- Sa-announce - mailweb.openeuler.org

openEuler update_20230405版本发布公告
by muyuying 13 Apr '23

13 Apr '23

Dear all，因上周清明假期，上周的版本（update_20230405）发布时间延期至本周，请谅解。经社区Release SIG、QA SIG及 CICD SIG 评估，openEuler-20.03-LTS-SP1、openEuler-20.03-LTS-SP3及openEuler-22.03-LTS update版本满足版本出口质量，现进行发布公示。本公示分为五部分： 1、openEuler-20.03-LTS-SP1 Update 20230405发布情况及待修复缺陷 2、openEuler-20.03-LTS-SP3 Update 20230405发布情况及待修复缺陷 3、openEuler-22.03-LTS Update 20230405发布情况及待修复缺陷 4、openEuler-22.03-LTS-SP1 Update 20230405发布情况及待修复缺陷 5、openEuler 关键组件待修复CVE 清单 6、openEuler 社区指导文档及开放平台链接本次update版本发布后，下一个版本里程碑点（预计在2023/04/16）提供 update_ 20230412 版本。 openEuler-20.03-LTS-SP1 Update 20230405 经各SIG及社区开发者贡献，本周openEuler-20.03-LTS-SP1修复版本已知问题1个，已知漏洞15个。目前版本分支剩余待修复缺陷35个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP1 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I6SC7U?from=project-i… CVE修复： CVE 仓库 score CVE-2023-28487 sudo 5.3 CVE-2023-28486 sudo 5.3 CVE-2023-0466 openssl 5.6 CVE-2023-0465 openssl 5.6 CVE-2023-0464 openssl 7.5 CVE-2023-25180 glib2 6.2 CVE-2023-24593 glib2 6.2 CVE-2023-1370 json-smart 7.5 CVE-2023-1108 undertow 7.5 CVE-2018-16438 hdf5 8.8 CVE-2018-14031 hdf5 8.8 CVE-2023-28772 kernel 7.8 CVE-2023-28328 kernel 5.5 CVE-2023-1513 kernel 7.5 CVE-2023-1380 kernel 6.6 Bugfix： issue 仓库 #I6SMBI:ext4 buffer部分写可能导致idisk_size大于i_size kernel openEuler-20.03-LTS-SP1版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1 https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1:Epol openEuler-20.03-LTS-SP1 Update版本发布源链接： https://repo.openeuler.org/openEuler-20.03-LTS-SP1/update/ https://repo.openeuler.org/openEuler-20.03-LTS-SP1/EPOL/update/ openEuler CVE 及安全公告公示链接： https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-20.03-LTS-SP1 Update版本待修复问题清单公示：任务ID 任务标题关联仓库 SIG I281C1 【fuzz】runtime error: libsass Base-service I437CR [SP1][arm/x86]obs-server包下11个服务启动关闭，出现报错 obs-server Others I43OSX [clamav] 执行clamscan --statistics pcre命令会出现error，但是最终返回码为0 clamav Others I48GIM 【20.03LTS SP1 update 210901】ovirt-cockpit-sso.service服务启动失败 ovirt-cockpit-sso oVirt I4G4A5 Undefine-shift in _bfd_safe_read_leb128 binutils Compiler I4G4B1 Integer overflow in print_vms_time binutils Compiler I4G4VY memleak in parse_gnu_debugaltlink binutils Compiler I4G4WF Heap-buffer-overflow in slurp_hppa_unwind_table binutils Compiler I4G4WW Use-after-free in make_qualified_name binutils Compiler I4G4X6 memleak in byte_get_little_endian binutils Compiler I4G4XF memleak in process_mips_specific binutils Compiler I4G4Y0 out-of-memory in vms_lib_read_index binutils Compiler I4G4YJ Heap-buffer-overflow in bfd_getl16 binutils Compiler I4G4YV Floating point exception in _bfd_vms_slurp_etir binutils Compiler I4J0OY 【20.03 SP1】【arm/x86】安装好libdap后，getdap4命令的-i和-k参数使用异常 libdap sig-recycle I4JMG4 【20.03 SP1】【arm/x86】robotframework包的三个命令：libdoc、rebot、robot执行--help/-h/-?