CONFIG_MICROCODE_AMD.<https://gitee.com/open_euler/dashboard?issue_id=I88UBD> kernel #I88WX3:syzkaller触发WARNING in armv8pmu_read_counter<https://gitee.com/open_euler/dashboard?issue_id=I88WX3> kernel openEuler-20.03-LTS-SP3版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3 https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3:Epol openEuler-20.03-LTS-SP3 Update版本发布源链接： https://repo.openeuler.org/openEuler-20.03-LTS-SP3/update/ https://repo.openeuler.org/openEuler-20.03-LTS-SP3/EPOL/update/main/ https://repo.openeuler.org/openEuler-20.03-LTS-SP3/docker_img/update/ openEuler CVE及安全公告公示链接： https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-20.03-LTS-SP3 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高)：里程碑任务ID 任务标题优先级 sig组关联仓库任务路径 openEuler 20.03-LTS-SP3 I5KXUY 【20.03 LTS SP3 update 20220803】【arm/x86】ovirt-cockpit-sso.service服务启动失败主要 sig/oVirt src-openEuler/ovirt-cockpit-sso https://gitee.com/open_euler/dashboard?issue_id=I5KXUY openEuler-20.03-LTS-SP3 I5KY4S 【20.03 LTS SP3 update 20220803】【arm/x86】vdsmd.service服务启动失败，导致mom-vdsm.service服务无法启动成功主要 sig/oVirt src-openEuler/vdsm https://gitee.com/open_euler/dashboard?issue_id=I5KY4S openEuler-20.03-LTS-SP3 I6VFMI [20.03 SP3] [x86/arm] mariadb授权给远程用户，远程连接服务失败次要 sig/DB src-openEuler/mariadb https://gitee.com/open_euler/dashboard?issue_id=I6VFMI openEuler-20.03-LTS-SP3 I72HWV 【20.03-lts-sp3】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败次要 sig/Base-service src-openEuler/php https://gitee.com/open_euler/dashboard?issue_id=I72HWV openEuler-20.03-LTS-SP3 I7QP67 [20.03-LTS-SP3]openssh自编译失败，提示缺少bc命令次要 sig/Base-service src-openEuler/openEuler-release https://gitee.com/open_euler/dashboard?issue_id=I7QP67 openEuler 20.03LTS SP3 update220111 I4QV7S 【openEuler-20.03-LTS-SP3】flink run 命令执行失败无优先级 sig/sig-ai-bigdata src-openEuler/flink https://gitee.com/open_euler/dashboard?issue_id=I4QV7S openEuler-22.03-LTS Update 20231018 经各SIG及社区开发者贡献，本周openEuler-22.03-LTS修复版本已知问题10个，已知漏洞15个。目前版本分支剩余待修复缺陷4个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I88AEF?from=project-i… CVE修复： CVE 仓库 score #I86NLQ:CVE-2023-43641<https://gitee.com/open_euler/dashboard?issue_id=I86NLQ> libcue 8.8 #I837XU:CVE-2023-4504<https://gitee.com/open_euler/dashboard?issue_id=I837XU> cups 8.8 #I85JSV:CVE-2023-5441<https://gitee.com/open_euler/dashboard?issue_id=I85JSV> vim 8.2 #I87OMW:CVE-2023-5535<https://gitee.com/open_euler/dashboard?issue_id=I87OMW> vim 7.8 #I849BM:CVE-2023-5157<https://gitee.com/open_euler/dashboard?issue_id=I849BM> mariadb 7.5 #I85U1I:CVE-2023-45322<https://gitee.com/open_euler/dashboard?issue_id=I85U1I> libxml2 6.5 #I87062:CVE-2023-42669<https://gitee.com/open_euler/dashboard?issue_id=I87062> samba 6.5 #I87CXU:CVE-2023-4091<https://gitee.com/open_euler/dashboard?issue_id=I87CXU> samba 6.5 #I7M5BR:CVE-2023-38470<https://gitee.com/open_euler/dashboard?issue_id=I7M5BR> avahi 6.2 #I84B2W:CVE-2023-42755<https://gitee.com/open_euler/dashboard?issue_id=I84B2W> kernel 5.5 #I7K39B:CVE-2018-2799<https://gitee.com/open_euler/dashboard?issue_id=I7K39B> xerces-j2 5.3 #I86P7R:CVE-2023-38545<https://gitee.com/open_euler/dashboard?issue_id=I86P7R> curl 1 #I86P7X:CVE-2023-38546<https://gitee.com/open_euler/dashboard?issue_id=I86P7X> curl 1 #I885C5:CVE-2023-45853<https://gitee.com/open_euler/dashboard?issue_id=I885C5> zlib 1 #I84TVR:CVE-2023-43040<https://gitee.com/open_euler/dashboard?issue_id=I84TVR> ceph 1 Bugfix： issue 仓库 #I7Y90Y:回合上游社区补丁,补丁数量：3<https://gitee.com/open_euler/dashboard?issue_id=I7Y90Y> python3 #I7X6YS:openldap社区补丁分析回合<https://gitee.com/open_euler/dashboard?issue_id=I7X6YS> openldap #I7E9D3:libtirpc解耦无效依赖man-db<https://gitee.com/open_euler/dashboard?issue_id=I7E9D3> libtirpc #I6EACA:【22.03 SP1 update20230208】【arm/x86】newt编译失败<https://gitee.com/open_euler/dashboard?issue_id=I6EACA> newt #I5WJOD:fix URL<https://gitee.com/open_euler/dashboard?issue_id=I5WJOD> libgpg-error #I6J2KR:CVE-2CVE-2021-36976上游社区补丁更新<https://gitee.com/open_euler/dashboard?issue_id=I6J2KR> libarchive #I5UOYG:secbinarycheck扫描安全配置结果，请分析备案<https://gitee.com/open_euler/dashboard?issue_id=I5UOYG> libpng #I841PH:glib2存在死锁场景，可能导致执行realm join --verbose HDOMAIN.LOCAL -U aduser(a)HDOMAIN.LOCAL --membership-software=samba 加入域会偶现卡住的情况<https://gitee.com/open_euler/dashboard?issue_id=I841PH> glib2 #I7STNB:libsolv补丁分析回合<https://gitee.com/open_euler/dashboard?issue_id=I7STNB> libsolv #I82QPR:【OLK-5.10/openEuler-1.0-LTS】softlockup in rcu_momentary_dyntick_idle<https://gitee.com/open_euler/dashboard?issue_id=I82QPR> kernel openEuler-22.03-LTS版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:22.03:LTS https://build.openeuler.org/project/show/openEuler:22.03:LTS:Epol openEuler-22.03-LTS Update版本发布源链接： https://repo.openeuler.org/openEuler-22.03-LTS/update/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/main/ https://repo.openeuler.org/openEuler-22.03-LTS/docker_img/update/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/ob… openEuler