mailweb.openeuler.org
Manage this list
×
Keyboard Shortcuts
Thread View
j
: Next unread message
k
: Previous unread message
j a
: Jump to all threads
j l
: Jump to MailingList overview
2024
September
August
July
June
May
April
March
February
January
2023
December
November
October
September
August
July
June
May
April
March
February
January
2022
December
November
October
September
August
July
June
May
April
March
February
January
2021
December
November
October
September
August
July
June
May
April
March
February
January
2020
December
November
October
September
August
July
June
May
April
March
February
January
List overview
Download
Sa-announce
August 2023
----- 2024 -----
September 2024
August 2024
July 2024
June 2024
May 2024
April 2024
March 2024
February 2024
January 2024
----- 2023 -----
December 2023
November 2023
October 2023
September 2023
August 2023
July 2023
June 2023
May 2023
April 2023
March 2023
February 2023
January 2023
----- 2022 -----
December 2022
November 2022
October 2022
September 2022
August 2022
July 2022
June 2022
May 2022
April 2022
March 2022
February 2022
January 2022
----- 2021 -----
December 2021
November 2021
October 2021
September 2021
August 2021
July 2021
June 2021
May 2021
April 2021
March 2021
February 2021
January 2021
----- 2020 -----
December 2020
November 2020
October 2020
September 2020
August 2020
July 2020
June 2020
May 2020
April 2020
March 2020
February 2020
January 2020
sa-announce@openeuler.org
1 participants
4 discussions
Start a n
N
ew thread
openEuler update_20230823版本发布公告
by update版本发布邮箱
26 Aug '23
26 Aug '23
主题: openEuler update_20230823版本发布公告 Dear all, 经社区Release SIG、QA SIG及 CICD SIG 评估,openEuler-20.03-LTS-SP1、openEuler-20.03-LTS-SP3、openEuler-22.03-LTS、openEuler-22.03-LTS-SP1及openEuler-22.03-LTS-SP2 update版本满足版本出口质量,现进行发布公示。 本公示分为七部分: 1、openEuler-20.03-LTS-SP1 Update 20230823发布情况及待修复缺陷 2、openEuler-20.03-LTS-SP3 Update 20230823发布情况及待修复缺陷 3、openEuler-22.03-LTS Update 20230823发布情况及待修复缺陷 4、openEuler-22.03-LTS-SP1 Update 20230823发布情况及待修复缺陷 5、openEuler-22.03-LTS-SP2 Update 20230823发布情况及待修复缺陷 6、openEuler 关键组件待修复CVE 清单 7、openEuler 社区指导文档及开放平台链接 本次update版本发布后,下一个版本里程碑点(预计在2023/09/02)提供 update_ 20230830 版本。 openEuler-20.03-LTS-SP1 Update 20230823 经各SIG及社区开发者贡献,本周openEuler-20.03-LTS-SP1修复版本已知问题3个,已知漏洞17个。目前版本分支剩余待修复缺陷20个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP1 Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7ULC2?from=project-i…
CVE修复: CVE 仓库 score CVE-2023-31975 yasm 3.3 CVE-2022-24439 python-GitPython 9.8 CVE-2023-40267 python-GitPython 6.7 CVE-2023-3618 libtiff 6.5 CVE-2023-38712 libreswan 6.5 CVE-2023-38710 libreswan 6.5 CVE-2023-38711 libreswan 6.5 CVE-2023-32573 qt 6.5 CVE-2022-33196 microcode_ctl 6.7 CVE-2022-38090 microcode_ctl 4.4 CVE-2022-40982 microcode_ctl 6.5 CVE-2023-4128 kernel 7.8 CVE-2023-40225 haproxy 7.2 CVE-2021-25786 qpdf 8.8 CVE-2023-29409 golang 5.3 CVE-2023-3180 qemu 6.5 CVE-2023-36054 krb5 6.5 CVE-2023-4387 kernel 7.1 Bugfix: issue 仓库 #I7O0PV:ftp客户端来连lvs节点,lvs节点panic kernel #I6MHKE:openmpi 部分文件位置不对 openmpi #I7VAES:Update 2023/08/21 发布高版本的poppler poppler openEuler-20.03-LTS-SP1版本编译构建信息查询链接:
https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1
https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1:Epol
openEuler-20.03-LTS-SP1 Update版本 发布源链接:
https://repo.openeuler.org/openEuler-20.03-LTS-SP1/update/
https://repo.openeuler.org/openEuler-20.03-LTS-SP1/EPOL/update/
openEuler CVE 及安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-20.03-LTS-SP1 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高): 里程碑 任务ID 任务标题 优先级 sig组 关联仓库 openEuler 20.03-LTS-SP1 I4J0OY 【20.03 SP1】【arm/x86】安装好libdap后,getdap4命令的-i和-k参数使用异常 主要 sig/sig-recycle libdap openEuler 20.03-LTS-SP1 I4JMG4 【20.03 SP1】【arm/x86】robotframework包的三个命令:libdoc、rebot、robot执行--help/-h/-?/--version,查看帮助信息和版本信息,返回值为251 主要 sig/sig-ROS python-robotframework openEuler 20.03-LTS-SP1 I5DLX7 [20.03 22.03] 管理员指南操作文档mysql服务搭建指导文档有误 主要 sig/doc docs openEuler 20.03LTS SP1 update2103 I3E5C1 【20.03-SP1】【arm/x86】服务启动失败 主要 sig/bigdata hadoop openEuler 20.03LTS SP1 update210901 I48GIM 【20.03LTS SP1 update 210901】ovirt-cockpit-sso.service服务启动失败 主要 sig/oVirt ovirt-cockpit-sso openEuler 20.03-LTS-SP1 I6VFAE [20.03 SP1] [x86/arm] mariadb授权给远程用户,远程连接服务失败 次要 sig/DB mariadb openEuler 20.03-LTS-SP1 I4G4A5 Undefine-shift in _bfd_safe_read_leb128 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4B1 Integer overflow in print_vms_time 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4VY memleak in parse_gnu_debugaltlink 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4WF Heap-buffer-overflow in slurp_hppa_unwind_table 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4WW Use-after-free in make_qualified_name 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4X6 memleak in byte_get_little_endian 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4XF memleak in process_mips_specific 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4Y0 out-of-memory in vms_lib_read_index 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4YJ Heap-buffer-overflow in bfd_getl16 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4YV Floating point exception in _bfd_vms_slurp_etir 无优先级 sig/Base-service binutils openEuler 20.03LTS SP1 update210926 I4CMSV 【20.03-LTS-SP1】【arm/x86】搭建Kubernetes 集群缺少包etcd 无优先级 sig/TC community openEuler 20.03LTS SP1 update220111 I4QV6N 【openEuler-20.03-LTS-SP1】flink命令执行失败 无优先级 sig/sig-ai-bigdata flink openEuler-20.03-LTS-SP1 I3QGU7 系统不支持GB18030 无优先级 sig/TC community openEuler-20.03-LTS-SP1-dailybuild I5Y99T mate-desktop install problem in openEuler:20:03:LTS:SP1 无优先级 sig/sig-mate-desktop mate-desktop openEuler-20.03-LTS-SP3 Update 20230823 经各SIG及社区开发者贡献,本周openEuler-20.03-LTS-SP3修复版本已知问2个,已知漏洞17个。目前版本分支剩余待修复缺陷 7个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP3 Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7ULC6?from=project-i…
CVE修复: CVE 仓库 score CVE-2023-36054 krb5 6.5 CVE-2022-24439 python-GitPython 9.8 CVE-2023-40267 python-GitPython 6.7 CVE-2023-3618 libtiff 6.5 CVE-2023-38712 libreswan 6.5 CVE-2023-38710 libreswan 6.5 CVE-2023-38711 libreswan 6.5 CVE-2023-32573 qt 6.5 CVE-2022-33196 microcode_ctl 6.7 CVE-2022-38090 microcode_ctl 4.4 CVE-2022-40982 microcode_ctl 6.5 CVE-2023-4128 kernel 7.8 CVE-2021-25786 qpdf 8.8 CVE-2023-40225 haproxy 7.2 CVE-2023-29409 golang 5.3 CVE-2023-3180 qemu 6.5 CVE-2023-4387 kernel 7.1 Bugfix: issue 仓库 #I7O0PV:ftp客户端来连lvs节点,lvs节点panic kernel #I6MHKE:openmpi 部分文件位置不对 openmpi openEuler-20.03-LTS-SP3版本编译构建信息查询链接:
https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3
https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3:Epol
openEuler-20.03-LTS-SP3 Update版本 发布源链接:
https://repo.openeuler.org/openEuler-20.03-LTS-SP3/update/
https://repo.openeuler.org/openEuler-20.03-LTS-SP3/EPOL/update/main/
openEuler CVE及安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-20.03-LTS-SP3 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高): 里程碑 任务ID 任务标题 优先级 sig组 关联仓库 openEuler 20.03 LTS SP3 update20220801 I5LYJK 【20.03-sp3_update20220801】【x86】对内核版进行升级后,TCP_option_address安装异常 主要 sig/Kernel TCP_option_address openEuler 20.03-LTS-SP3 I5KXUY 【20.03 LTS SP3 update 20220803】【arm/x86】ovirt-cockpit-sso.service服务启动失败 主要 sig/oVirt ovirt-cockpit-sso openEuler-20.03-LTS-SP3 I5KY4S 【20.03 LTS SP3 update 20220803】【arm/x86】vdsmd.service服务启动失败,导致mom-vdsm.service服务无法启动成功 主要 sig/oVirt vdsm openEuler-20.03-LTS-SP3 I72EAT 【20.03 SP3】php相关包在20.03 LTS SP3降级失败 主要 sig/Base-service php openEuler 20.03LTS SP3 update220111 I4QV7S 【openEuler-20.03-LTS-SP3】flink run 命令执行失败 无优先级 sig/sig-ai-bigdata flink openEuler-20.03-LTS-SP3 I6VFMI [20.03 SP3] [x86/arm] mariadb授权给远程用户,远程连接服务失败 次要 sig/DB mariadb openEuler-20.03-LTS-SP3 I72HWV 【20.03-lts-sp3】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败 次要 sig/Base-service php openEuler-22.03-LTS Update 20230823 经各SIG及社区开发者贡献,本周openEuler-22.03-LTS修复版本已知问题2个,已知漏洞19个。目前版本分支剩余待修复缺陷3个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7ULC9?from=project-i…
CVE修复: CVE 仓库 score CVE-2023-38712 libreswan 6.5 CVE-2023-38710 libreswan 6.5 CVE-2023-38711 libreswan 6.5 CVE-2023-36054 krb5 6.5 CVE-2023-31975 yasm 3.3 CVE-2022-24439 python-GitPython 9.8 CVE-2023-40267 python-GitPython 6.7 CVE-2023-3618 libtiff 6.5 CVE-2023-29409 golang 5.3 CVE-2021-25786 qpdf 8.8 CVE-2023-3301 qemu 5.0 CVE-2023-3180 qemu 6.5 CVE-2022-33196 microcode_ctl 6.7 CVE-2022-38090 microcode_ctl 4.4 CVE-2022-40982 microcode_ctl 6.5 CVE-2023-4128 kernel 7.8 CVE-2023-40225 haproxy 7.2 CVE-2023-20593 kernel 5.5 CVE-2023-32573 qt 6.5 Bugfix: issue 仓库 #I7M5F4:[OLK-5.10] 5.10.155 LTS补丁回合 kernel #I6MHKE:openmpi 部分文件位置不对 openmpi openEuler-22.03-LTS版本编译构建信息查询链接:
https://build.openeuler.org/project/show/openEuler:22.03:LTS
https://build.openeuler.org/project/show/openEuler:22.03:LTS:Epol
openEuler-22.03-LTS Update版本 发布源链接:
https://repo.openeuler.org/openEuler-22.03-LTS/update/
https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/main/
https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op…
https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op…
https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/ob…
openEuler CVE 及 安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-22.03-LTS Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高): 里程碑 任务ID 任务标题 优先级 sig 关联仓库 openEuler-22.03-LTS I6VFRX [22.03-LTS][x86/arm]mariadb授权给远程用户,远程连接服务失败 次要 sig/DB mariadb openEuler-22.03-LTS I72N5G 【22.03-lts】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败 次要 sig/Base-service php openEuler-22.03-LTS update20230726 I7ORCE 【arm\x86】selinux-policy-base的版本不符合ceph子包的安装条件,ceph子包安装失败; cephadm卸载有异常打印 主要 sig/SDS ceph openEuler-22.03-LTS-SP1 Update 20230823 经各SIG及社区开发者贡献,本周openEuler-22.03-LTS-SP1修复版本已知问题4个,已知漏洞15个。目前版本分支剩余待修复缺陷9个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS SP1 Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7ULBU?from=project-i…
CVE修复: CVE 仓库 score CVE-2023-36054 krb5 6.5 CVE-2023-38712 libreswan 6.5 CVE-2023-38710 libreswan 6.5 CVE-2023-38711 libreswan 6.5 CVE-2023-40225 haproxy 7.2 CVE-2021-25786 qpdf 8.8 CVE-2023-3301 qemu 5.0 CVE-2023-3180 qemu 6.5 CVE-2023-29409 golang 5.3 CVE-2023-3618 libtiff 6.5 CVE-2023-2860 kernel 4.4 CVE-2023-4128 kernel 7.8 CVE-2023-20593 kernel 5.5 CVE-2023-40267 python-GitPython 6.7 CVE-2022-24439 python-GitPython 9.8 Bugfix: issue 仓库 #I7M5F4:[OLK-5.10] 5.10.155 LTS补丁回合 kernel #I7KUHV:vmstat cpu利用率显示问题 procps-ng #I6MHKE:openmpi 部分文件位置不对 openmpi #I7V300:补丁回合 A-Tune-Collector openEuler-22.03-LTS SP1版本编译构建信息查询链接:
https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP1
https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP1:Ep…
openEuler-22.03-LTS SP1 Update版本 发布源链接:
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/update/
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/main/
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_versio…
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_versio…
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_versio…
openEuler CVE 及 安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-22.03-LTS-SP1 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高): 里程碑 任务ID 任务标题 优先级 标签 关联仓库 openEuler-22.03-LTS-SP1 I7LW30 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during IPA pass: struct_reorg(in wide_int_to_tree_1, at tree.c:1575) 主要 sig/Compiler gcc openEuler-22.03-LTS-SP1 I7LWCW 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:internal compiler error: Segmentation fault 主要 sig/Compiler gcc openEuler-22.03-LTS-SP1 I7LWK7 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during IPA pass: struct_reorg(in get_type_field, at ipa-struct-reorg/ipa-struct-reorg.c:4394) 主要 sig/Compiler gcc openEuler-22.03-LTS-SP1 I7LWO1 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during RTL pass: expand(in convert_move, at expr.c:219) 主要 sig/Compiler gcc openEuler-22.03-LTS-SP1 I7LX07 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during IPA pass: struct_reorg(in get_type_field, at ipa-struct-reorg/ipa-struct-reorg.c:4379) 主要 sig/Compiler gcc openEuler 22.03-SP1 I6B4V1 【22.03 SP1 update 20230118】【arm】libhdfs在arm架构降级失败,x86正常 主要 sig/bigdata hadoop openEuler-22.03-LTS-SP1 I6VFV6 [22.03 SP1] [x86/arm] mariadb授权给远程用户,远程连接服务失败 次要 sig/DB mariadb openEuler-22.03-LTS-SP1 I73CKF 【22.03-lts-sp1】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败 次要 sig/Base-service php openEuler-22.03-LTS-SP1 update20230726 I7OR2I 【22.03 LTS SP1 update20230726】【arm\x86】selinux-policy-base的版本不符合ceph子包的安装条件,ceph子包安装失败 主要 sig/SDS ceph openEuler-22.03-LTS-SP2 Update 20230823 经各SIG及社区开发者贡献,本周openEuler-22.03-LTS-SP2修复版本已知问题1个,已知漏洞14个。目前版本分支剩余待修复缺陷2个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS-SP2 Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7ULZB?from=project-i…
CVE修复: CVE 仓库 score CVE-2023-38712 libreswan 6.5 CVE-2023-38710 libreswan 6.5 CVE-2023-38711 libreswan 6.5 CVE-2023-40225 haproxy 7.2 CVE-2021-25786 qpdf 8.8 CVE-2023-3301 qemu 5.0 CVE-2023-3180 qemu 6.5 CVE-2023-3618 libtiff 6.5 CVE-2023-29409 golang 5.3 CVE-2023-4128 kernel 7.8 CVE-2023-20593 kernel 5.5 CVE-2023-20197 clamav 7.5 CVE-2023-40267 python-GitPython 6.7 CVE-2022-24439 python-GitPython 9.8 Bugfix: issue 仓库 #I7QV2C:mm: disable kernelcore=mirror when no mirror memory kernel openEuler-22.03-LTS SP2版本编译构建信息查询链接:
https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP2
https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP2:Ep…
openEuler-22.03-LTS SP2 Update版本 发布源链接:
https://repo.openeuler.org/openEuler-22.03-LTS-SP2/update/
https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/main/
https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/multi_versio…
https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/multi_versio…
openEuler CVE 及 安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-22.03-LTS-SP2 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高): 里程碑 任务ID 任务标题 优先级 标签 关联仓库 openEuler-22.03-LTS-SP2-round-2 I795G3 【22.03-LTS-SP2 round2】本次转测源中出现多个版本的containers-common 主要 sig/sig-CloudNative skopeo openEuler-22.03-LTS-SP2-SEC I7AFIR 【22.03-LTS-SP2 round2】【x86/arm】libkae-1.2.10-6.oe2203sp2安全编译选项Rpath/Runpath不满足 主要 sig/sig-AccLib libkae 社区待修复漏洞: openEuler社区根据漏洞严重等级采取差异化的修复策略,请各个SIG 关注涉及CVE组件的修复情况。 严重等级(Severity Rating) 漏洞修复时长 致命(Critical) 7天 高(High) 14天 中(Medium) 30天 低(Low) 30天
可参考社区安全委员会漏洞:https://gitee.com/openeuler/security-committee/wikis/%E7%A4%BE…
近14天将超期CVE(8.26日数据): 漏洞编号 Issue ID 剩余天数 CVSS评分 软件包 责任SIG CVE-2023-0160 I6PPPN 0.9 5.5 risc-v-kernel sig-RISC-V CVE-2023-4147 I7QG0W 3.8 7.8 risc-v-kernel sig-RISC-V CVE-2023-4004 I7P3TG 3.8 7.8 risc-v-kernel sig-RISC-V CVE-2020-36138 I7SLVF 4.7 7.5 ffmpeg sig-DDE CVE-2023-3637 I7NTTG 4.9 6.5 openstack-neutron sig-openstack CVE-2023-4128 I7SAP5 4.93 7.8 risc-v-kernel sig-RISC-V CVE-2023-32663 I7SM1D 5.84 7.8 librealsense CVE-2023-34255 I79X89 5.9 6.7 risc-v-kernel sig-RISC-V CVE-2023-20593 I7NLYZ 5.93 5.5 risc-v-kernel sig-RISC-V CVE-2023-3863 I7NLK0 5.93 4.1 risc-v-kernel sig-RISC-V CVE-2023-3772 I7NYWR 6.49 4.4 risc-v-kernel sig-RISC-V CVE-2023-40175 I7UE8F 6.62 7.3 rubygem-puma sig-ruby CVE-2023-33951 I7GURH 6.9 5.3 risc-v-kernel sig-RISC-V CVE-2023-33952 I7GURF 6.9 6.7 risc-v-kernel sig-RISC-V openEuler 社区指导文档及开放平台链接: openEuler 版本分支维护规范:
https://gitee.com/openeuler/release-management/blob/master/openEuler%E7%89%…
openEuler release-management 版本分支PR指导:
https://gitee.com/openeuler/release-management/blob/master/openEuler%E5%BC%…
社区QA 版本测试提单规范
https://gitee.com/openeuler/QA/blob/master/%E7%A4%BE%E5%8C%BA%E7%89%88%E6%9…
社区QA 测试平台 radiates
https://radiatest.openeuler.org
<
https://radiatest.openeuler.org/
>
1
0
0
0
openEuler update_20230816版本发布公告
by update版本发布邮箱
19 Aug '23
19 Aug '23
主题: openEuler update_20230816版本发布公告 Dear all, 经社区Release SIG、QA SIG及 CICD SIG 评估,openEuler-20.03-LTS-SP1、openEuler-20.03-LTS-SP3、openEuler-22.03-LTS、openEuler-22.03-LTS-SP1及openEuler-22.03-LTS-SP2 update版本满足版本出口质量,现进行发布公示。 本公示分为七部分: 1、openEuler-20.03-LTS-SP1 Update 20230816发布情况及待修复缺陷 2、openEuler-20.03-LTS-SP3 Update 20230816发布情况及待修复缺陷 3、openEuler-22.03-LTS Update 20230816发布情况及待修复缺陷 4、openEuler-22.03-LTS-SP1 Update 20230816发布情况及待修复缺陷 5、openEuler-22.03-LTS-SP2 Update 20230816发布情况及待修复缺陷 6、openEuler 关键组件待修复CVE 清单 7、openEuler 社区指导文档及开放平台链接 本次update版本发布后,下一个版本里程碑点(预计在2023/08/26)提供 update_ 20230823 版本。 openEuler-20.03-LTS-SP1 Update 20230816 经各SIG及社区开发者贡献,本周openEuler-20.03-LTS-SP1修复版本已知问题1个,已知漏洞10个。目前版本分支剩余待修复缺陷20个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP1 Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7STST?from=project-i…
CVE修复: CVE 仓库 score CVE-2023-4016 procps-ng 5.5 CVE-2023-37732 yasm 5.5 CVE-2023-25577 python-werkzeug 7.5 CVE-2023-23934 python-werkzeug 3.5 CVE-2023-39978 ImageMagick 7.5 CVE-2023-30577 amanda 7.8 CVE-2023-34319 kernel 1. CVE-2023-3772 kernel 4.4 CVE-2023-4128 kernel 1. CVE-2023-4194 kernel 5.5 Bugfix: issue 仓库 #I7FI5Z:[openEuler 1.0-LTS]dm设备未就绪时会直接丢弃IO kernel openEuler-20.03-LTS-SP1版本编译构建信息查询链接:
https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1
https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1:Epol
openEuler-20.03-LTS-SP1 Update版本 发布源链接:
https://repo.openeuler.org/openEuler-20.03-LTS-SP1/update/
https://repo.openeuler.org/openEuler-20.03-LTS-SP1/EPOL/update/
openEuler CVE 及安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-20.03-LTS-SP1 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高): 里程碑 任务ID 任务标题 优先级 sig组 关联仓库 openEuler 20.03-LTS-SP1 I4J0OY 【20.03 SP1】【arm/x86】安装好libdap后,getdap4命令的-i和-k参数使用异常 主要 sig/sig-recycle libdap openEuler 20.03-LTS-SP1 I4JMG4 【20.03 SP1】【arm/x86】robotframework包的三个命令:libdoc、rebot、robot执行--help/-h/-?/--version,查看帮助信息和版本信息,返回值为251 主要 sig/sig-ROS python-robotframework openEuler 20.03-LTS-SP1 I5DLX7 [20.03 22.03] 管理员指南操作文档mysql服务搭建指导文档有误 主要 sig/doc docs openEuler 20.03LTS SP1 update2103 I3E5C1 【20.03-SP1】【arm/x86】服务启动失败 主要 sig/bigdata hadoop openEuler 20.03LTS SP1 update210901 I48GIM 【20.03LTS SP1 update 210901】ovirt-cockpit-sso.service服务启动失败 主要 sig/oVirt ovirt-cockpit-sso openEuler 20.03-LTS-SP1 I6VFAE [20.03 SP1] [x86/arm] mariadb授权给远程用户,远程连接服务失败 次要 sig/DB mariadb openEuler 20.03-LTS-SP1 I4G4A5 Undefine-shift in _bfd_safe_read_leb128 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4B1 Integer overflow in print_vms_time 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4VY memleak in parse_gnu_debugaltlink 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4WF Heap-buffer-overflow in slurp_hppa_unwind_table 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4WW Use-after-free in make_qualified_name 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4X6 memleak in byte_get_little_endian 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4XF memleak in process_mips_specific 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4Y0 out-of-memory in vms_lib_read_index 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4YJ Heap-buffer-overflow in bfd_getl16 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4YV Floating point exception in _bfd_vms_slurp_etir 无优先级 sig/Base-service binutils openEuler 20.03LTS SP1 update210926 I4CMSV 【20.03-LTS-SP1】【arm/x86】搭建Kubernetes 集群缺少包etcd 无优先级 sig/TC community openEuler 20.03LTS SP1 update220111 I4QV6N 【openEuler-20.03-LTS-SP1】flink命令执行失败 无优先级 sig/sig-ai-bigdata flink openEuler-20.03-LTS-SP1 I3QGU7 系统不支持GB18030 无优先级 sig/TC community openEuler-20.03-LTS-SP1-dailybuild I5Y99T mate-desktop install problem in openEuler:20:03:LTS:SP1 无优先级 sig/sig-mate-desktop mate-desktop openEuler-20.03-LTS-SP3 Update 20230816 经各SIG及社区开发者贡献,本周openEuler-20.03-LTS-SP3修复版本已知问1个,已知漏洞10个。目前版本分支剩余待修复缺陷 7个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP3 Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7STSX?from=project-i…
CVE修复: CVE 仓库 score CVE-2023-30577 amanda 7.8 CVE-2023-4016 procps-ng 5.5 CVE-2023-25577 python-werkzeug 7.5 CVE-2023-23934 python-werkzeug 3.5 CVE-2023-37732 yasm 5.5 CVE-2023-39978 ImageMagick 7.5 CVE-2023-34319 kernel 1. CVE-2023-4194 kernel 5.5 CVE-2023-4128 kernel 1. CVE-2023-3772 kernel 4.4 Bugfix: issue 仓库 #I7FI5Z:[openEuler 1.0-LTS]dm设备未就绪时会直接丢弃IO kernel openEuler-20.03-LTS-SP3版本编译构建信息查询链接:
https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3
https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3:Epol
openEuler-20.03-LTS-SP3 Update版本 发布源链接:
https://repo.openeuler.org/openEuler-20.03-LTS-SP3/update/
https://repo.openeuler.org/openEuler-20.03-LTS-SP3/EPOL/update/main/