/--version，查看帮助信息和版本信息，返回值为251 python-robotframework sig-ROS I4K6ES stack-buffer-overflow in UINT32_Marshal libtpms sig-security-facility I4K6FU global-buffer-overflow in Array_Marshal libtpms sig-security-facility I4O16Z 【SP1_update/arm】安装kernel-4.19.90-2108版本有错误提示信息 kernel Kernel I4QV6N 【openEuler-20.03-LTS-SP1】flink命令执行失败 flink sig-bigdata I5IG1V 【20.03-SP1】【x86/arm】epol源下的efl、efl-devel软件包安装报错，gpg检查失败 efl sig-compat-winapp I5IG6K 【20.03-SP1】【x86/arm】epol源下的opencryptoki、opencryptoki-devel软件包安装报错，gpg检查失败 opencryptoki dev-utils I5JHX2 【20.03 SP1 update 20220727】ovirt-engine在update 20220727版本安装失败 ovirt-engine oVirt I6975Y 【arm】--enable-bootstrap构建gcc失败 gcc Compiler I6AASB 【arm】【codedb】-O3 -fipa-struct-reorg=2编译AmberToolsICE: lto1: internal compiler error: rewrite failed for realloc gcc Compiler I6AZZU 【arm】【codedb】-O3 -fipa-struct-reorg=3运行bcftools应用Segmentation fault (core dumped) gcc Compiler I6CBNA 【20.03 sp1 udpate 0131 】netdata -W createdataset=10命令执行失败 netdata Base-service I6CKZE 【arm】【deja】使用22.03 LTS-SP1发布源gcc 出现编译ICE:during GIMPLE pass: reassoc:internal compiler error: Segmentation fault gcc Compiler I6DRDY 【x86】【spec2017】-O3 -fipa-struct-reorg=5编译子项失败 gcc Compiler I6DUTF [22.03sp1lts][arm/x86] obsredis.service服务启动失败 obs-server Others I6EUHB create_gcov在kernel6.1上执行报错 autofdo Compiler I6FQCO 【22.03-LTS-SP1】【x86/arm】opengauss缺少安装依赖lsof opengauss-server DB I6I438 【x86】【deja】汇编失败：unsupported masking for `vcvtps2ph' gcc Compiler I6I47O 【x86】【deja】运行出现Segmentation fault gcc Compiler I6O19D 【20.03 sp1 udpate 0315 】irb-jruby命令执行报错 jruby sig-ruby openEuler-20.03-LTS-SP3 Update 20230405 经各SIG及社区开发者贡献，本周openEuler-20.03-LTS-SP3修复版本已知问1个，已知漏洞13个。目前版本分支剩余待修复缺陷 12个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP3 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I6SC7V?from=project-i… CVE修复：需求类型软件包优先级 CVE-2018-14031 hdf5 8.8 CVE-2018-16438 hdf5 8.8 CVE-2023-28487 sudo 5.3 CVE-2023-28486 sudo 5.3 CVE-2023-28328 kernel 5.5 CVE-2023-1380 kernel 6.6 CVE-2023-1513 kernel 7.5 CVE-2023-0464 openssl 7.5 CVE-2023-0465 openssl 5.6 CVE-2023-0466 openssl 5.6 CVE-2023-25180 glib2 6.2 CVE-2023-24593 glib2 6.2 CVE-2023-1108 undertow 7.5 Bugfix： issue 仓库 #I6SMBI:ext4 buffer部分写可能导致idisk_size大于i_size kernel openEuler-20.03-LTS-SP3版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3 https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3:Epol openEuler-20.03-LTS-SP3 Update版本发布源链接： https://repo.openeuler.org/openEuler-20.03-LTS-SP3/update/ https://repo.openeuler.org/openEuler-20.03-LTS-SP3/EPOL/update/main/ openEuler CVE 及安全公告公示链接： https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-20.03-LTS-SP3 Update版本待修复问题清单公示：任务ID 任务标题关联仓库 SIG I4QV7S 【openEuler-20.03-LTS-SP3】flink run 命令执行失败 flink sig-bigdata I4UMEV [openEuler 20.03-LTS SP3]openEuler开启crash_kexec_post_notifiers后，panic通知链无法完全遍历 kernel Kernel I5IGAS 【20.03-SP3】【x86/arm】epol源下的opencryptoki、opencryptoki-devel软件包安装报错，gpg检查失败 opencryptoki dev-utils I5IGOR 【20.03-SP3】【x86/arm】epol源下的fluidsynth、fluidsynth-devel、fluidsynth-help软件包安装报错，gpg检查失败 fluidsynth