CVE 及安全公告公示链接： https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-22.03-LTS Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高)：里程碑任务ID 任务标题优先级 sig组关联仓库任务路径 openEuler-22.03-LTS update20230726 I7ORCE 【22.03 LTS update20230726】【arm\x86】selinux-policy-base的版本不符合ceph子包的安装条件，ceph子包安装失败; cephadm卸载有异常打印主要 sig/sig-SDS src-openEuler/ceph https://gitee.com/open_euler/dashboard?issue_id=I7ORCE openEuler-22.03-LTS I596H5 openEuler官网中安全加固指南模块—>加固指导—>系统服务—>ssh加固项说明：加固建议中多添加了@符号次要 sig/doc openEuler/docs https://gitee.com/open_euler/dashboard?issue_id=I596H5 openEuler-22.03-LTS I6VFRX [22.03-LTS][x86/arm]mariadb授权给远程用户，远程连接服务失败次要 sig/DB src-openEuler/mariadb https://gitee.com/open_euler/dashboard?issue_id=I6VFRX openEuler-22.03-LTS I72N5G 【22.03-lts】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败次要 sig/Base-service src-openEuler/php https://gitee.com/open_euler/dashboard?issue_id=I72N5G openEuler-22.03-LTS-SP1 Update 20231018 经各SIG及社区开发者贡献，本周openEuler-22.03-LTS-SP1修复版本已知问题9个，已知漏洞16个。目前版本分支剩余待修复缺陷10个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS SP1 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I88AEA?from=project-i… CVE修复： CVE 仓库 score #I86NLQ:CVE-2023-43641<https://gitee.com/open_euler/dashboard?issue_id=I86NLQ> libcue 8.8 #I85JSV:CVE-2023-5441<https://gitee.com/open_euler/dashboard?issue_id=I85JSV> vim 8.2 #I87OMW:CVE-2023-5535<https://gitee.com/open_euler/dashboard?issue_id=I87OMW> vim 7.8 #I849BM:CVE-2023-5157<https://gitee.com/open_euler/dashboard?issue_id=I849BM> mariadb 7.5 #I85U1I:CVE-2023-45322<https://gitee.com/open_euler/dashboard?issue_id=I85U1I> libxml2 6.5 #I87062:CVE-2023-42669<https://gitee.com/open_euler/dashboard?issue_id=I87062> samba 6.5 #I8706V:CVE-2023-42670<https://gitee.com/open_euler/dashboard?issue_id=I8706V> samba 6.5 #I87CXT:CVE-2023-3961<https://gitee.com/open_euler/dashboard?issue_id=I87CXT> samba 6.5 #I87CXU:CVE-2023-4091<https://gitee.com/open_euler/dashboard?issue_id=I87CXU> samba 6.5 #I7M5BR:CVE-2023-38470<https://gitee.com/open_euler/dashboard?issue_id=I7M5BR> avahi 6.2 #I84B2W:CVE-2023-42755<https://gitee.com/open_euler/dashboard?issue_id=I84B2W> kernel 5.5 #I7K39B:CVE-2018-2799<https://gitee.com/open_euler/dashboard?issue_id=I7K39B> xerces-j2 5.3 #I86P7R:CVE-2023-38545<https://gitee.com/open_euler/dashboard?issue_id=I86P7R> curl 1 #I86P7X:CVE-2023-38546<https://gitee.com/open_euler/dashboard?issue_id=I86P7X> curl 1 #I84TVR:CVE-2023-43040<https://gitee.com/open_euler/dashboard?issue_id=I84TVR> ceph 1 #I885C5:CVE-2023-45853<https://gitee.com/open_euler/dashboard?issue_id=I885C5> zlib 1 Bugfix： issue 仓库 #I7Y90Y:回合上游社区补丁,补丁数量：3<https://gitee.com/open_euler/dashboard?issue_id=I7Y90Y> python3 #I7I4PR:空链接问题排查：openEuler-20.03-LTS、openEuler-20.03-LTS-SP1、openEuler-22.03-LTS升级后，查询环境，存在空连接。<https://gitee.com/open_euler/dashboard?issue_id=I7I4PR> openldap #I7E9D3:libtirpc解耦无效依赖man-db<https://gitee.com/open_euler/dashboard?issue_id=I7E9D3> libtirpc #I6J2KR:CVE-2CVE-2021-36976上游社区补丁更新<https://gitee.com/open_euler/dashboard?issue_id=I6J2KR> libarchive #I7NZX0: 例行分析libdnf补丁，需要回合补丁<https://gitee.com/open_euler/dashboard?issue_id=I7NZX0> libdnf #I841PH:glib2存在死锁场景，可能导致执行realm join --verbose HDOMAIN.LOCAL -U aduser(a)HDOMAIN.LOCAL --membership-software=samba 加入域会偶现卡住的情况<https://gitee.com/open_euler/dashboard?issue_id=I841PH> glib2 #I7STNB:libsolv补丁分析回合<https://gitee.com/open_euler/dashboard?issue_id=I7STNB> libsolv #I7AZ85:使用LTS补丁替换自研修复方案cgroup: Do not corrupt task iteration when rebinding subsystem<https://gitee.com/open_euler/dashboard?issue_id=I7AZ85> kernel #I82QPR:【OLK-5.10/openEuler-1.0-LTS】softlockup in rcu_momentary_dyntick_idle<https://gitee.com/open_euler/dashboard?issue_id=I82QPR> kernel openEuler-22.03-LTS SP1版本编译构建信息查询链接： https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP1 https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP1:Ep… openEuler-22.03-LTS SP1 Update版本发布源链接： https://repo.openeuler.org/openEuler-22.03-LTS-SP1/update/ https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/main/ https://repo.openeuler.org/openEuler-22.03-LTS-SP1/docker_img/update/ https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_versio… https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_versio… https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_versio… openEuler CVE 及安全公告公示链接： https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-22.03-LTS-SP1 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高)：里程碑任务ID 任务标题优先级 sig组关联仓库任务路径 openEuler 22.03-SP1 I6B4V1 【22.03 SP1 update 20230118】【arm】libhdfs在arm架构降级失败，x86正常主要 sig/bigdata src-openEuler/hadoop https://gitee.com/open_euler/dashboard?issue_id=I6B4V1 openEuler-22.03-LTS-SP1 I7LW30 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during IPA pass: struct_reorg(in wide_int_to_tree_1, at tree.c:1575) 主要 