openEuler CVE及安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-20.03-LTS-SP3 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高): 里程碑 任务ID 任务标题 优先级 sig组 关联仓库 openEuler 20.03 LTS SP3 update20220801 I5LYJK 【20.03-sp3_update20220801】【x86】对内核版进行升级后,TCP_option_address安装异常 主要 sig/Kernel TCP_option_address openEuler 20.03-LTS-SP3 I5KXUY 【20.03 LTS SP3 update 20220803】【arm/x86】ovirt-cockpit-sso.service服务启动失败 主要 sig/oVirt ovirt-cockpit-sso openEuler-20.03-LTS-SP3 I5KY4S 【20.03 LTS SP3 update 20220803】【arm/x86】vdsmd.service服务启动失败,导致mom-vdsm.service服务无法启动成功 主要 sig/oVirt vdsm openEuler-20.03-LTS-SP3 I72EAT 【20.03 SP3】php相关包在20.03 LTS SP3降级失败 主要 sig/Base-service php openEuler 20.03LTS SP3 update220111 I4QV7S 【openEuler-20.03-LTS-SP3】flink run 命令执行失败 无优先级 sig/sig-ai-bigdata flink openEuler-20.03-LTS-SP3 I6VFMI [20.03 SP3] [x86/arm] mariadb授权给远程用户,远程连接服务失败 次要 sig/DB mariadb openEuler-20.03-LTS-SP3 I72HWV 【20.03-lts-sp3】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败 次要 sig/Base-service php openEuler-22.03-LTS Update 20230816 经各SIG及社区开发者贡献,本周openEuler-22.03-LTS修复版本已知问题2个,已知漏洞12个。目前版本分支剩余待修复缺陷3个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7STT2?from=project-i…
CVE修复: CVE 仓库 score CVE-2007-4559 python3 5.5 CVE-2023-30577 amanda 7.8 CVE-2023-3863 kernel 4.1 CVE-2023-3772 kernel 4.4 CVE-2023-4133 kernel 5.5 CVE-2023-4147 kernel 7.8 CVE-2023-4016 procps-ng 5.5 CVE-2023-25577 python-werkzeug 7.5 CVE-2023-23934 python-werkzeug 3.5 CVE-2023-37732 yasm 5.5 CVE-2023-4134 kernel 5.5 CVE-2023-3867 kernel 1. Bugfix: issue 仓库 #I7T2V2:cloud-init-hotplugd.service服务启动失败,日志中有报错 selinux-policy #I7R8WG:【OLK-5.10】 新增timer_shutdown[_sync]()接口 kernel openEuler-22.03-LTS版本编译构建信息查询链接:
https://build.openeuler.org/project/show/openEuler:22.03:LTS
https://build.openeuler.org/project/show/openEuler:22.03:LTS:Epol
openEuler-22.03-LTS Update版本 发布源链接:
https://repo.openeuler.org/openEuler-22.03-LTS/update/
https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/main/
https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op…
https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op…
https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/ob…
openEuler CVE 及 安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-22.03-LTS Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高): 里程碑 任务ID 任务标题 优先级 sig 关联仓库 openEuler-22.03-LTS I6VFRX [22.03-LTS][x86/arm]mariadb授权给远程用户,远程连接服务失败 次要 sig/DB mariadb openEuler-22.03-LTS I72N5G 【22.03-lts】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败 次要 sig/Base-service php openEuler-22.03-LTS update20230726 I7ORCE 【arm\x86】selinux-policy-base的版本不符合ceph子包的安装条件,ceph子包安装失败; cephadm卸载有异常打印 主要 sig/SDS ceph openEuler-22.03-LTS-SP1 Update 20230816 经各SIG及社区开发者贡献,本周openEuler-22.03-LTS-SP1修复版本已知问题6个,已知漏洞12个。目前版本分支剩余待修复缺陷9个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS SP1 Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7STSP?from=project-i…
CVE修复: CVE 仓库 score CVE-2023-25577 python-werkzeug 7.5 CVE-2023-23934 python-werkzeug 3.5 CVE-2023-30577 amanda 7.8 CVE-2023-37732 yasm 5.5 CVE-2007-4559 python3 5.5 CVE-2023-4016 procps-ng 5.5 CVE-2023-3863 kernel 4.1 CVE-2023-3772 kernel 4.4 CVE-2023-4133 kernel 5.5 CVE-2023-4147 kernel 7.8 CVE-2023-4134 kernel 5.5 CVE-2023-3867 kernel 1. Bugfix: issue 仓库 #I7T2V2:cloud-init-hotplugd.service服务启动失败,日志中有报错 selinux-policy #I7JDC7:保持master分支版本与22.03-LTS-Next分支版本一致 dpu-utilities #I7TJ43:回合bugfix补丁 A-Tune #I7R8WG:【OLK-5.10】 新增timer_shutdown[_sync]()接口 kernel #I7PH6J:补丁回合 A-Tune-Collector #I7DD06:是否有考虑将yaffs2版本进行升级? yaffs2 openEuler-22.03-LTS SP1版本编译构建信息查询链接:
https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP1
https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP1:Ep…
openEuler-22.03-LTS SP1 Update版本 发布源链接:
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/update/
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/main/
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_versio…
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_versio…
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_versio…
openEuler CVE 及 安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-22.03-LTS-SP1 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高): 里程碑 任务ID 任务标题 优先级 标签 关联仓库 openEuler-22.03-LTS-SP1 I7LW30 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during IPA pass: struct_reorg(in wide_int_to_tree_1, at tree.c:1575) 主要 sig/Compiler gcc openEuler-22.03-LTS-SP1 I7LWCW 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:internal compiler error: Segmentation fault 主要 sig/Compiler gcc openEuler-22.03-LTS-SP1 I7LWK7 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during IPA pass: struct_reorg(in get_type_field, at ipa-struct-reorg/ipa-struct-reorg.c:4394) 主要 sig/Compiler gcc openEuler-22.03-LTS-SP1 I7LWO1 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during RTL pass: expand(in convert_move, at expr.c:219) 主要 sig/Compiler gcc openEuler-22.03-LTS-SP1 I7LX07 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during IPA pass: struct_reorg(in get_type_field, at ipa-struct-reorg/ipa-struct-reorg.c:4379) 主要 sig/Compiler gcc openEuler 22.03-SP1 I6B4V1 【22.03 SP1 update 20230118】【arm】libhdfs在arm架构降级失败,x86正常 主要 sig/bigdata hadoop openEuler-22.03-LTS-SP1 I6VFV6 [22.03 SP1] [x86/arm] mariadb授权给远程用户,远程连接服务失败 次要 sig/DB mariadb openEuler-22.03-LTS-SP1 I73CKF 【22.03-lts-sp1】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败 次要 sig/Base-service php openEuler-22.03-LTS-SP1 update20230726 I7OR2I 【22.03 LTS SP1 update20230726】【arm\x86】selinux-policy-base的版本不符合ceph子包的安装条件,ceph子包安装失败 主要 sig/SDS ceph openEuler-22.03-LTS-SP2 Update 20230816 经各SIG及社区开发者贡献,本周openEuler-22.03-LTS-SP2修复版本已知问题2个,已知漏洞12个。目前版本分支剩余待修复缺陷2个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS-SP2 Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7SUPT?from=project-i…
CVE修复: CVE 仓库 score CVE-2023-25577 python-werkzeug 7.5 CVE-2023-23934 python-werkzeug 3.5 CVE-2023-37732 yasm 5.5 CVE-2023-4016 procps-ng 5.5 CVE-2023-30577 amanda 7.8 CVE-2007-4559 python3 5.5 CVE-2023-3863 kernel 4.1 CVE-2023-3772 kernel 4.4 CVE-2023-4133 kernel 5.5 CVE-2023-4147 kernel 7.8 CVE-2023-4134 kernel 5.5 CVE-2023-3867 kernel 1. Bugfix: issue 仓库 #I7R8WG:【OLK-5.10】 新增timer_shutdown[_sync]()接口 kernel #I7TA8F:openEuler22.03 测试CPUBench kmeans用例大概率失败 openjdk-11 openEuler-22.03-LTS SP2版本编译构建信息查询链接:
https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP2
https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP2:Ep…
openEuler-22.03-LTS SP2 Update版本 发布源链接:
https://repo.openeuler.org/openEuler-22.03-LTS-SP2/update/
https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/main/
https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/multi_versio…
https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/multi_versio…
openEuler CVE 及 安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-22.03-LTS-SP2 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高): 里程碑 任务ID 任务标题 优先级 标签 关联仓库 openEuler-22.03-LTS-SP2-round-2 I795G3 【22.03-LTS-SP2 round2】本次转测源中出现多个版本的containers-common 主要 sig/sig-CloudNative skopeo openEuler-22.03-LTS-SP2-SEC I7AFIR 【22.03-LTS-SP2 round2】【x86/arm】libkae-1.2.10-6.oe2203sp2安全编译选项Rpath/Runpath不满足 主要 sig/sig-AccLib libkae 社区待修复漏洞: openEuler社区根据漏洞严重等级采取差异化的修复策略,请各个SIG 关注涉及CVE组件的修复情况。 严重等级(Severity Rating) 漏洞修复时长 致命(Critical) 7天 高(High) 14天 中(Medium) 30天 低(Low) 30天
可参考社区安全委员会漏洞:https://gitee.com/openeuler/security-committee/wikis/%E7%A4%BE…
近14天将超期CVE(8.19日数据): 漏洞编号 Issue ID 剩余天数 CVSS评分 软件包 责任SIG CVE-2023-29457 I7L0CB 1.96 6.1 zabbix Base-service CVE-2023-29455 I7L0C8 1.96 6.1 zabbix Base-service CVE-2023-3618 I7KG3O 1.96 6.5 libtiff Desktop CVE-2023-3782 I7NMHY 5.96 3.7 okhttp sig-MindSpore CVE-2023-38496 I7NYZM 6.96 6.1 apptainer CVE-2023-39949 I7SLV3 7.27 7.5 Fast-DDS CVE-2023-39948 I7SLV1 7.27 7.5 Fast-DDS CVE-2023-39947 I7SLUZ 7.27 8.2 Fast-DDS CVE-2023-39945 I7SLUU 7.27 8.2 Fast-DDS CVE-2023-39946 I7SLVK 7.28 8.2 Fast-DDS CVE-2023-39534 I7SLVJ 7.28 7.5 Fast-DDS openEuler 社区指导文档及开放平台链接: openEuler 版本分支维护规范:
https://gitee.com/openeuler/release-management/blob/master/openEuler%E7%89%…
openEuler release-management 版本分支PR指导:
https://gitee.com/openeuler/release-management/blob/master/openEuler%E5%BC%…
社区QA 版本测试提单规范
https://gitee.com/openeuler/QA/blob/master/%E7%A4%BE%E5%8C%BA%E7%89%88%E6%9…
社区QA 测试平台 radiates
https://radiatest.openeuler.org
<
https://radiatest.openeuler.org/
>
1
0
0
0
openEuler update_20230809版本发布公告
by update版本发布邮箱
12 Aug '23
12 Aug '23
Dear all, 经社区Release SIG、QA SIG及 CICD SIG 评估,openEuler-20.03-LTS-SP1、openEuler-20.03-LTS-SP3、openEuler-22.03-LTS、openEuler-22.03-LTS-SP1及openEuler-22.03-LTS-SP2 update版本满足版本出口质量,现进行发布公示。 本公示分为七部分: 1、openEuler-20.03-LTS-SP1 Update 20230809发布情况及待修复缺陷 2、openEuler-20.03-LTS-SP3 Update 20230809发布情况及待修复缺陷 3、openEuler-22.03-LTS Update 20230809发布情况及待修复缺陷 4、openEuler-22.03-LTS-SP1 Update 20230809发布情况及待修复缺陷 5、openEuler-22.03-LTS-SP2 Update 20230809发布情况及待修复缺陷 6、openEuler 关键组件待修复CVE 清单 7、openEuler 社区指导文档及开放平台链接 本次update版本发布后,下一个版本里程碑点(预计在2023/08/20)提供 update_ 20230816 版本。 openEuler-20.03-LTS-SP1 Update 20230809 经各SIG及社区开发者贡献,本周openEuler-20.03-LTS-SP1修复版本已知问题3个,已知漏洞10个。目前版本分支剩余待修复缺陷20个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP1 Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7QYXB?from=project-i…
CVE修复: CVE 仓库 score CVE-2022-41409 pcre2 7.5 CVE-2023-35945 nghttp2 7.5 CVE-2023-29406 golang 6.5 CVE-2023-25399 scipy 5.5 CVE-2023-3648 wireshark 5.5 CVE-2023-38403 iperf3 5.5 CVE-2023-3817 openssl 5.3 CVE-2023-3863 kernel 4.1 CVE-2023-38288 libtiff 3.3 CVE-2023-4132 kernel 5.5 Bugfix: issue 仓库 I7R0LI:支持磁盘调优参数可在NVMe 子系统生效 tuned #I7QDRI:【22.03 LTS SP2 update20230802】【arm\x86】22.03 SP2版本的ebtables包在22.03 LTS和22.03 SP1的环境上降级有异常打印 ebtables #I7MPVG:更新jQuery版本,jquery新版本进行了一些漏洞修复 python-sphinx openEuler-20.03-LTS-SP1版本编译构建信息查询链接:
https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1
https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1:Epol
openEuler-20.03-LTS-SP1 Update版本 发布源链接:
https://repo.openeuler.org/openEuler-20.03-LTS-SP1/update/
https://repo.openeuler.org/openEuler-20.03-LTS-SP1/EPOL/update/