sig/Compiler openEuler/gcc https://gitee.com/open_euler/dashboard?issue_id=I7LW30 openEuler-22.03-LTS-SP1 I7LWCW 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:internal compiler error: Segmentation fault 主要 sig/Compiler openEuler/gcc https://gitee.com/open_euler/dashboard?issue_id=I7LWCW openEuler-22.03-LTS-SP1 I7LWK7 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during IPA pass: struct_reorg(in get_type_field, at ipa-struct-reorg/ipa-struct-reorg.c:4394) 主要 sig/Compiler openEuler/gcc https://gitee.com/open_euler/dashboard?issue_id=I7LWK7 openEuler-22.03-LTS-SP1 I7LWO1 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during RTL pass: expand(in convert_move, at expr.c:219) 主要 sig/Compiler openEuler/gcc https://gitee.com/open_euler/dashboard?issue_id=I7LWO1 openEuler-22.03-LTS-SP1 I7LX07 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during IPA pass: struct_reorg(in get_type_field, at ipa-struct-reorg/ipa-struct-reorg.c:4379) 主要 sig/Compiler openEuler/gcc https://gitee.com/open_euler/dashboard?issue_id=I7LX07 openEuler-22.03-LTS-SP1 update20230726 I7OR2I 【22.03 LTS SP1 update20230726】【arm\x86】selinux-policy-base的版本不符合ceph子包的安装条件，ceph子包安装失败主要 sig/sig-SDS src-openEuler/ceph https://gitee.com/open_euler/dashboard?issue_id=I7OR2I openEuler-22.03-LTS-SP1 I6VFV6 [22.03 SP1] [x86/arm] mariadb授权给远程用户，远程连接服务失败次要 sig/DB src-openEuler/mariadb https://gitee.com/open_euler/dashboard?issue_id=I6VFV6 openEuler-22.03-LTS-SP1 I73CKF 【22.03-lts-sp1】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败次要 sig/Base-service src-openEuler/php https://gitee.com/open_euler/dashboard?issue_id=I73CKF openEuler-20.03-LTS-SP1-dailybuild I5Y99T mate-desktop install problem in openEuler:20:03:LTS:SP1 无优先级 sig/sig-mate-desktop src-openEuler/mate-desktop https://gitee.com/open_euler/dashboard?issue_id=I5Y99T openEuler-22.03-LTS-SP2 Update 20231018 经各SIG及社区开发者贡献，本周openEuler-22.03-LTS-SP2修复版本已知问题5个，已知漏洞16个。目前版本分支剩余待修复缺陷2个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS-SP2 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I88AE9?from=project-i… CVE修复： CVE 仓库 score #I86NLQ:CVE-2023-43641<https://gitee.com/open_euler/dashboard?issue_id=I86NLQ> libcue 8.8 #I85JSV:CVE-2023-5441<https://gitee.com/open_euler/dashboard?issue_id=I85JSV> vim 8.2 #I87OMW:CVE-2023-5535<https://gitee.com/open_euler/dashboard?issue_id=I87OMW> vim 7.8 #I849BM:CVE-2023-5157<https://gitee.com/open_euler/dashboard?issue_id=I849BM> mariadb 7.5 #I85U1I:CVE-2023-45322<https://gitee.com/open_euler/dashboard?issue_id=I85U1I> libxml2 6.5 #I87062:CVE-2023-42669<https://gitee.com/open_euler/dashboard?issue_id=I87062> samba 6.5 #I8706V:CVE-2023-42670<https://gitee.com/open_euler/dashboard?issue_id=I8706V> samba 6.5 #I87CXT:CVE-2023-3961<https://gitee.com/open_euler/dashboard?issue_id=I87CXT> samba 6.5 #I87CXU:CVE-2023-4091<https://gitee.com/open_euler/dashboard?issue_id=I87CXU> samba 6.5 #I7M5BR:CVE-2023-38470<https://gitee.com/open_euler/dashboard?issue_id=I7M5BR> avahi 6.2 #I84B2W:CVE-2023-42755<https://gitee.com/open_euler/dashboard?issue_id=I84B2W> kernel 5.5 #I7K39B:CVE-2018-2799<https://gitee.com/open_euler/dashboard?issue_id=I7K39B> xerces-j2 5.3 #I86P7R:CVE-2023-38545<https://gitee.com/open_euler/dashboard?issue_id=I86P7R> curl 1 #I86P7X:CVE-2023-38546<https://gitee.com/open_euler/dashboard?issue_id=I86P7X> curl 1 #I84TVR:CVE-2023-43040<https://gitee.com/open_euler/dashboard?issue_id=I84TVR> ceph 1 #I885C5:CVE-2023-45853<https://gitee.com/open_euler/dashboard?issue_id=I885C5> zlib 1 Bugfix： issue 仓库 #I7E9D3:libtirpc解耦无效依赖man-db<https://gitee.com/open_euler/dashboard?issue_id=I7E9D3> libtirpc #I841PH:glib2存在死锁场景，可能导致执行realm join --verbose HDOMAIN.LOCAL -U aduser(a)HDOMAIN.LOCAL --membership-software=samba 加入域会偶现卡住的情况<https://gitee.com/open_euler/dashboard?issue_id=I841PH> glib2 #I7STNB:libsolv补丁分析回合<https://gitee.com/open_euler/dashboard?issue_id=I7STNB> libsolv #I7D878:[OLK-5.10] ext4: delete redundant uptodate check for buffer<https://gitee.com/open_euler/dashboard?issue_id=I7D878> kernel #I82QPR:【OLK-5.10/openEuler-1.0-LTS】softlockup in rcu_momentary_dyntick_idle<https://gitee.com/open_euler/dashboard?issue_id=I82QPR> kernel openEuler-22.03-LTS SP2版本编译构建信息查询链接： https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP2 https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP2:Ep… openEuler-22.03-LTS SP2 Update版本发布源链接： https://repo.openeuler.org/openEuler-22.03-LTS-SP2/update/ https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/main/ https://repo.openeuler.org/openEuler-22.03-LTS-SP2/hotpatch_update/ https://repo.openeuler.org/openEuler-22.03-LTS-SP2/docker_img/update/ https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/multi_versio… https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/multi_versio… openEuler CVE 及安全公告公示链接： https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ https://repo.openeuler.org/security/data/hotpatch_cvrf/ openEuler-22.03-LTS-SP2 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高)：里程碑任务ID 任务标题优先级 sig组关联仓库任务路径 openEuler-22.03-LTS-SP2-round-2 I795G3 【22.03-LTS-SP2 round2】本次转测源中出现多个版本的containers-common 主要 sig/sig-CloudNative src-openEuler/skopeo https://gitee.com/open_euler/dashboard?issue_id=I795G3 openEuler-22.03-LTS-SP2-SEC I7AFIR 【22.03-LTS-SP2 round2】【x86/arm】libkae-1.2.10-6.oe2203sp2安全编译选项Rpath/Runpath不满足主要 sig-AccLib src-openEuler/libkae https://gitee.com/open_euler/dashboard?issue_id=I7AFIR 社区待修复漏洞： openEuler社区根据漏洞严重等级采取差异化的修复策略，请各个SIG 关注涉及CVE组件的修复情况。严重等级（Severity Rating）漏洞修复时长致命（Critical） 7天高（High） 14天中（Medium） 30天低（Low） 30天可参考社区安全委员会漏洞：https://gitee.com/openeuler/security-committee/wikis/%E7%A4%BE… 近14天将超期CVE（10.21日数据）: 漏洞编号 Issue ID 剩余天数 CVSS评分软件包责任SIG CVE-2023-44981 I896D4 6.21 9.1 zookeeper sig-bigdata CVE-2023-40791 I88DAN 6.21 9.1 kernel Kernel CVE-2023-22102 I89F9G 13.21 8.3 mysql Others CVE-2023-45898 I88DBD 13.21 7.8 kernel Kernel CVE-2023-5557 I87QB3 13.21 7.7 tracker-miners Base-service CVE-2023-44487 I89672 12.2 7.5 nghttp2 Networking CVE-2023-5632 I89456 12.2 7.5 mosquitto Application CVE-2023-45862 I885FJ 13.21 7.5 kernel Kernel CVE-2023-38545 I86P7R 13.78 7.5 curl Networking CVE-2023-4574 I7WZ14 9.2 6.5 firefox Application CVE-2023-4573 I7WZ06 9.2 6.5 firefox Application CVE-2023-3592 I7Z2PQ 13.2 5.8 mosquitto Application CVE-2023-43114 I829D9 2.2 5.5 qt Runtime CVE-2023-43898 I85EOY 13.29 5.5 stb UKUI CVE-2022-3466 I5VEVL 0.62 5.3 cri-o sig-CloudNative CVE-2023-0809 I856A0 13.2 5.3 mosquitto Application CVE-2023-1625 I6Q3J1 6.2 5.0 openstack-heat sig-openstack CVE-2023-4581 I7WYZD 9.2 4.3 firefox Application CVE-2023-40660 I84XBX 6.96 0.0 opensc Base-service CVE-2023-42118 I85795 9.1 0.0 exim Application CVE-2023-42117 I8579C 9.11 0.0 exim Application CVE-2023-42116 I8579B 9.11 0.0 exim Application CVE-2023-42115 I8579A 9.11 0.0 exim Application CVE-2023-42119 I85799 9.11 0.0 exim Application CVE-2023-42114 I85797 9.11 0.0 exim Application openEuler 社区指导文档及开放平台链接： openEuler 版本分支维护规范： https://gitee.com/openeuler/release-management/blob/master/openEuler%E7%89%… openEuler release-management 版本分支PR指导： https://gitee.com/openeuler/release-management/blob/master/openEuler%E5%BC%… 社区QA 版本测试提单规范 https://gitee.com/openeuler/QA/blob/master/%E7%A4%BE%E5%8C%BA%E7%89%88%E6%9… 社区QA 测试平台 radiates https://radiatest.openeuler.org<https://radiatest.openeuler.org/>

1 0

[Release] openEuler update_20231011版本发布公告
by update版本发布邮箱 14 Oct '23

14 Oct '23

主题: openEuler update_20231011版本发布公告 Dear all，经社区Release SIG、QA SIG及 CICD SIG 评估，openEuler-20.03-LTS-SP1、openEuler-20.03-LTS-SP3、openEuler-22.03-LTS、openEuler-22.03-LTS-SP1及openEuler-22.03-LTS-SP2 update版本满足版本出口质量，现进行发布公示。本公示分为七部分： 1、openEuler-20.03-LTS-SP1 Update 20231011发布情况及待修复缺陷 2、openEuler-20.03-LTS-SP3 Update 20231011发布情况及待修复缺陷 3、openEuler-22.03-LTS Update 20231011发布情况及待修复缺陷 4、openEuler-22.03-LTS-SP1 Update 20231011发布情况及待修复缺陷 5、openEuler-22.03-LTS-SP2 Update 20231011发布情况及待修复缺陷 6、openEuler 关键组件待修复CVE 清单 7、openEuler 社区指导文档及开放平台链接本次update版本发布后，下一个版本里程碑点（预计在2023/10/20）提供 update_20231018 版本。 openEuler-20.03-LTS-SP1 Update 20231011 经各SIG及社区开发者贡献，本周openEuler-20.03-LTS-SP1修复版本已知问题7个，已知漏洞43个。目前版本分支剩余待修复缺陷11个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP1 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I86CDI?from=project-i… CVE修复： CVE 仓库 score CVE-2023-25775 kernel 9.8 CVE-2023-5217 libvpx 8.8 CVE-2023-40474 gstreamer1-plugins-bad-free 8.8 CVE-2023-40475 gstreamer1-plugins-bad-free 8.8 CVE-2023-5217 libvpx 8.8 CVE-2023-4863 firefox 8.8 CVE-2023-40476 gstreamer1-plugins-bad-free 8.3 CVE-2023-4692 grub2 7.8 CVE-2023-4785 grpc 7.5 CVE-2023-44488 libvpx 7.5 CVE-2022-40433 openjdk-11 7.5 CVE-2023-5344 vim 7.5 CVE-2023-21930 openjdk-11 7.4 CVE-2023-5366 openvswitch 7.1 CVE-2023-42753 kernel 7 CVE-2023-5341 ImageMagick 6.2 CVE-2023-43788 libXpm 6.1 CVE-2023-21954 openjdk-11 5.9 CVE-2023-21967 openjdk-11 5.9 CVE-2023-43804 python-urllib3 5.9 CVE-2023-43789 libXpm 5.5 CVE-2023-43786 libX11 5.5 CVE-2023-4693 grub2 5.5 CVE-2023-43665 python-django 5.3 CVE-2023-21835 openjdk-11 5.3 CVE-2023-21939 openjdk-11 5.3 CVE-2023-5371 wireshark 5.3 CVE-2023-43787 libX11 5.3 CVE-2023-22041 openjdk-11 5.1 CVE-2023-4039 gcc 4.8 CVE-2023-43785 libX11 4.4 CVE-2023-21843 openjdk-11 3.7 CVE-2023-21968 openjdk-11 3.7 CVE-2023-21938 openjdk-11 3.7 CVE-2023-21937 openjdk-11 3.7 CVE-2023-22036 openjdk-11 3.7 CVE-2023-22045 openjdk-11 3.7 CVE-2023-22049 openjdk-11 3.7 CVE-2020-15103 freerdp 3.5 CVE-2020-36766 kernel 3.3 CVE-2023-22006 openjdk-11 3.1 CVE-2023-42754 kernel 0 CVE-2023-42755 kernel 0 Bugfix： issue 仓库 #I869PY:【OLK510 & openEuler-1.0-LTS】修复__inet_del_ifa()中一处memleak的问题 kernel #I85XNK:[openEuler-1.0-LTS] linux-4.19.y inclusion(4.19.292..4.19.294) kernel #I7RPDX:Backport cgroup: fix missing cpus_read_{lock,unlock}() in