openEuler CVE 及安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-20.03-LTS-SP1 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高): 里程碑 任务ID 任务标题 优先级 sig组 关联仓库 openEuler 20.03-LTS-SP1 I4J0OY 【20.03 SP1】【arm/x86】安装好libdap后,getdap4命令的-i和-k参数使用异常 主要 sig/sig-recycle libdap openEuler 20.03-LTS-SP1 I4JMG4 【20.03 SP1】【arm/x86】robotframework包的三个命令:libdoc、rebot、robot执行--help/-h/-?/--version,查看帮助信息和版本信息,返回值为251 主要 sig/sig-ROS python-robotframework openEuler 20.03-LTS-SP1 I5DLX7 [20.03 22.03] 管理员指南操作文档mysql服务搭建指导文档有误 主要 sig/doc docs openEuler 20.03LTS SP1 update2103 I3E5C1 【20.03-SP1】【arm/x86】服务启动失败 主要 sig/bigdata hadoop openEuler 20.03LTS SP1 update210901 I48GIM 【20.03LTS SP1 update 210901】ovirt-cockpit-sso.service服务启动失败 主要 sig/oVirt ovirt-cockpit-sso openEuler 20.03-LTS-SP1 I6VFAE [20.03 SP1] [x86/arm] mariadb授权给远程用户,远程连接服务失败 次要 sig/DB mariadb openEuler 20.03-LTS-SP1 I4G4A5 Undefine-shift in _bfd_safe_read_leb128 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4B1 Integer overflow in print_vms_time 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4VY memleak in parse_gnu_debugaltlink 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4WF Heap-buffer-overflow in slurp_hppa_unwind_table 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4WW Use-after-free in make_qualified_name 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4X6 memleak in byte_get_little_endian 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4XF memleak in process_mips_specific 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4Y0 out-of-memory in vms_lib_read_index 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4YJ Heap-buffer-overflow in bfd_getl16 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4YV Floating point exception in _bfd_vms_slurp_etir 无优先级 sig/Base-service binutils openEuler 20.03LTS SP1 update210926 I4CMSV 【20.03-LTS-SP1】【arm/x86】搭建Kubernetes 集群缺少包etcd 无优先级 sig/TC community openEuler 20.03LTS SP1 update220111 I4QV6N 【openEuler-20.03-LTS-SP1】flink命令执行失败 无优先级 sig/sig-ai-bigdata flink openEuler-20.03-LTS-SP1 I3QGU7 系统不支持GB18030 无优先级 sig/TC community openEuler-20.03-LTS-SP1-dailybuild I5Y99T mate-desktop install problem in openEuler:20:03:LTS:SP1 无优先级 sig/sig-mate-desktop mate-desktop openEuler-20.03-LTS-SP3 Update 20230809 经各SIG及社区开发者贡献,本周openEuler-20.03-LTS-SP3修复版本已知问3个,已知漏洞9个。目前版本分支剩余待修复缺陷 7个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP3 Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7QYXC?from=project-i…
CVE修复: CVE 仓库 score CVE-2022-41409 pcre2 7.5 CVE-2023-35945 nghttp2 7.5 CVE-2023-29406 golang 6.5 CVE-2023-25399 scipy 5.5 CVE-2023-3648 wireshark 5.5 CVE-2023-38403 iperf3 5.5 CVE-2023-4132 kernel 5.5 CVE-2023-3817 openssl 5.3 CVE-2023-3863 kernel 4.1 Bugfix: issue 仓库 #I7R0LI:支持磁盘调优参数可在NVMe 子系统生效 tuned #I7QDRI:【22.03 LTS SP2 update20230802】【arm\x86】22.03 SP2版本的ebtables包在22.03 LTS和22.03 SP1的环境上降级有异常打印 ebtables #I7MPVG:更新jQuery版本,jquery新版本进行了一些漏洞修复 python-sphinx openEuler-20.03-LTS-SP3版本编译构建信息查询链接:
https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3
https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3:Epol
openEuler-20.03-LTS-SP3 Update版本 发布源链接:
https://repo.openeuler.org/openEuler-20.03-LTS-SP3/update/
https://repo.openeuler.org/openEuler-20.03-LTS-SP3/EPOL/update/main/
openEuler CVE及安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-20.03-LTS-SP3 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高): 里程碑 任务ID 任务标题 优先级 sig组 关联仓库 openEuler 20.03 LTS SP3 update20220801 I5LYJK 【20.03-sp3_update20220801】【x86】对内核版进行升级后,TCP_option_address安装异常 主要 sig/Kernel TCP_option_address openEuler 20.03-LTS-SP3 I5KXUY 【20.03 LTS SP3 update 20220803】【arm/x86】ovirt-cockpit-sso.service服务启动失败 主要 sig/oVirt ovirt-cockpit-sso openEuler-20.03-LTS-SP3 I5KY4S 【20.03 LTS SP3 update 20220803】【arm/x86】vdsmd.service服务启动失败,导致mom-vdsm.service服务无法启动成功 主要 sig/oVirt vdsm openEuler-20.03-LTS-SP3 I72EAT 【20.03 SP3】php相关包在20.03 LTS SP3降级失败 主要 sig/Base-service php openEuler 20.03LTS SP3 update220111 I4QV7S 【openEuler-20.03-LTS-SP3】flink run 命令执行失败 无优先级 sig/sig-ai-bigdata flink openEuler-20.03-LTS-SP3 I6VFMI [20.03 SP3] [x86/arm] mariadb授权给远程用户,远程连接服务失败 次要 sig/DB mariadb openEuler-20.03-LTS-SP3 I72HWV 【20.03-lts-sp3】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败 次要 sig/Base-service php openEuler-22.03-LTS Update 20230809 经各SIG及社区开发者贡献,本周openEuler-22.03-LTS修复版本已知问题4个,已知漏洞13个。目前版本分支剩余待修复缺陷3个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7QYXD?from=project-i…
CVE修复: CVE 仓库 score CVE-2023-38427 kernel 9.8 CVE-2023-38429 kernel 9.8 CVE-2023-38430 kernel 9.1 CVE-2023-4004 kernel 7.8 CVE-2022-41409 pcre2 7.5 CVE-2023-35945 nghttp2 7.5 CVE-2022-41854 snakeyaml 6.5 CVE-2023-29406 golang 6.5 CVE-2023-25399 scipy 5.5 CVE-2023-36191 sqlite 5.5 CVE-2023-3648 wireshark 5.5 CVE-2023-38403 iperf3 5.5 CVE-2023-3817 openssl 5.3 Bugfix: issue 仓库 #I7PH6J:补丁回合 A-Tune-Collector #I7LPQ9:开启堆栈不可执行链接选项 grub2 #I7QDRI:【22.03 LTS SP2 update20230802】【arm\x86】22.03 SP2版本的ebtables包在22.03 LTS和22.03 SP1的环境上降级有异常打印 ebtables #I7FEZH:CVE-2023-36191 sqlite openEuler-22.03-LTS版本编译构建信息查询链接:
https://build.openeuler.org/project/show/openEuler:22.03:LTS
https://build.openeuler.org/project/show/openEuler:22.03:LTS:Epol
openEuler-22.03-LTS Update版本 发布源链接:
https://repo.openeuler.org/openEuler-22.03-LTS/update/
https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/main/
https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op…
https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op…
https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/ob…
openEuler CVE 及 安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-22.03-LTS Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高): 里程碑 任务ID 任务标题 优先级 sig 关联仓库 openEuler-22.03-LTS I6VFRX [22.03-LTS][x86/arm]mariadb授权给远程用户,远程连接服务失败 次要 sig/DB mariadb openEuler-22.03-LTS I72N5G 【22.03-lts】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败 次要 sig/Base-service php openEuler-22.03-LTS update20230726 I7ORCE 【arm\x86】selinux-policy-base的版本不符合ceph子包的安装条件,ceph子包安装失败; cephadm卸载有异常打印 主要 sig/SDS ceph openEuler-22.03-LTS-SP1 Update 20230809 经各SIG及社区开发者贡献,本周openEuler-22.03-LTS-SP1修复版本已知问题5个,已知漏洞13个。目前版本分支剩余待修复缺陷9个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS SP1 Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7QYXA?from=project-i…
CVE修复: CVE 仓库 score CVE-2023-38429 kernel 9.8 CVE-2023-38427 kernel 9.8 CVE-2023-38430 kernel 9.1 CVE-2023-4004 kernel 7.8 CVE-2022-41409 pcre2 7.5 CVE-2023-24607 qt5-qtbase 7.5 CVE-2023-35945 nghttp2 7.5 CVE-2023-29406 golang 6.5 CVE-2023-25399 scipy 5.5 CVE-2023-38403 iperf3 5.5 CVE-2023-36191 sqlite 5.5 CVE-2023-3648 wireshark 5.5 CVE-2023-3817 openssl 5.3 Bugfix: issue 仓库 #I7PH6J:补丁回合 A-Tune-Collector #I7KS8E:关于unlock-pidfile-if-current-proccess-is-NOT-dnf.patch的疑问 dnf #I7LPQ9:开启堆栈不可执行链接选项 grub2 #I7QDRI:【22.03 LTS SP2 update20230802】【arm\x86】22.03 SP2版本的ebtables包在22.03 LTS和22.03 SP1的环境上降级有异常打印 ebtables #I7MPVG:更新jQuery版本,jquery新版本进行了一些漏洞修复 python-sphinx openEuler-22.03-LTS SP1版本编译构建信息查询链接:
https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP1
https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP1:Ep…
openEuler-22.03-LTS SP1 Update版本 发布源链接:
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/update/
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/main/
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_versio…
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_versio…
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_versio…
openEuler CVE 及 安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-22.03-LTS-SP1 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高): 里程碑 任务ID 任务标题 优先级 标签 关联仓库 openEuler-22.03-LTS-SP1 I7LW30 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during IPA pass: struct_reorg(in wide_int_to_tree_1, at tree.c:1575) 主要 sig/Compiler gcc openEuler-22.03-LTS-SP1 I7LWCW 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:internal compiler error: Segmentation fault 主要 sig/Compiler gcc openEuler-22.03-LTS-SP1 I7LWK7 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during IPA pass: struct_reorg(in get_type_field, at ipa-struct-reorg/ipa-struct-reorg.c:4394) 主要 sig/Compiler gcc openEuler-22.03-LTS-SP1 I7LWO1 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during RTL pass: expand(in convert_move, at expr.c:219) 主要 sig/Compiler gcc openEuler-22.03-LTS-SP1 I7LX07 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during IPA pass: struct_reorg(in get_type_field, at ipa-struct-reorg/ipa-struct-reorg.c:4379) 主要 sig/Compiler gcc openEuler 22.03-SP1 I6B4V1 【22.03 SP1 update 20230118】【arm】libhdfs在arm架构降级失败,x86正常 主要 sig/bigdata hadoop openEuler-22.03-LTS-SP1 I6VFV6 [22.03 SP1] [x86/arm] mariadb授权给远程用户,远程连接服务失败 次要 sig/DB mariadb openEuler-22.03-LTS-SP1 I73CKF 【22.03-lts-sp1】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败 次要 sig/Base-service php openEuler-22.03-LTS-SP1 update20230726 I7OR2I 【22.03 LTS SP1 update20230726】【arm\x86】selinux-policy-base的版本不符合ceph子包的安装条件,ceph子包安装失败 主要 sig/SDS ceph openEuler-22.03-LTS-SP2 Update 20230809 经各SIG及社区开发者贡献,本周openEuler-22.03-LTS-SP2修复版本已知问题5个,已知漏洞23个。目前版本分支剩余待修复缺陷2个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS-SP2 Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7QZHC?from=project-i…
CVE修复: CVE 仓库 score CVE-2023-29404 golang 9.8 CVE-2023-29405 golang 9.8 CVE-2023-38429 kernel 9.8 CVE-2023-38427 kernel 9.8 CVE-2023-38430 kernel 9.1 CVE-2023-31486 perl-HTTP-Tiny 8.1 CVE-2023-4004 kernel 7.8 CVE-2022-41409 pcre2 7.5 CVE-2023-24607 qt5-qtbase 7.5 CVE-2023-32763 qt5-qtbase 7.5 CVE-2023-2828 bind 7.5 CVE-2023-35945 nghttp2 7.5 CVE-2023-3141 kernel 7.1 CVE-2023-3268 kernel 7.1 CVE-2023-35829 kernel 7.0 CVE-2023-29406 golang 6.5 CVE-2023-25399 scipy 5.5 CVE-2023-38403 iperf3 5.5 CVE-2023-36191 sqlite 5.5 CVE-2023-3648 wireshark 5.5 CVE-2023-32762 qt5-qtbase 5.3 CVE-2023-3817 openssl 5.3 CVE-2023-33201 bouncycastle 2.6 Bugfix: issue 仓库 #I7PDHP: Fix missing dealloc_dfx_cnt() during device unregister kernel #I7KS8E:关于unlock-pidfile-if-current-proccess-is-NOT-dnf.patch的疑问 dnf #I7LPQ9:开启堆栈不可执行链接选项 grub2 #I7QDRI:【22.03 LTS SP2 update20230802】【arm\x86】22.03 SP2版本的ebtables包在22.03 LTS和22.03 SP1的环境上降级有异常打印 ebtables #I7MPVG:更新jQuery版本,jquery新版本进行了一些漏洞修复 python-sphinx openEuler-22.03-LTS SP2版本编译构建信息查询链接:
https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP2
https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP2:Ep…
openEuler-22.03-LTS SP2 Update版本 发布源链接:
https://repo.openeuler.org/openEuler-22.03-LTS-SP2/update/
https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/main/
https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/multi_versio…
https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/multi_versio…
openEuler CVE 及 安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-22.03-LTS-SP2 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高): 里程碑 任务ID 任务标题 优先级 标签 关联仓库 openEuler-22.03-LTS-SP2-round-2 I795G3 【22.03-LTS-SP2 round2】本次转测源中出现多个版本的containers-common 主要 sig/sig-CloudNative skopeo openEuler-22.03-LTS-SP2-SEC I7AFIR 【22.03-LTS-SP2 round2】【x86/arm】libkae-1.2.10-6.oe2203sp2安全编译选项Rpath/Runpath不满足 主要 sig/sig-AccLib libkae 社区待修复漏洞: openEuler社区根据漏洞严重等级采取差异化的修复策略,请各个SIG 关注涉及CVE组件的修复情况。 严重等级(Severity Rating) 漏洞修复时长 致命(Critical) 7天 高(High) 14天 中(Medium) 30天 低(Low) 30天