cgroup_transfer_tasks() kernel #I85WL9:[openEuler-1.0-LTS] mm: memory-failure: use rcu lock instead of tasklist_lock when collect_procs() kernel #I84HSL: fib6_info_destroy_rcu中出现UAF问题 kernel #I84IKB:【openEuler-1.0-LTS】4.19 LTS补丁回合：cifs: Release folio lock on fscache read hit kernel #I81G0T:cpuidle: Fix kobject memory leaks in error paths kernel openEuler-20.03-LTS-SP1版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1 https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1:Epol openEuler-20.03-LTS-SP1 Update版本发布源链接： https://repo.openeuler.org/openEuler-20.03-LTS-SP1/update/ https://repo.openeuler.org/openEuler-20.03-LTS-SP1/EPOL/update/ https://repo.openeuler.org/openEuler-20.03-LTS-SP1/docker_img/update/ openEuler CVE 及安全公告公示链接： https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-20.03-LTS-SP1 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高)：里程碑任务ID 任务标题优先级 sig组关联仓库任务路径 openEuler 20.03LTS SP1 update2103 I3E5C1 【20.03-SP1】【arm/x86】服务启动失败主要 regression-failed src-openEuler/hadoop https://gitee.com/open_euler/dashboard?issue_id=I3E5C1 openEuler 20.03LTS SP1 update210901 I48GIM 【20.03LTS SP1 update 210901】ovirt-cockpit-sso.service服务启动失败主要 sig-oVirt src-openEuler/ovirt-cockpit-sso https://gitee.com/open_euler/dashboard?issue_id=I48GIM openEuler 20.03-LTS-SP1 I4J0OY 【20.03 SP1】【arm/x86】安装好libdap后，getdap4命令的-i和-k参数使用异常主要 sig/sig-recycle src-openEuler/libdap https://gitee.com/open_euler/dashboard?issue_id=I4J0OY openEuler 20.03-LTS-SP1 I4JMG4 【20.03 SP1】【arm/x86】robotframework包的三个命令：libdoc、rebot、robot执行--help/-h/-?/--version，查看帮助信息和版本信息，返回值为251 主要 sig/sig-ROS src-openEuler/python-robotframework https://gitee.com/open_euler/dashboard?issue_id=I4JMG4 openEuler 20.03-LTS-SP1 I5DLX7 [20.03 22.03] 管理员指南操作文档mysql服务搭建指导文档有误主要 sig/doc openEuler/docs https://gitee.com/open_euler/dashboard?issue_id=I5DLX7 openEuler 20.03-LTS-SP1 I6VFAE [20.03 SP1] [x86/arm] mariadb授权给远程用户，远程连接服务失败次要 sig/DB src-openEuler/mariadb https://gitee.com/open_euler/dashboard?issue_id=I6VFAE openEuler 20.03-LTS-SP1 I7ZOX9 【20.03 LTS SP1】【arm/x86】 qdbuscpp2xml-qt5的help信息名称不一致次要 sig/Programming-lang src-openEuler/qt5-qtbase https://gitee.com/open_euler/dashboard?issue_id=I7ZOX9 openEuler-20.03-LTS-SP1 I3QGU7 系统不支持GB18030 无优先级 sig/TC openEuler/community https://gitee.com/open_euler/dashboard?issue_id=I3QGU7 openEuler 20.03LTS SP1 update210926 I4CMSV 【20.03-LTS-SP1】【arm/x86】搭建Kubernetes 集群缺少包etcd 无优先级 sig/TC openEuler/community https://gitee.com/open_euler/dashboard?issue_id=I4CMSV openEuler 20.03LTS SP1 update220111 I4QV6N 【openEuler-20.03-LTS-SP1】flink命令执行失败无优先级 sig/sig-ai-bigdata src-openEuler/flink https://gitee.com/open_euler/dashboard?issue_id=I4QV6N openEuler-20.03-LTS-SP1-dailybuild I5Y99T mate-desktop install problem in openEuler:20:03:LTS:SP1 无优先级 sig/sig-mate-desktop src-openEuler/mate-desktop https://gitee.com/open_euler/dashboard?issue_id=I5Y99T openEuler-20.03-LTS-SP3 Update 20231011 经各SIG及社区开发者贡献，本周openEuler-20.03-LTS-SP3修复版本已知问7个，已知漏洞42个。目前版本分支剩余待修复缺陷 7个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP3 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I86CDJ?from=project-i… CVE修复： CVE 仓库 score CVE-2023-25775 kernel 9.8 CVE-2023-5217 libvpx 8.8 CVE-2023-4504 cups 8.8 CVE-2023-40475 gstreamer1-plugins-bad-free 8.8 CVE-2023-4863 firefox 8.8 CVE-2023-40474 gstreamer1-plugins-bad-free 8.8 CVE-2023-40476 gstreamer1-plugins-bad-free 8.3 CVE-2023-4692 grub2 7.8 CVE-2023-44488 libvpx 7.5 CVE-2022-40433 openjdk-11 7.5 CVE-2023-5344 vim 7.5 CVE-2023-21930 openjdk-11 7.4 CVE-2023-5366 openvswitch 7.1 CVE-2023-42753 kernel 7 CVE-2023-5341 ImageMagick 6.2 CVE-2023-43788 libXpm 6.1 CVE-2023-43804 python-urllib3 5.9 CVE-2023-21954 openjdk-11 5.9 CVE-2023-21967 openjdk-11 5.9 CVE-2023-43789 libXpm 5.5 CVE-2023-43786 libX11 5.5 CVE-2023-4693 grub2 5.5 CVE-2023-43665 python-django 5.3 CVE-2023-21835 openjdk-11 5.3 CVE-2023-21939 openjdk-11 5.3 CVE-2023-43787 libX11 5.3 CVE-2023-5371 wireshark 5.3 CVE-2018-2799 xerces-j2 5.3 CVE-2023-22041 openjdk-11 5.1 CVE-2023-4039 gcc 4.8 CVE-2023-43785 libX11 4.4 CVE-2023-21843 openjdk-11 3.7 CVE-2023-21968 openjdk-11 3.7 CVE-2023-21938 openjdk-11 3.7 CVE-2023-21937 openjdk-11 3.7 CVE-2023-22036 openjdk-11 3.7 CVE-2023-22045 openjdk-11 3.7 CVE-2023-22049 openjdk-11 3.7 CVE-2020-36766 kernel 3.3 CVE-2023-22006 openjdk-11 3.1 CVE-2023-42754 kernel 0 CVE-2023-42755 kernel 0 Bugfix： issue 仓库 #I7RPDX:Backport cgroup: fix missing cpus_read_{lock,unlock}() in cgroup_transfer_tasks() kernel #I81G0T:cpuidle: Fix kobject memory leaks in error paths kernel #I84HSL: fib6_info_destroy_rcu中出现UAF问题 kernel #I84IKB:【openEuler-1.0-LTS】4.19 LTS补丁回合：cifs: Release folio lock on fscache read hit kernel #I85WL9:[openEuler-1.0-LTS] mm: memory-failure: use rcu lock instead of tasklist_lock when collect_procs() kernel #I85XNK:[openEuler-1.0-LTS] linux-4.19.y inclusion(4.19.292..4.19.294) kernel #I869PY:【OLK510 & openEuler-1.0-LTS】修复__inet_del_ifa()中一处memleak的问题 kernel openEuler-20.03-LTS-SP3版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3 https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3:Epol openEuler-20.03-LTS-SP3 Update版本发布源链接： https://repo.openeuler.org/openEuler-20.03-LTS-SP3/update/ https://repo.openeuler.org/openEuler-20.03-LTS-SP3/EPOL/update/main/ https://repo.openeuler.org/openEuler-20.03-LTS-SP3/docker_img/update/ openEuler CVE及安全公告公示链接： https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-20.03-LTS-SP3 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高)：里程碑任务ID 任务标题优先级 sig组关联仓库任务路径 openEuler 20.03-LTS-SP3 I5KXUY 【20.03 LTS SP3 update 20220803】【arm/x86】ovirt-cockpit-sso.service服务启动失败主要 sig/oVirt src-openEuler/ovirt-cockpit-sso https://gitee.com/open_euler/dashboard?issue_id=I5KXUY openEuler-20.03-LTS-SP3 I5KY4S 【20.03 LTS SP3 update 20220803】【arm/x86】vdsmd.service服务启动失败，导致mom-vdsm.service服务无法启动成功主要 sig/oVirt src-openEuler/vdsm https://gitee.com/open_euler/dashboard?issue_id=I5KY4S openEuler-20.03-LTS-SP3 I6VFMI [20.03 SP3] [x86/arm] mariadb授权给远程用户，远程连接服务失败次要 sig/DB src-openEuler/mariadb https://gitee.com/open_euler/dashboard?issue_id=I6VFMI openEuler-20.03-LTS-SP3 I72HWV 【20.03-lts-sp3】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败次要 sig/Base-service src-openEuler/php https://gitee.com/open_euler/dashboard?issue_id=I72HWV openEuler-20.03-LTS-SP3 I7QP67 [20.03-LTS-SP3]openssh自编译失败，提示缺少bc命令次要 sig/Base-service src-openEuler/openEuler-release https://gitee.com/open_euler/dashboard?issue_id=I7QP67 openEuler-20.03-LTS-SP3 I7ZOZZ 【20.03 LTS SP3】【arm/x86】 qdbuscpp2xml-qt5的help信息名称不一致次要 sig/Programming-lang src-openEuler/qt5-qtbase https://gitee.com/open_euler/dashboard?issue_id=I7ZOZZ openEuler 20.03LTS SP3 update220111 I4QV7S 【openEuler-20.03-LTS-SP3】flink run 命令执行失败无优先级 sig/sig-ai-bigdata src-openEuler/flink https://gitee.com/open_euler/dashboard?issue_id=I4QV7S openEuler-22.03-LTS Update 20231011 经各SIG及社区开发者贡献，本周openEuler-22.03-LTS修复版本已知问题9个，已知漏洞46个。目前版本分支剩余待修复缺陷5个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I86CDK?from=project-i… CVE修复： CVE 仓库 score CVE-2023-5217 libvpx 8.8 CVE-2023-40474 gstreamer1-plugins-bad-free 8.8 CVE-2023-40475 gstreamer1-plugins-bad-free 8.8 CVE-2023-4584 firefox 8.8 CVE-2023-4863 firefox 8.8 CVE-2023-40476 gstreamer1-plugins-bad-free 8.3 CVE-2023-4911 glibc 7.8 CVE-2023-4692 grub2 7.8 CVE-2023-5197 kernel 7.8 CVE-2022-40433 openjdk-11 7.5 CVE-2023-44488 libvpx 7.5 CVE-2023-3354 qemu 7.5 CVE-2023-5344 vim 7.5 CVE-2023-21930 openjdk-11 7.4 CVE-2023-5366 openvswitch 7.1 CVE-2023-42753 kernel 7.0 CVE-2023-4575 firefox 6.5 CVE-2023-4573 firefox 6.5 CVE-2023-4574 firefox 6.5 CVE-2023-5341 ImageMagick 6.2 CVE-2023-43788 libXpm 6.1 CVE-2023-21954 openjdk-11 5.9 CVE-2023-21967 openjdk-11 5.9 CVE-2023-43804 python-urllib3 5.9 CVE-2023-43789 libXpm 5.5 CVE-2023-43786 libX11 5.5 CVE-2023-4693 grub2 5.5 CVE-2023-21835 openjdk-11 5.3 CVE-2023-21939 openjdk-11 5.3 CVE-2023-43665 python-django 5.3 CVE-2023-0809 mosquitto 5.3 CVE-2023-5371 wireshark 5.3 CVE-2023-43787 libX11 5.3 CVE-2018-2799 xerces-j2 5.3 CVE-2023-22041 openjdk-11 5.1 CVE-2023-4039 gcc 4.8 CVE-2023-43785 libX11 4.4 CVE-2023-4581 firefox 4.3 CVE-2023-21843 openjdk-11 3.7 CVE-2023-21968 openjdk-11 3.7 CVE-2023-21938 openjdk-11 3.7 CVE-2023-21937 openjdk-11 3.7 CVE-2023-22036 openjdk-11 3.7 CVE-2023-22045 openjdk-11 3.7 CVE-2023-22049 openjdk-11 3.7 CVE-2023-22006 openjdk-11 3.1 Bugfix： issue 仓库 #I7SUDV:libbpf社区补丁分析回合 libbpf #I7OXK8: 【openEuler-1.0-LTS】TS200-2280K ,系统侧有inode的报错 kernel #I7PZZC:[OLK-5.10] NVMe bugfix补丁回合 kernel #I7R4BC:[OLK-5.10] NVMe bugfix backport kernel #I7ZCDZ:[OLK-5.10] lpfc bugfix补丁回合 kernel #I80YEI:LoongArch: binutils 2.41编译问题 kernel #I80YFC:【OLK-5.10】添加浪潮BMC DRM驱动支持 kernel #I839LV:【OLK-5.10】etmem修正打开idle_page、swap_page时模块引用计数正确问题 kernel #I86JB6:nf_table LTS补丁整理回合 kernel openEuler-22.03-LTS版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:22.03:LTS https://build.openeuler.org/project/show/openEuler:22.03:LTS:Epol openEuler-22.03-LTS Update版本发布源链接： https://repo.openeuler.org/openEuler-22.03-LTS/update/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/main/ https://repo.openeuler.org/openEuler-22.03-LTS/docker_img/update/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/ob… openEuler CVE 及安全公告公示链接： https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-22.03-LTS Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高)：里程碑任务ID 任务标题优先级 sig组关联仓库任务路径 openEuler-22.03-LTS update20230726 I7ORCE 【22.03 LTS update20230726】【arm\x86】selinux-policy-base的版本不符合ceph子包的安装条件，ceph子包安装失败; cephadm卸载有异常打印主要 sig/sig-SDS src-openEuler/ceph https://gitee.com/open_euler/dashboard?issue_id=I7ORCE openEuler-22.03-LTS I596H5 openEuler官网中安全加固指南模块—>加固指导—>系统服务—>ssh加固项说明：加固建议中多添加了@符号次要 sig/doc openEuler/docs https://gitee.com/open_euler/dashboard?issue_id=I596H5 openEuler-22.03-LTS I6VFRX [22.03-LTS][x86/arm]mariadb授权给远程用户，远程连接服务失败次要 sig/DB src-openEuler/mariadb https://gitee.com/open_euler/dashboard?issue_id=I6VFRX openEuler-22.03-LTS I72N5G 【22.03-lts】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败次要 sig/Base-service src-openEuler/php https://gitee.com/open_euler/dashboard?issue_id=I72N5G openEuler-22.03-LTS I7ZP1J 【22.03 LTS】【arm/x86】 qdbuscpp2xml-qt5的help信息名称不一致次要 sig/Programming-lang src-openEuler/qt5-qtbase https://gitee.com/open_euler/dashboard?issue_id=I7ZP1J openEuler-22.03-LTS-SP1 Update 20231011 经各SIG及社区开发者贡献，本周openEuler-22.03-LTS-SP1修复版本已知问题6个，已知漏洞29个。