可参考社区安全委员会漏洞:https://gitee.com/openeuler/security-committee/wikis/%E7%A4%BE…
近14天将超期CVE(8.12日数据): 漏洞编号 Issue ID 剩余天数 CVSS评分 软件包 责任SIG CVE-2023-39976 I7RFPU 3 9.8 src-openEuler/libqb sig/Computing CVE-2023-37268 I7LBRR 2 8.8 src-openEuler/mysql5 sig/DB CVE-2022-0323 I7Q15A 4 8.8 src-openEuler/php sig/Base-service CVE-2023-29505 I7QQTS 6 8.8 src-openEuler/rubygem-websocket sig/sig-ruby CVE-2023-3896 I7RA2G 10 7.8 src-openEuler/vim sig/Base-service CVE-2023-29458 I7L0C0 0 7.5 src-openEuler/duktape sig/Base-service CVE-2023-37463 I7L1Z0 1 7.5 src-openEuler/cmark sig/GNOME CVE-2023-37276 I7MH0H 7 7.5 src-openEuler/python-aiohttp sig/Programming-lang CVE-2019-9640 I7PDBJ 2 7.5 src-openEuler/php sig/Base-service CVE-2019-9638 I7PDDJ 2 7.5 src-openEuler/php sig/Base-service CVE-2019-9639 I7PDDO 2 7.5 src-openEuler/php sig/Base-service CVE-2019-9637 I7PDHZ 2 7.5 src-openEuler/php sig/Base-service CVE-2023-39978 I7RFP8 10 7.5 src-openEuler/ImageMagick sig/Others CVE-2023-3637 I7NTTG 12 6.5 src-openEuler/openstack-neutron sig/sig-openstack CVE-2022-4304 I7LRB1 4 5.9 src-openEuler/openresty-openssl111 sig/sig-OpenResty CVE-2023-22053 I7M5UJ 6 5.9 src-openEuler/mysql5 sig/DB CVE-2023-22043 I7M5V2 6 5.9 src-openEuler/openjdk-latest sig/Compiler CVE-2023-22053 I7M5V8 6 5.9 src-openEuler/mysql sig/Others CVE-2023-22043 I7M5VN 6 5.9 src-openEuler/openjdk-1.8.0 sig/Compiler CVE-2023-22043 I7M5VO 6 5.9 src-openEuler/openjdk-11 sig/Compiler CVE-2023-3782 I7NMHY 12 5.9 src-openEuler/okhttp sig/ai CVE-2023-37732 I7OB3A 14 5.5 src-openEuler/yasm sig/Base-service CVE-2023-22041 I7M5V1 6 5.1 src-openEuler/openjdk-latest sig/Compiler CVE-2023-22041 I7M5VL 6 5.1 src-openEuler/openjdk-1.8.0 sig/Compiler CVE-2023-22041 I7M5VM 6 5.1 src-openEuler/openjdk-11 sig/Compiler CVE-2023-22007 I7M5U1 6 4.9 src-openEuler/mysql sig/Others CVE-2023-22056 I7M5UF 6 4.9 src-openEuler/mysql sig/Others CVE-2023-22054 I7M5UR 6 4.9 src-openEuler/mysql sig/Others CVE-2023-22046 I7M5US 6 4.9 src-openEuler/mysql5 sig/DB CVE-2023-22057 I7M5UV 6 4.9 src-openEuler/mysql sig/Others CVE-2023-21950 I7M5UW 6 4.9 src-openEuler/mysql sig/Others CVE-2023-22008 I7M5V3 6 4.9 src-openEuler/mysql sig/Others CVE-2023-22007 I7M5V4 6 4.9 src-openEuler/mysql5 sig/DB CVE-2023-22056 I7M5V5 6 4.9 src-openEuler/mysql5 sig/DB CVE-2023-22054 I7M5VB 6 4.9 src-openEuler/mysql5 sig/DB CVE-2023-22046 I7M5VC 6 4.9 src-openEuler/mysql sig/Others CVE-2023-22057 I7M5VF 6 4.9 src-openEuler/mysql5 sig/DB CVE-2023-21950 I7M5VG 6 4.9 src-openEuler/mysql5 sig/DB CVE-2023-22008 I7M5VP 6 4.9 src-openEuler/mysql5 sig/DB CVE-2023-22033 I7M5UI 6 4.4 src-openEuler/mysql sig/Others CVE-2023-22005 I7M5UT 6 4.4 src-openEuler/mysql sig/Others CVE-2023-22058 I7M5UY 6 4.4 src-openEuler/mysql5 sig/DB CVE-2023-22033 I7M5V7 6 4.4 src-openEuler/mysql5 sig/DB CVE-2023-22005 I7M5VD 6 4.4 src-openEuler/mysql5 sig/DB CVE-2023-22058 I7M5VI 6 4.4 src-openEuler/mysql sig/Others CVE-2023-3772 I7NYWN 13 4.4 src-openEuler/kernel sig/Kernel CVE-2023-3863 I7NLJR 11 4.1 src-openEuler/kernel sig/Kernel CVE-2023-22036 I7M5UM 6 3.7 src-openEuler/openjdk-latest sig/Compiler CVE-2023-22045 I7M5UU 6 3.7 src-openEuler/openjdk-latest sig/Compiler CVE-2023-22049 I7M5UX 6 3.7 src-openEuler/openjdk-latest sig/Compiler CVE-2023-22044 I7M5UZ 6 3.7 src-openEuler/openjdk-latest sig/Compiler CVE-2023-22036 I7M5V9 6 3.7 src-openEuler/openjdk-1.8.0 sig/Compiler CVE-2023-22045 I7M5VE 6 3.7 src-openEuler/openjdk-1.8.0 sig/Compiler CVE-2023-22049 I7M5VH 6 3.7 src-openEuler/openjdk-1.8.0 sig/Compiler CVE-2023-22044 I7M5VJ 6 3.7 src-openEuler/openjdk-1.8.0 sig/Compiler CVE-2023-22036 I7M5VQ 6 3.7 src-openEuler/openjdk-11 sig/Compiler CVE-2023-22045 I7M5VS 6 3.7 src-openEuler/openjdk-11 sig/Compiler CVE-2023-22049 I7M5VT 6 3.7 src-openEuler/openjdk-11 sig/Compiler CVE-2023-22044 I7M5VU 6 3.7 src-openEuler/openjdk-11 sig/Compiler CVE-2023-38496 I7NYZM 13 3.3 src-openEuler/apptainer sig/sig-HPC CVE-2023-22048 I7M5UH 6 3.1 src-openEuler/mysql sig/Others CVE-2023-22006 I7M5V0 6 3.1 src-openEuler/openjdk-latest sig/Compiler CVE-2023-22048 I7M5V6 6 3.1 src-openEuler/mysql5 sig/DB CVE-2023-22006 I7M5VK 6 3.1 src-openEuler/openjdk-1.8.0 sig/Compiler CVE-2023-22006 I7M5VV 6 3.1 src-openEuler/openjdk-11 sig/Compiler CVE-2023-22038 I7M5UQ 6 2.7 src-openEuler/mysql5 sig/DB CVE-2023-22038 I7M5VA 6 2.7 src-openEuler/mysql sig/Others openEuler 社区指导文档及开放平台链接: openEuler 版本分支维护规范:
https://gitee.com/openeuler/release-management/blob/master/openEuler%E7%89%…
openEuler release-management 版本分支PR指导:
https://gitee.com/openeuler/release-management/blob/master/openEuler%E5%BC%…
社区QA 版本测试提单规范
https://gitee.com/openeuler/QA/blob/master/%E7%A4%BE%E5%8C%BA%E7%89%88%E6%9…
社区QA 测试平台 radiates
https://radiatest.openeuler.org
<
https://radiatest.openeuler.org/
>
1
0
0
0
openEuler update_20230802版本发布公告
by update版本发布邮箱
06 Aug '23
06 Aug '23
主题: openEuler update_20230802版本发布公告 Dear all, 经社区Release SIG、QA SIG及 CICD SIG 评估,openEuler-20.03-LTS-SP1、openEuler-20.03-LTS-SP3、openEuler-22.03-LTS、openEuler-22.03-LTS-SP1及openEuler-22.03-LTS-SP2 update版本满足版本出口质量,现进行发布公示。 本公示分为七部分: 1、openEuler-20.03-LTS-SP1 Update 20230802发布情况及待修复缺陷 2、openEuler-20.03-LTS-SP3 Update 20230802发布情况及待修复缺陷 3、openEuler-22.03-LTS Update 20230802发布情况及待修复缺陷 4、openEuler-22.03-LTS-SP1 Update 20230802发布情况及待修复缺陷 5、openEuler-22.03-LTS-SP2 Update 20230802发布情况及待修复缺陷 6、openEuler 关键组件待修复CVE 清单 7、openEuler 社区指导文档及开放平台链接 本次update版本发布后,下一个版本里程碑点(预计在2023/08/13)提供 update_ 20230809 版本。 openEuler-20.03-LTS-SP1 Update 20230802 经各SIG及社区开发者贡献,本周openEuler-20.03-LTS-SP1修复版本已知问题1个,已知漏洞19个。目前版本分支剩余待修复缺陷20个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP1 Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7P5IR?from=project-i…
CVE修复: CVE 仓库 score CVE-2021-45960 firefox 8.8 CVE-2022-22825 firefox 8.8 CVE-2022-22826 firefox 8.8 CVE-2022-22827 firefox 8.8 CVE-2022-24834 redis 8.8 CVE-2021-46143 firefox 7.8 CVE-2023-3611 kernel 7.8 CVE-2023-0664 qemu 7.8 CVE-2023-21255 kernel 7.8 CVE-2023-3609 kernel 7.8 CVE-2023-3776 kernel 7.8 CVE-2023-3812 kernel 7.8 CVE-2023-38408 openssh 7.5 CVE-2022-23491 python-certifi 7.5 CVE-2023-37920 python-certifi 7.5 CVE-2023-2861 qemu 6.0 CVE-2023-3446 openssl 5.3 CVE-2023-38289 libtiff 3.3 CVE-2023-38288 libtiff 3.3 Bugfix: issue 仓库 #I7OSIE:【openEuler-1.0-LTS】hns网卡收发包时反复修改tso,会触发网卡异常 kernel openEuler-20.03-LTS-SP1版本编译构建信息查询链接:
https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1
https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1:Epol
openEuler-20.03-LTS-SP1 Update版本 发布源链接:
https://repo.openeuler.org/openEuler-20.03-LTS-SP1/update/
https://repo.openeuler.org/openEuler-20.03-LTS-SP1/EPOL/update/
openEuler CVE 及安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-20.03-LTS-SP1 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高): 里程碑 任务ID 任务标题 优先级 sig组 关联仓库 openEuler 20.03-LTS-SP1 I4J0OY 【20.03 SP1】【arm/x86】安装好libdap后,getdap4命令的-i和-k参数使用异常 主要 sig/sig-recycle libdap openEuler 20.03-LTS-SP1 I4JMG4 【20.03 SP1】【arm/x86】robotframework包的三个命令:libdoc、rebot、robot执行--help/-h/-?/--version,查看帮助信息和版本信息,返回值为251 主要 sig/sig-ROS python-robotframework openEuler 20.03-LTS-SP1 I5DLX7 [20.03 22.03] 管理员指南操作文档mysql服务搭建指导文档有误 主要 sig/doc docs openEuler 20.03LTS SP1 update2103 I3E5C1 【20.03-SP1】【arm/x86】服务启动失败 主要 sig/bigdata hadoop openEuler 20.03LTS SP1 update210901 I48GIM 【20.03LTS SP1 update 210901】ovirt-cockpit-sso.service服务启动失败 主要 sig/oVirt ovirt-cockpit-sso openEuler 20.03-LTS-SP1 I6VFAE [20.03 SP1] [x86/arm] mariadb授权给远程用户,远程连接服务失败 次要 sig/DB mariadb openEuler 20.03-LTS-SP1 I4G4A5 Undefine-shift in _bfd_safe_read_leb128 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4B1 Integer overflow in print_vms_time 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4VY memleak in parse_gnu_debugaltlink 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4WF Heap-buffer-overflow in slurp_hppa_unwind_table 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4WW Use-after-free in make_qualified_name 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4X6 memleak in byte_get_little_endian 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4XF memleak in process_mips_specific 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4Y0 out-of-memory in vms_lib_read_index 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4YJ Heap-buffer-overflow in bfd_getl16 无优先级 sig/Base-service binutils openEuler 20.03-LTS-SP1 I4G4YV Floating point exception in _bfd_vms_slurp_etir 无优先级 sig/Base-service binutils openEuler 20.03LTS SP1 update210926 I4CMSV 【20.03-LTS-SP1】【arm/x86】搭建Kubernetes 集群缺少包etcd 无优先级 sig/TC community openEuler 20.03LTS SP1 update220111 I4QV6N 【openEuler-20.03-LTS-SP1】flink命令执行失败 无优先级 sig/sig-ai-bigdata flink openEuler-20.03-LTS-SP1 I3QGU7 系统不支持GB18030 无优先级 sig/TC community openEuler-20.03-LTS-SP1-dailybuild I5Y99T mate-desktop install problem in openEuler:20:03:LTS:SP1 无优先级 sig/sig-mate-desktop mate-desktop openEuler-20.03-LTS-SP3 Update 20230802 经各SIG及社区开发者贡献,本周openEuler-20.03-LTS-SP3修复版本已知问1个,已知漏洞19个。目前版本分支剩余待修复缺陷 7个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP3 Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7P5IS?from=project-i…
CVE修复: CVE 仓库 score CVE-2021-45960 firefox 8.8 CVE-2022-22825 firefox 8.8 CVE-2022-22826 firefox 8.8 CVE-2022-22827 firefox 8.8 CVE-2022-24834 redis 8.8 CVE-2021-46143 firefox 7.8 CVE-2023-3611 kernel 7.8 CVE-2023-0664 qemu 7.8 CVE-2023-21255 kernel 7.8 CVE-2023-3609 kernel 7.8 CVE-2023-3776 kernel 7.8 CVE-2023-3812 kernel 7.8 CVE-2022-23491 python-certifi 7.5 CVE-2023-37920 python-certifi 7.5 CVE-2023-38408 openssh 7.5 CVE-2023-2861 qemu 6.0 CVE-2023-3446 openssl 5.3 CVE-2023-38289 libtiff 3.3 CVE-2023-38288 libtiff 3.3 Bugfix: issue 仓库 #I7OSIE:【openEuler-1.0-LTS】hns网卡收发包时反复修改tso,会触发网卡异常 kernel openEuler-20.03-LTS-SP3版本编译构建信息查询链接:
https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3
https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3:Epol
openEuler-20.03-LTS-SP3 Update版本 发布源链接:
https://repo.openeuler.org/openEuler-20.03-LTS-SP3/update/
https://repo.openeuler.org/openEuler-20.03-LTS-SP3/EPOL/update/main/