目前版本分支剩余待修复缺陷11个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS SP1 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I86CDH?from=project-i… CVE修复： CVE 仓库 score CVE-2023-5217 libvpx 8.8 CVE-2023-40475 gstreamer1-plugins-bad-free 8.8 CVE-2023-4584 firefox 8.8 CVE-2023-4863 firefox 8.8 CVE-2023-40474 gstreamer1-plugins-bad-free 8.8 CVE-2023-40476 gstreamer1-plugins-bad-free 8.3 CVE-2023-4911 glibc 7.8 CVE-2023-4692 grub2 7.8 CVE-2023-5197 kernel 7.8 CVE-2023-44488 libvpx 7.5 CVE-2023-5344 vim 7.5 CVE-2023-5366 openvswitch 7.1 CVE-2023-42753 kernel 7.0 CVE-2023-4575 firefox 6.5 CVE-2023-4573 firefox 6.5 CVE-2023-4574 firefox 6.5 CVE-2023-5341 ImageMagick 6.2 CVE-2023-43788 libXpm 6.1 CVE-2023-43804 python-urllib3 5.9 CVE-2023-4693 grub2 5.5 CVE-2023-43786 libX11 5.5 CVE-2023-43789 libXpm 5.5 CVE-2023-0809 mosquitto 5.3 CVE-2023-5371 wireshark 5.3 CVE-2023-43665 python-django 5.3 CVE-2023-43787 libX11 5.3 CVE-2023-4039 gcc 4.8 CVE-2023-43785 libX11 4.4 CVE-2023-4581 firefox 4.3 Bugfix： issue 仓库 #I7SUDV:libbpf社区补丁分析回合 libbpf #I82DMH:Add tinytoml rpm tinytoml #I7WSCH:format_ucs2()中有潜在的越界访问内存问题 efivar #I7OXK8: 【openEuler-1.0-LTS】TS200-2280K ,系统侧有inode的报错 kernel #I839LV:【OLK-5.10】etmem修正打开idle_page、swap_page时模块引用计数正确问题 kernel #I86JB6:nf_table LTS补丁整理回合 kernel openEuler-22.03-LTS SP1版本编译构建信息查询链接： https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP1 https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP1:Ep… openEuler-22.03-LTS SP1 Update版本发布源链接： https://repo.openeuler.org/openEuler-22.03-LTS-SP1/update/ https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/main/ https://repo.openeuler.org/openEuler-22.03-LTS-SP1/docker_img/update/ https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_versio… https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_versio… https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_versio… openEuler CVE 及安全公告公示链接： https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-22.03-LTS-SP1 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高)：里程碑任务ID 任务标题优先级 sig组关联仓库任务路径 openEuler 22.03-SP1 I6B4V1 【22.03 SP1 update 20230118】【arm】libhdfs在arm架构降级失败，x86正常主要 sig/bigdata src-openEuler/hadoop https://gitee.com/open_euler/dashboard?issue_id=I6B4V1 openEuler-22.03-LTS-SP1 I7LW30 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during IPA pass: struct_reorg(in wide_int_to_tree_1, at tree.c:1575) 主要 sig/Compiler openEuler/gcc https://gitee.com/open_euler/dashboard?issue_id=I7LW30 openEuler-22.03-LTS-SP1 I7LWCW 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:internal compiler error: Segmentation fault 主要 sig/Compiler openEuler/gcc https://gitee.com/open_euler/dashboard?issue_id=I7LWCW openEuler-22.03-LTS-SP1 I7LWK7 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during IPA pass: struct_reorg(in get_type_field, at ipa-struct-reorg/ipa-struct-reorg.c:4394) 主要 sig/Compiler openEuler/gcc https://gitee.com/open_euler/dashboard?issue_id=I7LWK7 openEuler-22.03-LTS-SP1 I7LWO1 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during RTL pass: expand(in convert_move, at expr.c:219) 主要 sig/Compiler openEuler/gcc https://gitee.com/open_euler/dashboard?issue_id=I7LWO1 openEuler-22.03-LTS-SP1 I7LX07 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during IPA pass: struct_reorg(in get_type_field, at ipa-struct-reorg/ipa-struct-reorg.c:4379) 主要 sig/Compiler openEuler/gcc https://gitee.com/open_euler/dashboard?issue_id=I7LX07 openEuler-22.03-LTS-SP1 update20230726 I7OR2I 【22.03 LTS SP1 update20230726】【arm\x86】selinux-policy-base的版本不符合ceph子包的安装条件，ceph子包安装失败主要 sig/sig-SDS src-openEuler/ceph https://gitee.com/open_euler/dashboard?issue_id=I7OR2I openEuler-22.03-LTS-SP1 I6VFV6 [22.03 SP1] [x86/arm] mariadb授权给远程用户，远程连接服务失败次要 sig/DB src-openEuler/mariadb https://gitee.com/open_euler/dashboard?issue_id=I6VFV6 openEuler-22.03-LTS-SP1 I73CKF 【22.03-lts-sp1】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败次要 sig/Base-service src-openEuler/php https://gitee.com/open_euler/dashboard?issue_id=I73CKF openEuler-22.03-LTS-SP1 I7ZP3M 【22.03 LTS SP1】【arm/x86】 qdbuscpp2xml-qt5的help信息名称不一致次要 sig/Programming-lang src-openEuler/qt5-qtbase https://gitee.com/open_euler/dashboard?issue_id=I7ZP3M openEuler-20.03-LTS-SP1-dailybuild I5Y99T mate-desktop install problem in openEuler:20:03:LTS:SP1 无优先级 sig/sig-mate-desktop src-openEuler/mate-desktop https://gitee.com/open_euler/dashboard?issue_id=I5Y99T openEuler-22.03-LTS-SP2 Update 20231011 经各SIG及社区开发者贡献，本周openEuler-22.03-LTS-SP2修复版本已知问题9个，已知漏洞29个。目前版本分支剩余待修复缺陷3个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS-SP2 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I86CDG?from=project-i… CVE修复： CVE 仓库 score CVE-2023-5217 libvpx 8.8 CVE-2023-40474 gstreamer1-plugins-bad-free 8.8 CVE-2023-40475 gstreamer1-plugins-bad-free 8.8 CVE-2023-4584 firefox 8.8 CVE-2023-4863 firefox 8.8 CVE-2023-40476 gstreamer1-plugins-bad-free 8.3 CVE-2023-4911 glibc 7.8 CVE-2023-4692 grub2 7.8 CVE-2023-5197 kernel 7.8 CVE-2023-5344 vim 7.5 CVE-2023-44488 libvpx 7.5 CVE-2023-5366 openvswitch 7.1 CVE-2023-42753 kernel 7.0 CVE-2023-4575 firefox 6.5 CVE-2023-4573 firefox 6.5 CVE-2023-4574 firefox 6.5 CVE-2023-5341 ImageMagick 6.2 CVE-2023-43788 libXpm 6.1 CVE-2023-43804 python-urllib3 5.9 CVE-2023-43786 libX11 5.5 CVE-2023-4693 grub2 5.5 CVE-2023-43789 libXpm 5.5 CVE-2023-43787 libX11 5.3 CVE-2023-0809 mosquitto 5.3 CVE-2023-43665 python-django 5.3 CVE-2023-5371 wireshark 5.3 CVE-2023-4039 gcc 4.8 CVE-2023-43785 libX11 4.4 CVE-2023-4581 firefox 4.3 Bugfix： issue 仓库 #I7SUDV:libbpf社区补丁分析回合 libbpf #I7WSCH:format_ucs2()中有潜在的越界访问内存问题 efivar #I7OXK8: 【openEuler-1.0-LTS】TS200-2280K ,系统侧有inode的报错 kernel #I7PZZC:[OLK-5.10] NVMe bugfix补丁回合 kernel #I7R4BC:[OLK-5.10] NVMe bugfix backport kernel #I7T7G4:[OLK-5.10] 5.10.164 - 5.10.165 LTS补丁回合 kernel #I7ZCDZ:[OLK-5.10] lpfc bugfix补丁回合 kernel #I839LV:【OLK-5.10】etmem修正打开idle_page、swap_page时模块引用计数正确问题 kernel #I86JB6:nf_table LTS补丁整理回合 kernel openEuler-22.03-LTS SP2版本编译构建信息查询链接： https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP2 https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP2:Ep… openEuler-22.03-LTS SP2 Update版本发布源链接： https://repo.openeuler.org/openEuler-22.03-LTS-SP2/update/ https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/main/ https://repo.openeuler.org/openEuler-22.03-LTS-SP2/hotpatch_update/ https://repo.openeuler.org/openEuler-22.03-LTS-SP2/docker_img/update/ https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/multi_versio… https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/multi_versio… openEuler CVE 及安全公告公示链接： https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ https://repo.openeuler.org/security/data/hotpatch_cvrf/ openEuler-22.03-LTS-SP2 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高)：里程碑任务ID 任务标题优先级 sig组关联仓库任务路径 openEuler-22.03-LTS-SP2-round-2 I795G3 【22.03-LTS-SP2 round2】本次转测源中出现多个版本的containers-common 主要 sig/sig-CloudNative src-openEuler/skopeo https://gitee.com/open_euler/dashboard?issue_id=I795G3 openEuler-22.03-LTS-SP2-SEC I7AFIR 【22.03-LTS-SP2 round2】【x86/arm】libkae-1.2.10-6.oe2203sp2安全编译选项Rpath/Runpath不满足主要 sig-AccLib src-openEuler/libkae https://gitee.com/open_euler/dashboard?issue_id=I7AFIR openEuler-22.03-LTS-SP2 I7ZP4V 【22.03 LTS SP2】【arm/x86】 qdbuscpp2xml-qt5的help信息名称不一致次要 sig/Programming-lang src-openEuler/qt5-qtbase https://gitee.com/open_euler/dashboard?issue_id=I7ZP4V 社区待修复漏洞： openEuler社区根据漏洞严重等级采取差异化的修复策略，请各个SIG 关注涉及CVE组件的修复情况。严重等级（Severity Rating）漏洞修复时长致命（Critical） 7天高（High） 14天中（Medium） 30天低（Low） 30天可参考社区安全委员会漏洞：https://gitee.com/openeuler/security-committee/wikis/%E7%A4%BE… 近14天将超期CVE（10.14日数据）: 漏洞编号 Issue ID 剩余天数 CVSS评分软件包责任SIG CVE-2019-3885 I8575Q 0.2 7.5 pacemaker sig-Ha CVE-2023-4584 I7WZ0C 0.2 8.8 firefox Application CVE-2023-4575 I7WYY3 0.2 6.5 firefox Application CVE-2023-34414 I7BFX6 0.7 3.1 firefox Application CVE-2023-32212 I71RAD 0.7 4.3 firefox Application CVE-2023-32206 I71R4I 0.7 6.5 firefox Application CVE-2023-32205 I71R4D 0.7 4.3 firefox Application CVE-2023-32211 I71R41 0.7 6.5 firefox Application CVE-2023-29533 I6UVER 0.7 4.3 firefox Application CVE-2023-29545 I6UVEO 0.7 6.5 firefox Application CVE-2023-29535 I6UVDZ 0.7 6.5 firefox Application CVE-2023-29548 I6UVDO 0.7 6.5 firefox Application CVE-2023-32007 I6ZW0C 1.2 8.8 spark sig-bigdata CVE-2023-43091 I81S93 1.84 0.0 gnome-maps GNOME CVE-2023-4154 I87063 11.2 7.5 samba Networking CVE-2023-4586 I8701L 11.2 7.4 netty sig-Java CVE-2023-36478 I870FQ 12.2 7.5 jetty sig-Java CVE-2023-1625 I6Q3J1 13.2 5.0 openstack-heat sig-openstack CVE-2023-43040 I84TVR 13.73 0.0 ceph sig-ceph CVE-2023-39323 I85M9R 13.79 7.4 golang sig-golang CVE-2023-40660 I84XBX 13.96 0.0 opensc Base-service openEuler 社区指导文档及开放平台链接： openEuler 版本分支维护规范： https://gitee.com/openeuler/release-management/blob/master/openEuler%E7%89%… openEuler release-management 版本分支PR指导： https://gitee.com/openeuler/release-management/blob/master/openEuler%E5%BC%… 社区QA 版本测试提单规范 https://gitee.com/openeuler/QA/blob/master/%E7%A4%BE%E5%8C%BA%E7%89%88%E6%9… 社区QA 测试平台 radiates https://radiatest.openeuler.org<https://radiatest.openeuler.org/>

1 0

2024

2023

2022

2021

2020