openEuler CVE及安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-20.03-LTS-SP3 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高): 里程碑 任务ID 任务标题 优先级 sig组 关联仓库 openEuler 20.03 LTS SP3 update20220801 I5LYJK 【20.03-sp3_update20220801】【x86】对内核版进行升级后,TCP_option_address安装异常 主要 sig/Kernel TCP_option_address openEuler 20.03-LTS-SP3 I5KXUY 【20.03 LTS SP3 update 20220803】【arm/x86】ovirt-cockpit-sso.service服务启动失败 主要 sig/oVirt ovirt-cockpit-sso openEuler-20.03-LTS-SP3 I5KY4S 【20.03 LTS SP3 update 20220803】【arm/x86】vdsmd.service服务启动失败,导致mom-vdsm.service服务无法启动成功 主要 sig/oVirt vdsm openEuler-20.03-LTS-SP3 I72EAT 【20.03 SP3】php相关包在20.03 LTS SP3降级失败 主要 sig/Base-service php openEuler 20.03LTS SP3 update220111 I4QV7S 【openEuler-20.03-LTS-SP3】flink run 命令执行失败 无优先级 sig/sig-ai-bigdata flink openEuler-20.03-LTS-SP3 I6VFMI [20.03 SP3] [x86/arm] mariadb授权给远程用户,远程连接服务失败 次要 sig/DB mariadb openEuler-20.03-LTS-SP3 I72HWV 【20.03-lts-sp3】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败 次要 sig/Base-service php openEuler-22.03-LTS Update 20230802 经各SIG及社区开发者贡献,本周openEuler-22.03-LTS修复版本已知问题2个,已知漏洞19个。目前版本分支剩余待修复缺陷3个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7P5IT?from=project-i…
CVE修复: CVE 仓库 score CVE-2023-38426 kernel 9.1 CVE-2022-24834 redis 8.8 CVE-2022-1050 qemu 8.8 CVE-2023-0664 qemu 7.8 CVE-2023-3610 kernel 7.8 CVE-2023-3611 kernel 7.8 CVE-2023-3812 kernel 7.8 CVE-2022-23491 python-certifi 7.5 CVE-2023-37920 python-certifi 7.5 CVE-2023-38408 openssh 7.5 CVE-2023-32248 kernel 7.5 CVE-2023-3567 kernel 6.7 CVE-2023-2163 kernel 6.3 CVE-2023-2861 qemu 6.0 CVE-2022-40896 python-pygments 5.5 CVE-2023-32255 kernel 5.3 CVE-2023-3446 openssl 5.3 CVE-2023-38289 libtiff 3.3 CVE-2023-38288 libtiff 3.3 Bugfix: issue 仓库 #I5M4N4:【22.03 LTS update 20220811】【arm/x86】openstack-ironic-inspector-conductor.service服务start失败 openstack-ironic-inspector #I7PO2D:sysmaster新增到openEuler-22.03-LTS Update 和 openEuler-22.03-LTS-SP1 Update发布 sysmaster openEuler-22.03-LTS版本编译构建信息查询链接:
https://build.openeuler.org/project/show/openEuler:22.03:LTS
https://build.openeuler.org/project/show/openEuler:22.03:LTS:Epol
openEuler-22.03-LTS Update版本 发布源链接:
https://repo.openeuler.org/openEuler-22.03-LTS/update/
https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/main/
https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op…
https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op…
https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/ob…
openEuler CVE 及 安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-22.03-LTS Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高): 里程碑 任务ID 任务标题 优先级 sig 关联仓库 openEuler-22.03-LTS I6VFRX [22.03-LTS][x86/arm]mariadb授权给远程用户,远程连接服务失败 次要 sig/DB mariadb openEuler-22.03-LTS I72N5G 【22.03-lts】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败 次要 sig/Base-service php openEuler-22.03-LTS update20230726 I7ORCE 【arm\x86】selinux-policy-base的版本不符合ceph子包的安装条件,ceph子包安装失败; cephadm卸载有异常打印 主要 sig/SDS ceph openEuler-22.03-LTS-SP1 Update 20230802 经各SIG及社区开发者贡献,本周openEuler-22.03-LTS-SP1修复版本已知问题4个,已知漏洞17个。目前版本分支剩余待修复缺陷9个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS SP1 Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7P5IQ?from=project-i…
CVE修复: CVE 仓库 score CVE-2023-38426 kernel 9.1 CVE-2022-24834 redis 8.8 CVE-2023-0664 qemu 7.8 CVE-2023-3611 kernel 7.8 CVE-2023-3610 kernel 7.8 CVE-2022-23491 python-certifi 7.5 CVE-2023-37920 python-certifi 7.5 CVE-2023-38408 openssh 7.5 CVE-2023-32248 kernel 7.5 CVE-2023-3567 kernel 6.7 CVE-2023-2163 kernel 6.3 CVE-2023-2861 qemu 6.0 CVE-2022-40896 python-pygments 5.5 CVE-2023-3446 openssl 5.3 CVE-2023-32255 kernel 5.3 CVE-2023-38289 libtiff 3.3 CVE-2023-38288 libtiff 3.3 Bugfix: issue 仓库 #I7PO4V:openEuler-22.03-LTS-SP1 Update引入gcc-7 gcc-7 #I7PO37:openEuler-22.03-LTS-SP1 Update引入lld lld #I7PO1C:openEuler-22.03-LTS-SP1 Update引入openmp openmp #I7PO2D:sysmaster新增到openEuler-22.03-LTS Update 和 openEuler-22.03-LTS-SP1 Update发布 sysmaster openEuler-22.03-LTS SP1版本编译构建信息查询链接:
https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP1
https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP1:Ep…
openEuler-22.03-LTS SP1 Update版本 发布源链接:
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/update/
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/main/
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_versio…
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_versio…
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_versio…
openEuler CVE 及 安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-22.03-LTS-SP1 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高): 里程碑 任务ID 任务标题 优先级 标签 关联仓库 openEuler-22.03-LTS-SP1 I7LW30 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during IPA pass: struct_reorg(in wide_int_to_tree_1, at tree.c:1575) 主要 sig/Compiler gcc openEuler-22.03-LTS-SP1 I7LWCW 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:internal compiler error: Segmentation fault 主要 sig/Compiler gcc openEuler-22.03-LTS-SP1 I7LWK7 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during IPA pass: struct_reorg(in get_type_field, at ipa-struct-reorg/ipa-struct-reorg.c:4394) 主要 sig/Compiler gcc openEuler-22.03-LTS-SP1 I7LWO1 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during RTL pass: expand(in convert_move, at expr.c:219) 主要 sig/Compiler gcc openEuler-22.03-LTS-SP1 I7LX07 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during IPA pass: struct_reorg(in get_type_field, at ipa-struct-reorg/ipa-struct-reorg.c:4379) 主要 sig/Compiler gcc openEuler 22.03-SP1 I6B4V1 【22.03 SP1 update 20230118】【arm】libhdfs在arm架构降级失败,x86正常 主要 sig/bigdata hadoop openEuler-22.03-LTS-SP1 I6VFV6 [22.03 SP1] [x86/arm] mariadb授权给远程用户,远程连接服务失败 次要 sig/DB mariadb openEuler-22.03-LTS-SP1 I73CKF 【22.03-lts-sp1】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败 次要 sig/Base-service php openEuler-22.03-LTS-SP1 update20230726 I7OR2I 【22.03 LTS SP1 update20230726】【arm\x86】selinux-policy-base的版本不符合ceph子包的安装条件,ceph子包安装失败 主要 sig/SDS ceph openEuler-22.03-LTS-SP2 Update 20230802 经各SIG及社区开发者贡献,本周openEuler-22.03-LTS-SP2修复版本已知问题2个,已知漏洞17个。目前版本分支剩余待修复缺陷2个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS-SP2 Update版本CVE修复 及Bugfix list公示链接:
https://gitee.com/openeuler/release-management/issues/I7P66G?from=project-i…
CVE修复: CVE 仓库 score CVE-2023-38426 kernel 9.1 CVE-2022-24834 redis 8.8 CVE-2023-0664 qemu 7.8 CVE-2023-3611 kernel 7.8 CVE-2023-3610 kernel 7.8 CVE-2022-23491 python-certifi 7.5 CVE-2023-37920 python-certifi 7.5 CVE-2023-38408 openssh 7.5 CVE-2023-32248 kernel 7.5 CVE-2023-3567 kernel 6.7 CVE-2023-2163 kernel 6.3 CVE-2023-2861 qemu 6.0 CVE-2022-40896 python-pygments 5.5 CVE-2023-3446 openssl 5.3 CVE-2023-32255 kernel 5.3 CVE-2023-38289 libtiff 3.3 CVE-2023-38288 libtiff 3.3 Bugfix: issue 仓库 #I7NQLN:安装UKUI后无法重新生成grub配置 ukui-themes #I7L3KF:【22.03 -LTS-SP2】安装libvirt软件包后,启动libvirtd有报错,并且会导致环境网络不通 ebtables openEuler-22.03-LTS SP2版本编译构建信息查询链接:
https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP2
https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP2:Ep…
openEuler-22.03-LTS SP2 Update版本 发布源链接:
https://repo.openeuler.org/openEuler-22.03-LTS-SP2/update/
https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/main/
https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/multi_versio…
https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/multi_versio…
openEuler CVE 及 安全公告公示链接:
https://www.openeuler.org/zh/security/cve/
https://www.openeuler.org/zh/security/safety-bulletin/
https://repo.openeuler.org/security/data/cvrf/
openEuler-22.03-LTS-SP2 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高): 里程碑 任务ID 任务标题 优先级 标签 关联仓库 openEuler-22.03-LTS-SP2-round-2 I795G3 【22.03-LTS-SP2 round2】本次转测源中出现多个版本的containers-common 主要 sig/sig-CloudNative skopeo openEuler-22.03-LTS-SP2-SEC I7AFIR 【22.03-LTS-SP2 round2】【x86/arm】libkae-1.2.10-6.oe2203sp2安全编译选项Rpath/Runpath不满足 主要 sig/sig-AccLib libkae 社区待修复漏洞: openEuler社区根据漏洞严重等级采取差异化的修复策略,请各个SIG 关注涉及CVE组件的修复情况。 严重等级(Severity Rating) 漏洞修复时长 致命(Critical) 7天 高(High) 14天 中(Medium) 30天 低(Low) 30天
可参考社区安全委员会漏洞:https://gitee.com/openeuler/security-committee/wikis/%E7%A4%BE…
近14天将超期CVE(8.6日数据): 漏洞编号 Issue ID 剩余天数 CVSS评分 软件包 责任SIG CVE-2023-39017 I7QM67 5 9.8 quartz sig/sig-Java CVE-2023-4058 I7PRWB 3 9.8 firefox sig/Application CVE-2023-4057 I7PRWR 3 9.8 firefox sig/Application CVE-2023-4056 I7PRX5 3 9.8 firefox sig/Application CVE-2019-9641 I7PDC3 2 9.8 php sig/Base-service CVE-2022-0323 I7Q15A 10 8.8 php sig/Base-service CVE-2023-37268 I7LBRP 8 8.8 mysql sig/Others CVE-2023-37268 I7LBRR 8 8.8 mysql5 sig/DB CVE-2023-2234 I7K4AU 4 8.8 zephyr sig/sig-Zephyr CVE-2022-45855 I7K4B5 4 8.8 ambari sig/bigdata CVE-2022-42009 I7K4BF 4 8.8 ambari sig/bigdata CVE-2023-4004 I7P3TK 7 7.8 kernel sig/Kernel CVE-2023-30577 I7OB1W 4 7.8 amanda sig/Application CVE-2023-4051 I7PRX1 10 7.5 firefox sig/Application CVE-2019-9640 I7PDBJ 8 7.5 php sig/Base-service CVE-2019-9638 I7PDDJ 8 7.5 php sig/Base-service CVE-2019-9639 I7PDDO 8 7.5 php sig/Base-service CVE-2019-9637 I7PDHZ 8 7.5 php sig/Base-service CVE-2023-37463 I7L1Z0 7 7.5 cmark sig/GNOME CVE-2023-29458 I7L0C0 6 7.5 duktape sig/Base-service CVE-2023-0359 I7K4AV 4 7.5 zephyr sig/sig-Zephyr CVE-2023-38285 I7OLHN 4 7.5 mod_security sig/System-tool CVE-2023-29451 I7NYXP 3 7.5 zabbix sig/Base-service CVE-2023-38633 I7N7UT 1 7.5 librsvg2 sig/Desktop CVE-2023-29406 I7KG3Q 5 6.5 perl-Net-HTTP sig/Programming-lang CVE-2023-29455 I7L0C8 6 6.1 zabbix sig/Base-service CVE-2023-29457 I7L0CB 6 6.1 zabbix sig/Base-service CVE-2023-36942 I7OM6K 5 6.1 mysql sig/Others CVE-2023-36942 I7OM6L 5 6.1 mysql5 sig/DB CVE-2023-22053 I7M5UJ 12 5.9 mysql5 sig/DB CVE-2023-22043 I7M5V2 12 5.9 openjdk-latest sig/Compiler CVE-2023-22053 I7M5V8 12 5.9 mysql sig/Others CVE-2023-22043 I7M5VN 12 5.9 openjdk-1.8.0 sig/Compiler CVE-2023-22043 I7M5VO 12 5.9 openjdk-11 sig/Compiler CVE-2023-38403 I7LTYL 11 5.5 iperf3 sig/Application CVE-2023-3648 I7KXE5 6 5.5 wireshark sig/Application CVE-2023-3649 I7KXEB 6 5.5 wireshark sig/Application CVE-2023-25399 I7KM76 5 5.5 scipy sig/Computing CVE-2023-34036 I7LSFV 10 5.3 springframework-hateoas sig/sig-Java CVE-2023-33008 I7LDU0 8 5.3 johnzon sig/sig-Java CVE-2023-22041 I7M5V1 12 5.1 openjdk-latest sig/Compiler CVE-2023-22041 I7M5VL 12 5.1 openjdk-1.8.0 sig/Compiler CVE-2023-22041 I7M5VM 12 5.1 openjdk-11 sig/Compiler CVE-2023-22007 I7M5U1 12 4.9 mysql sig/Others CVE-2023-22056 I7M5UF 12 4.9 mysql sig/Others CVE-2023-22054 I7M5UR 12 4.9 mysql sig/Others CVE-2023-22046 I7M5US 12 4.9 mysql5 sig/DB CVE-2023-22057 I7M5UV 12 4.9 mysql sig/Others CVE-2023-21950 I7M5UW 12 4.9 mysql sig/Others CVE-2023-22008 I7M5V3 12 4.9 mysql sig/Others CVE-2023-22007 I7M5V4 12 4.9 mysql5 sig/DB CVE-2023-22056 I7M5V5 12 4.9 mysql5 sig/DB CVE-2023-22054 I7M5VB 12 4.9 mysql5 sig/DB CVE-2023-22046 I7M5VC 12 4.9 mysql sig/Others CVE-2023-22057 I7M5VF 12 4.9 mysql5 sig/DB CVE-2023-21950 I7M5VG 12 4.9 mysql5 sig/DB CVE-2023-22008 I7M5VP 12 4.9 mysql5 sig/DB CVE-2023-29449 I7L1GD 6 4.9 zabbix sig/Base-service CVE-2023-36940 I7K6GL 4 4.8 mysql sig/Others CVE-2023-36940 I7K6HT 4 4.8 mysql5 sig/DB CVE-2023-22033 I7M5UI 12 4.4 mysql sig/Others CVE-2023-22005 I7M5UT 12 4.4 mysql sig/Others CVE-2023-22058 I7M5UY 12 4.4 mysql5 sig/DB CVE-2023-22033 I7M5V7 12 4.4 mysql5 sig/DB CVE-2023-22005 I7M5VD 12 4.4 mysql5 sig/DB CVE-2023-22058 I7M5VI 12 4.4 mysql sig/Others CVE-2023-22036 I7M5UM 12 3.7 openjdk-latest sig/Compiler CVE-2023-22045 I7M5UU 12 3.7 openjdk-latest sig/Compiler CVE-2023-22049 I7M5UX 12 3.7 openjdk-latest sig/Compiler CVE-2023-22044 I7M5UZ 12 3.7 openjdk-latest sig/Compiler CVE-2023-22036 I7M5V9 12 3.7 openjdk-1.8.0 sig/Compiler CVE-2023-22045 I7M5VE 12 3.7 openjdk-1.8.0 sig/Compiler CVE-2023-22049 I7M5VH 12 3.7 openjdk-1.8.0 sig/Compiler CVE-2023-22044 I7M5VJ 12 3.7 openjdk-1.8.0 sig/Compiler CVE-2023-22036 I7M5VQ 12 3.7 openjdk-11 sig/Compiler CVE-2023-22045 I7M5VS 12 3.7 openjdk-11 sig/Compiler CVE-2023-22049 I7M5VT 12 3.7 openjdk-11 sig/Compiler CVE-2023-22044 I7M5VU 12 3.7 openjdk-11 sig/Compiler CVE-2023-22048 I7M5UH 12 3.1 mysql sig/Others CVE-2023-22006 I7M5V0 12 3.1 openjdk-latest sig/Compiler CVE-2023-22048 I7M5V6 12 3.1 mysql5 sig/DB CVE-2023-22006 I7M5VK 12 3.1 openjdk-1.8.0 sig/Compiler CVE-2023-22006 I7M5VV 12 3.1 openjdk-11 sig/Compiler CVE-2023-22038 I7M5UQ 12 2.7 mysql5 sig/DB CVE-2023-22038 I7M5VA 12 2.7 mysql sig/Others openEuler 社区指导文档及开放平台链接: openEuler 版本分支维护规范:
https://gitee.com/openeuler/release-management/blob/master/openEuler%E7%89%…
openEuler release-management 版本分支PR指导:
https://gitee.com/openeuler/release-management/blob/master/openEuler%E5%BC%…
社区QA 版本测试提单规范
https://gitee.com/openeuler/QA/blob/master/%E7%A4%BE%E5%8C%BA%E7%89%88%E6%9…
社区QA 测试平台 radiates
https://radiatest.openeuler.org
<
https://radiatest.openeuler.org/
> > From: "update版本发布邮箱"<update(a)openeuler.sh> > Date: Sat, Jul 29, 2023, 15:38 > Subject: openEuler update_20230726版本发布公告 > To: "release"<release(a)openeuler.org>, "dev"<dev(a)openeuler.org>, "qa"<qa(a)openeuler.org>, "sa-announce"<sa-announce(a)openeuler.org> > 主题: openEuler update_20230726版本发布公告 > > Dear all, > 经社区Release SIG、QA SIG及 CICD SIG 评估,openEuler-20.03-LTS-SP1、openEuler-20.03-LTS-SP3、openEuler-22.03-LTS、openEuler-22.03-LTS-SP1及openEuler-22.03-LTS-SP2 update版本满足版本出口质量,现进行发布公示。 > 本公示分为七部分: > 1、openEuler-20.03-LTS-SP1 Update 20230726发布情况及待修复缺陷 > 2、openEuler-20.03-LTS-SP3 Update 20230726发布情况及待修复缺陷 > 3、openEuler-22.03-LTS Update 20230726发布情况及待修复缺陷 > 4、openEuler-22.03-LTS-SP1 Update 20230726发布情况及待修复缺陷 > 5、openEuler-22.03-LTS-SP2 Update 20230726发布情况及待修复缺陷 > 6、openEuler 关键组件待修复CVE 清单 > 7、openEuler 社区指导文档及开放平台链接 > 本次update版本发布后,下一个版本里程碑点(预计在2023/08/02)提供 update_ 20230804 版本。 > > openEuler-20.03-LTS-SP1 Update 20230726 > 经各SIG及社区开发者贡献,本周openEuler-20.03-LTS-SP1修复版本已知问题2个,已知漏洞16个。目前版本分支剩余待修复缺陷20个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库 > > openEuler-20.03-LTS-SP1 Update版本CVE修复 及Bugfix list公示链接: >
https://gitee.com/openeuler/release-management/issues/I7NBS3?from=project-i…
> > CVE修复: > CVE > 仓库 > score > CVE-2021-33294 > elfutils > 2.5 > CVE-2023-33733 > python-reportlab > 7.8 > CVE-2022-45886 > kernel > 7.0 > CVE-2023-3390 > kernel > 7.8 > CVE-2023-35001 > kernel > 7.8 > CVE-2023-34966 > samba > 7.5 > CVE-2023-34967 > samba > 5.3 > CVE-2022-2127 > samba > 5.9 > CVE-2023-37464 > cjose > 8.6 > CVE-2023-3428 > ImageMagick > 6.2 > CVE-2023-3611 > kernel > 7.8 > CVE-2020-23064 > doxygen > 6.1 > CVE-2023-32001 > curl > 5.5 > CVE-2022-22824 > firefox > 9.8 > CVE-2022-22823 > firefox > 9.8 > CVE-2022-22822 > firefox > 9.8 > > > Bugfix: > issue > 仓库 > #I5G81X:【20.03 SP1】selinux-policy卸载异常 > selinux-policy > #I7M52S:【OLK-5.10】kmemleak in mpam_resctrl_cpu_online > kernel > > > openEuler-20.03-LTS-SP1版本编译构建信息查询链接: >
https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1
>
https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1:Epol
> > openEuler-20.03-LTS-SP1 Update版本 发布源链接: >
https://repo.openeuler.org/openEuler-20.03-LTS-SP1/update/
>
https://repo.openeuler.org/openEuler-20.03-LTS-SP1/EPOL/update/
> > openEuler CVE 及安全公告公示链接: >
https://www.openeuler.org/zh/security/cve/
>
https://www.openeuler.org/zh/security/safety-bulletin/
>
https://repo.openeuler.org/security/data/cvrf/
> > openEuler-20.03-LTS-SP1 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高): > > > 里程碑 > 任务ID > 任务标题 > 优先级 > sig组 > 关联仓库 > openEuler 20.03-LTS-SP1 > I4J0OY > 【20.03 SP1】【arm/x86】安装好libdap后,getdap4命令的-i和-k参数使用异常 > 主要 > sig/sig-recycle > libdap > openEuler 20.03-LTS-SP1 > I4JMG4 > 【20.03 SP1】【arm/x86】robotframework包的三个命令:libdoc、rebot、robot执行--help/-h/-?/--version,查看帮助信息和版本信息,返回值为251 > 主要 > sig/sig-ROS > python-robotframework > openEuler 20.03-LTS-SP1 > I5DLX7 > [20.03 22.03] 管理员指南操作文档mysql服务搭建指导文档有误 > 主要 > sig/doc > docs > openEuler 20.03LTS SP1 update2103 > I3E5C1 > 【20.03-SP1】【arm/x86】服务启动失败 > 主要 > sig/bigdata > hadoop > openEuler 20.03LTS SP1 update210901 > I48GIM > 【20.03LTS SP1 update 210901】ovirt-cockpit-sso.service服务启动失败 > 主要 > sig/oVirt > ovirt-cockpit-sso > openEuler 20.03-LTS-SP1 > I6VFAE > [20.03 SP1] [x86/arm] mariadb授权给远程用户,远程连接服务失败 > 次要 > sig/DB > mariadb > openEuler 20.03-LTS-SP1 > I4G4A5 > Undefine-shift in _bfd_safe_read_leb128 > 无优先级 > sig/Base-service > binutils > openEuler 20.03-LTS-SP1 > I4G4B1 > Integer overflow in print_vms_time > 无优先级 > sig/Base-service > binutils > openEuler 20.03-LTS-SP1 > I4G4VY > memleak in parse_gnu_debugaltlink > 无优先级 > sig/Base-service > binutils > openEuler 20.03-LTS-SP1 > I4G4WF > Heap-buffer-overflow in slurp_hppa_unwind_table > 无优先级 > sig/Base-service > binutils > openEuler 20.03-LTS-SP1 > I4G4WW > Use-after-free in make_qualified_name > 无优先级 > sig/Base-service > binutils > openEuler 20.03-LTS-SP1 > I4G4X6 > memleak in byte_get_little_endian > 无优先级 > sig/Base-service > binutils > openEuler 20.03-LTS-SP1 > I4G4XF > memleak in process_mips_specific > 无优先级 > sig/Base-service > binutils > openEuler 20.03-LTS-SP1 > I4G4Y0 > out-of-memory in vms_lib_read_index > 无优先级 > sig/Base-service > binutils > openEuler 20.03-LTS-SP1 > I4G4YJ > Heap-buffer-overflow in bfd_getl16 > 无优先级 > sig/Base-service > binutils > openEuler 20.03-LTS-SP1 > I4G4YV > Floating point exception in _bfd_vms_slurp_etir > 无优先级 > sig/Base-service > binutils > openEuler 20.03LTS SP1 update210926 > I4CMSV > 【20.03-LTS-SP1】【arm/x86】搭建Kubernetes 集群缺少包etcd > 无优先级 > sig/TC > community > openEuler 20.03LTS SP1 update220111 > I4QV6N > 【openEuler-20.03-LTS-SP1】flink命令执行失败 > 无优先级 > sig/sig-ai-bigdata > flink > openEuler-20.03-LTS-SP1 > I3QGU7 > 系统不支持GB18030 > 无优先级 > sig/TC > community > openEuler-20.03-LTS-SP1-dailybuild > I5Y99T > mate-desktop install problem in openEuler:20:03:LTS:SP1 > 无优先级 > sig/sig-mate-desktop > mate-desktop > > > openEuler-20.03-LTS-SP3 Update 20230726 > 经各SIG及社区开发者贡献,本周openEuler-20.03-LTS-SP3修复版本已知问2个,已知漏洞15个。目前版本分支剩余待修复缺陷 7个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库 > > openEuler-20.03-LTS-SP3 Update版本CVE修复 及Bugfix list公示链接: >
https://gitee.com/openeuler/release-management/issues/I7NBS4?from=project-i…
> > CVE修复: > CVE > 仓库 > score > CVE-2023-33733 > python-reportlab > 7.8 > CVE-2022-45886 > kernel > 7.0 > CVE-2023-3390 > kernel > 7.8 > CVE-2023-35001 > kernel > 7.8 > CVE-2023-3428 > ImageMagick > 6.2 > CVE-2023-34966 > samba > 7.5 > CVE-2023-34967 > samba > 5.3 > CVE-2022-2127 > samba > 5.9 > CVE-2023-37464 > cjose > 8.6 > CVE-2021-33294 > elfutils > 2.5 > CVE-2020-23064 > doxygen > 6.1 > CVE-2023-32001 > curl > 5.5 > CVE-2022-22824 > firefox > 9.8 > CVE-2022-22823 > firefox > 9.8 > CVE-2022-22822 > firefox > 9.8 > > > Bugfix: > issue > 仓库 > #I5SCLC:【20.03 SP3】selinux-policy卸载异常 > selinux-policy > #I7M52S:【OLK-5.10】kmemleak in mpam_resctrl_cpu_online > kernel > > > openEuler-20.03-LTS-SP3版本编译构建信息查询链接: >
https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3
>
https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3:Epol
> > openEuler-20.03-LTS-SP3 Update版本 发布源链接: >
https://repo.openeuler.org/openEuler-20.03-LTS-SP3/update/
>
https://repo.openeuler.org/openEuler-20.03-LTS-SP3/EPOL/update/main/
> > openEuler CVE及安全公告公示链接: >
https://www.openeuler.org/zh/security/cve/
>
https://www.openeuler.org/zh/security/safety-bulletin/
>
https://repo.openeuler.org/security/data/cvrf/
> > > openEuler-20.03-LTS-SP3 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高): > 里程碑 > 任务ID > 任务标题 > 优先级 > sig组 > 关联仓库 > openEuler 20.03 LTS SP3 update20220801 > I5LYJK > 【20.03-sp3_update20220801】【x86】对内核版进行升级后,TCP_option_address安装异常 > 主要 > sig/Kernel > TCP_option_address > openEuler 20.03-LTS-SP3 > I5KXUY > 【20.03 LTS SP3 update 20220803】【arm/x86】ovirt-cockpit-sso.service服务启动失败 > 主要 > sig/oVirt > ovirt-cockpit-sso > openEuler-20.03-LTS-SP3 > I5KY4S > 【20.03 LTS SP3 update 20220803】【arm/x86】vdsmd.service服务启动失败,导致mom-vdsm.service服务无法启动成功 > 主要 > sig/oVirt > vdsm > openEuler-20.03-LTS-SP3 > I72EAT > 【20.03 SP3】php相关包在20.03 LTS SP3降级失败 > 主要 > sig/Base-service > php > openEuler 20.03LTS SP3 update220111 > I4QV7S > 【openEuler-20.03-LTS-SP3】flink run 命令执行失败 > 无优先级 > sig/sig-ai-bigdata > flink > openEuler-20.03-LTS-SP3 > I6VFMI > [20.03 SP3] [x86/arm] mariadb授权给远程用户,远程连接服务失败 > 次要 > sig/DB > mariadb > openEuler-20.03-LTS-SP3 > I72HWV > 【20.03-lts-sp3】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败 > 次要 > sig/Base-service > php > > > openEuler-22.03-LTS Update 20230726 > 经各SIG及社区开发者贡献,本周openEuler-22.03-LTS修复版本已知问题5个,已知漏洞10个。目前版本分支剩余待修复缺陷5个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库 > > > openEuler-22.03-LTS Update版本CVE修复 及Bugfix list公示链接: >
https://gitee.com/openeuler/release-management/issues/I7NBS6?from=project-i…
> > CVE修复: > CVE > 仓库 > score > CVE-2023-33733 > python-reportlab > 7.8 > CVE-2022-45886 > kernel > 7.0 > CVE-2023-3390 > kernel > 7.8 > CVE-2023-35001 > kernel > 7.8 > CVE-2023-34966 > samba > 7.5 > CVE-2023-34967 > samba > 5.3 > CVE-2022-2127 > samba > 5.9 > CVE-2023-3428 > ImageMagick > 6.2 > CVE-2023-37464 > cjose > 8.6 > CVE-2023-32001 > curl > 5.5 > > > Bugfix: > issue > 仓库 > #I7I0TJ:libcurl 使用http代理场景下可能出现double free问题 > curl > #I612UG:hulk昇腾特性补丁回合 > kernel > #I7MBX6:upgrade to jdk11.0.20-ga > openjdk-11 > #I7OE6Z:删除Obsoletes,取消包冲突 > zbar > #I7OEV1:adwaita-qt spec中changelog中release错误 > adwaita-qt > > > openEuler-22.03-LTS版本编译构建信息查询链接: >
https://build.openeuler.org/project/show/openEuler:22.03:LTS
>
https://build.openeuler.org/project/show/openEuler:22.03:LTS:Epol
> > openEuler-22.03-LTS Update版本 发布源链接: >
https://repo.openeuler.org/openEuler-22.03-LTS/update/
>
https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/main/
>
https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op…
>
https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op…
>
https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/ob…
> > openEuler CVE 及 安全公告公示链接: >
https://www.openeuler.org/zh/security/cve/
>
https://www.openeuler.org/zh/security/safety-bulletin/
>
https://repo.openeuler.org/security/data/cvrf/
> > openEuler-22.03-LTS Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高): > 里程碑 > 任务ID > 任务标题 > 优先级 > sig > 关联仓库 > openEuler-22.03-LTS > I5RHYO > 【22.09 RC4】【arm/x86】package.ini中的redis_host配置为不存在的ip,重启pkgship服务失败,服务一直在尝试重启 > 主要 > sig/sig-EasyLife > pkgship > openEuler-22.03-LTS > I7HH1A > 【22.03 LTS update20230628】qemu缺少安装依赖,安装失败 > 主要 > sig/Virt > qemu > openEuler-22.03-LTS > I6VFRX > [22.03-LTS][x86/arm]mariadb授权给远程用户,远程连接服务失败 > 次要 > sig/DB > mariadb > openEuler-22.03-LTS > I72N5G > 【22.03-lts】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败 > 次要 > sig/Base-service > php > openEuler-22.03-LTS > I5M4N4 > 【22.03 LTS update 20220811】【arm/x86】openstack-ironic-inspector-conductor.service服务start失败 > 次要 > sig/sig-openstack > openstack-ironic-inspector > > > openEuler-22.03-LTS-SP1 Update 20230726 > 经各SIG及社区开发者贡献,本周openEuler-22.03-LTS-SP1修复版本已知问题3个,已知漏洞14个。目前版本分支剩余待修复缺陷8个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库 > > > openEuler-22.03-LTS SP1 Update版本CVE修复 及Bugfix list公示链接: >
https://gitee.com/openeuler/release-management/issues/I7NBS0?from=project-i…
> > > CVE修复: > CVE > 仓库 > score > CVE-2023-37464 > cjose > 8.6 > CVE-2023-33733 > python-reportlab > 7.8 > CVE-2023-3428 > ImageMagick > 6.2 > CVE-2023-34966 > samba > 7.5 > CVE-2023-34967 > samba > 5.3 > CVE-2023-3347 > samba > 5.9 > CVE-2022-2127 > samba > 5.9 > CVE-2022-45886 > kernel > 7.0 > CVE-2023-3390 > kernel > 7.8 > CVE-2023-35001 > kernel > 7.8 > CVE-2023-32248 > kernel > 1 > CVE-2023-32255 > kernel > 1 > CVE-2023-3567 > kernel > 1 > CVE-2023-32001 > curl > 5.5 > > > Bugfix: > issue > 仓库 > #I7I0TJ:libcurl 使用http代理场景下可能出现double free问题 > curl > #I7M991:【OLK-5.10】WARNING: refcount bug in addrconf_ifdown > kernel > #I7OEV1:adwaita-qt spec中changelog中release错误 > adwaita-qt > > > openEuler-22.03-LTS SP1版本编译构建信息查询链接: >
https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP1
>
https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP1:Ep…
> > openEuler-22.03-LTS SP1 Update版本 发布源链接: >
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/update/
>
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/main/
>
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_versio…
>
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_versio…
>
https://repo.openeuler.org/openEuler-22.03-LTS-SP1/EPOL/update/multi_versio…
> > openEuler CVE 及 安全公告公示链接: >
https://www.openeuler.org/zh/security/cve/
>
https://www.openeuler.org/zh/security/safety-bulletin/
>
https://repo.openeuler.org/security/data/cvrf/
> > openEuler-22.03-LTS-SP1 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高): > 序号 > 里程碑 > 任务ID > 任务标题 > 优先级 > 标签 > 关联仓库 > 1 > openEuler-22.03-LTS-SP1 > I7LW30 > 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during IPA pass: struct_reorg(in wide_int_to_tree_1, at tree.c:1575) > 主要 > sig/Compiler > openEuler/gcc > 2 > openEuler-22.03-LTS-SP1 > I7LWCW > 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:internal compiler error: Segmentation fault > 主要 > sig/Compiler > openEuler/gcc > 3 > openEuler-22.03-LTS-SP1 > I7LWK7 > 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during IPA pass: struct_reorg(in get_type_field, at ipa-struct-reorg/ipa-struct-reorg.c:4394) > 主要 > sig/Compiler > openEuler/gcc > 4 > openEuler-22.03-LTS-SP1 > I7LWO1 > 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during RTL pass: expand(in convert_move, at expr.c:219) > 主要 > sig/Compiler > openEuler/gcc > 5 > openEuler-22.03-LTS-SP1 > I7LX07 > 【arm】-O3 -flto-partition=one -fipa-struct-reorg -fwhole-program编译ICE:during IPA pass: struct_reorg(in get_type_field, at ipa-struct-reorg/ipa-struct-reorg.c:4379) > 主要 > sig/Compiler > openEuler/gcc > 6 > openEuler 22.03-SP1 > I6B4V1 > 【22.03 SP1 update 20230118】【arm】libhdfs在arm架构降级失败,x86正常 > 主要 > sig/bigdata > src-openEuler/hadoop > 7 > openEuler-22.03-LTS-SP1 > I6VFV6 > [22.03 SP1] [x86/arm] mariadb授权给远程用户,远程连接服务失败 > 次要 > sig/DB > src-openEuler/mariadb > 8 > openEuler-22.03-LTS-SP1 > I73CKF > 【22.03-lts-sp1】x86环境上同时安装php-fpm软件包和php-opcache软件包后会导致php-fpm.service服务启动失败 > 次要 > sig/Base-service > src-openEuler/php > > > > > openEuler-22.03-LTS-SP2 Update 20230726 > 经各SIG及社区开发者贡献,本周openEuler-22.03-LTS-SP2修复版本已知问题4个,已知漏洞11个。目前版本分支剩余待修复缺陷3个,缺陷/漏洞统计详见清单,缺陷/漏洞问题详见各软件包源码仓库 > > openEuler-22.03-LTS-SP2 Update版本CVE修复 及Bugfix list公示链接: >
https://gitee.com/openeuler/release-management/issues/I7NCCX?from=project-i…
> > > CVE修复: > CVE > 仓库 > score > CVE-2023-33733 > python-reportlab > 7.8 > CVE-2023-37464 > cjose > 8.6 > CVE-2023-34966 > samba > 7.5 > CVE-2023-34967 > samba > 5.3 > CVE-2023-3347 > samba > 5.9 > CVE-2022-2127 > samba > 5.9 > CVE-2023-3428 > ImageMagick > 6.2 > CVE-2022-45886 > kernel > 7.0 > CVE-2023-3390 > kernel > 7.8 > CVE-2023-35001 > kernel > 7.8 > CVE-2023-32001 > curl > 5.5 > > > Bugfix: > issue > 仓库 > #I7KF71:rpm包内文件遗漏 > A-FOT > #I7I0TJ:libcurl 使用http代理场景下可能出现double free问题 > curl > #I7M991:【OLK-5.10】WARNING: refcount bug in addrconf_ifdown > kernel > #I7OEV1:adwaita-qt spec中changelog中release错误 > adwaita-qt > > > openEuler-22.03-LTS SP2版本编译构建信息查询链接: >
https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP2
>
https://build.openeuler.openatom.cn/project/show/openEuler:22.03:LTS:SP2:Ep…
> > openEuler-22.03-LTS SP2 Update版本 发布源链接: >
https://repo.openeuler.org/openEuler-22.03-LTS-SP2/update/
>
https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/main/
>
https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/multi_versio…
>
https://repo.openeuler.org/openEuler-22.03-LTS-SP2/EPOL/update/multi_versio…
> > openEuler CVE 及 安全公告公示链接: >
https://www.openeuler.org/zh/security/cve/
>
https://www.openeuler.org/zh/security/safety-bulletin/
>
https://repo.openeuler.org/security/data/cvrf/
> > > openEuler-22.03-LTS-SP2 Update版本待修复问题清单公示(任务ID标注红色的问题单优先级高): > 序号 > 里程碑 > 任务ID > 任务标题 > 优先级 > 标签 > 关联仓库 > 1 > openEuler-22.03-LTS-SP2 > I7L3KF > 【22.03 -LTS-SP2】安装libvirt软件包后,启动libvirtd有报错,并且会导致环境网络不通 > 严重 > sig/Virt,block > src-openEuler/libvirt > 2 > openEuler-22.03-LTS-SP2-round-2 > I795G3 > 【22.03-LTS-SP2 round2】本次转测源中出现多个版本的containers-common > 主要 > sig/sig-CloudNative > src-openEuler/skopeo > 3 > openEuler-22.03-LTS-SP2-SEC > I7AFIR > 【22.03-LTS-SP2 round2】【x86/arm】libkae-1.2.10-6.oe2203sp2安全编译选项Rpath/Runpath不满足 > 主要 > sig/sig-AccLib > src-openEuler/libkae > > > 社区待修复漏洞: > openEuler社区根据漏洞严重等级采取差异化的修复策略,请各个SIG 关注涉及CVE组件的修复情况。 > 严重等级(Severity Rating) > 漏洞修复时长 > 致命(Critical) > 7天 > 高(High) > 14天 > 中(Medium) > 30天 > 低(Low) > 30天 > >
可参考社区安全委员会漏洞:https://gitee.com/openeuler/security-committee/wikis/%E7%A4%BE…
> > 近14天将超期CVE(7.22日数据): > 漏洞编号 > Issue ID > 剩余天数 > CVSS评分 > 软件包 > 责任SIG > CVE-2023-38427 > I7LU2Q > 5.58 > 9.8 > kernel > Kernel > CVE-2023-38429 > I7LU2I > 5.58 > 9.8 > kernel > Kernel > CVE-2023-38432 > I7LU3O > 5.58 > 9.1 > kernel > Kernel > CVE-2023-38428 > I7LU3D > 5.58 > 9.1 > kernel > Kernel > CVE-2023-38430 > I7LU2S > 5.58 > 9.1 > kernel > Kernel > CVE-2023-38426 > I7LU2N > 5.58 > 9.1 > kernel > Kernel > CVE-2023-38431 > I7LU2G > 5.58 > 9.1 > kernel > Kernel > CVE-2022-24834 > I7KR7L > 11.06 > 8.8 > redis5 > sig-bigdata > CVE-2022-24834 > I7KR7K > 11.06 > 8.8 > redis > Others > CVE-2022-24834 > I7KR7J > 11.06 > 8.8 > python-redis > Base-service > CVE-2023-37650 > I7OB2V > 12.06 > 8.8 > cockpit > Desktop > CVE-2023-37460 > I7NYZD > 11.06 > 8.1 > plexus-archiver > sig-Java > CVE-2023-1902 > I7K4AS > 2.56 > 8.0 > zephyr > sig-Zephyr > CVE-2023-3776 > I7N3N3 > 7.06 > 7.8 > kernel > Kernel > CVE-2023-3609 > I7N3N2 > 7.06 > 7.8 > kernel > Kernel > CVE-2023-3610 > I7N3N1 > 7.06 > 7.8 > kernel > Kernel > CVE-2023-3611 > I7N3MX > 7.06 > 7.8 > kernel > Kernel > CVE-2023-21255 > I7L0Z9 > 10.56 > 7.8 > kernel > Kernel > CVE-2023-0664 > I6GQEK > 11.56 > 7.8 > qemu > Virt > CVE-2023-3812 > I7MRMH > 12.58 > 7.8 > kernel > Kernel > CVE-2022-33064 > I7M5IV > 12.58 > 7.8 > libsndfile > Computing > CVE-2019-9024 > I7MED5 > 4.56 > 7.5 > php > Base-service > CVE-2023-29451 > I7NYXP > 10.49 > 7.5 > zabbix > Base-service > CVE-2023-38197 > I7KUEO > 10.56 > 7.5 > qt > Runtime > CVE-2023-37920 > I7NYZI > 11.06 > 7.5 > python-certifi > sig-python-modules > CVE-2021-31294 > I7LFQT > 11.06 > 7.5 > redis6 > sig-bigdata > CVE-2021-31294 > I7LFQS > 11.06 > 7.5 > redis5 > sig-bigdata > CVE-2021-31294 > I7LFQQ > 11.56 > 7.5 > redis > Others > CVE-2021-31294 > I7LFQO > 11.56 > 7.5 > python-redis > Base-service > CVE-2023-37649 > I7OB2W > 12.06 > 7.5 > cockpit > Desktop > CVE-2022-41409 > I7OGVS > 12.58 > 7.5 > pcre2 > Base-service > CVE-2023-2234 > I7K4AU > 12.06 > 6.8 > zephyr > sig-Zephyr > CVE-2023-37207 > I7IG0Q > 12.56 > 6.5 > thunderbird > sig-desktop-apps > CVE-2022-42009 > I7K4BF > 12.06 > 6.3 > ambari > sig-bigdata > CVE-2022-45855 > I7K4B5 > 12.06 > 6.3 > ambari > sig-bigdata > CVE-2023-0359 > I7K4AV > 12.06 > 5.9 > zephyr > sig-Zephyr > CVE-2023-36191 > I7FEZH > 1.56 > 5.5 > sqlite > DB > CVE-2023-36146 > I7H9RK > 9.06 > 5.4 > raspberrypi-firmware > sig-RaspberryPi > CVE-2021-28163 > I7K14F > 11.81 > 2.7 > jetty > sig-Java > > > > > openEuler 社区指导文档及开放平台链接: > > > openEuler 版本分支维护规范: >
https://gitee.com/openeuler/release-management/blob/master/openEuler%E7%89%…
> openEuler release-management 版本分支PR指导: >
https://gitee.com/openeuler/release-management/blob/master/openEuler%E5%BC%…
> 社区QA 版本测试提单规范 >
https://gitee.com/openeuler/QA/blob/master/%E7%A4%BE%E5%8C%BA%E7%89%88%E6%9…
> 社区QA 测试平台 radiates >
https://radiatest.openeuler.org
<
https://radiatest.openeuler.org/
> > > > > > > > >
1
0
0
0
Results per page:
10
25
50
100
200