Application I5KXUY 【20.03 LTS SP3 update 20220803】【arm/x86】ovirt-cockpit-sso.service服务启动失败 ovirt-cockpit-sso oVirt I5KY4S 【20.03 LTS SP3 update 20220803】【arm/x86】vdsmd.service服务启动失败，导致mom-vdsm.service服务无法启动成功 vdsm oVirt I5LYJK 【20.03-sp3_update20220801】【x86】对内核版进行升级后，TCP_option_address安装异常 TCP_option_address Kernel I5XDXJ openeuler：20.03-sp3下lua-lunit0.5和lua5.3不匹配 mugen sig-QA I613DI 【20.03 SP3】当前最新版本的kernel、 oec-hardware、 openEuler-release三个包同时安装，虚拟机启动失败 openEuler-release Base-service I61LEV 【20.03 LTS SP3】【arm/x86】安装oscilloscope，然后执行oscilloscope -h报错 tuna Others I66BBJ [20.03-LTS-SP3]/etc/yum.repos.d/openEuler.repo源中默认没有update的source源 openEuler-repos Base-service I6CBL7 【20.03 sp3 udpate 0131 】netdata -W createdataset=10命令执行失败 netdata Base-service openEuler-22.03-LTS Update 20230405 经各SIG及社区开发者贡献，本周openEuler-22.03-LTS修复版本已知问题1个，已知漏洞16个。目前版本分支剩余待修复缺陷8个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I6SC7W?from=project-i… CVE修复： CVE 仓库 score CVE-2023-28487 sudo 5.3 CVE-2023-28486 sudo 5.3 CVE-2018-14031 hdf5 8.8 CVE-2018-16438 hdf5 8.8 CVE-2022-29901 kernel 6.5 CVE-2022-4269 kernel 5.5 CVE-2023-28327 kernel 5.5 CVE-2023-28328 kernel 5.5 CVE-2023-1380 kernel 6.6 CVE-2023-1513 kernel 7.5 CVE-2023-0464 openssl 7.5 CVE-2023-0465 openssl 5.6 CVE-2023-0466 openssl 5.6 CVE-2023-25180 glib2 6.2 CVE-2023-24593 glib2 6.2 CVE-2023-1108 undertow 7.5 Bugfix： issue 仓库 #I6SFHJ:开源主线网络补丁回合 kernel openEuler-22.03-LTS版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:22.03:LTS https://build.openeuler.org/project/show/openEuler:22.03:LTS:Epol openEuler-22.03-LTS Update版本发布源链接： https://repo.openeuler.org/openEuler-22.03-LTS/update/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/main/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… openEuler-22.03-LTS Update版本待修复问题清单公示：任务ID 任务标题关联仓库 sig I5JIA6 【22.03 LTS update 20220727】ovirt-engine在update 20220727版本安装失败 ovirt-engine oVirt I5JPII 【22.03_update20220727】【x86/arm】ovirt-engine源码包本地自编译失败，缺少编译依赖ovirt-jboss-modules-maven-plugin ovirt-engine oVirt I665SM resize2fs出现csum不一致 kernel Kernel I66BDE [22.03-LTS]/etc/yum.repos.d/openEuler.repo源中默认没有update的source源 openEuler-repos Base-service I66KIH 【22.03 LTS update 20221214】【arm/x86】openstack-ironic-inspector.service服务stop失败 openstack-ironic-inspector sig-openstack I677QX 【22.03-LTS】【x86/arm】安装opengauss-server时报未找不着lsof命令错误 opengauss-server DB I6CBPQ 【22.03 lts udpate 0131 】netdata -W createdataset=10命令执行失败 netdata Base-service I6O1CK 【22.03 lts udpate 0315 】irb-jruby命令执行报错 jruby sig-ruby openEuler-22.03-LTS SP1 Update 20230405 经各SIG及社区开发者贡献，本周openEuler-22.03-LTS修复版本已知问题1个，已知漏洞22个。目前版本分支剩余待修复缺陷11个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS SP1 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I6SC7T?from=project-i… CVE修复： CVE 仓库 score CVE-2018-14031 hdf5 8.8 CVE-2018-16438 hdf5 8.8 CVE-2023-28487 sudo 5.3 CVE-2023-28486 sudo 5.3 CVE-2023-23004 kernel 5.5 CVE-2023-1249 kernel 5.5 CVE-2023-28327 kernel 5.5 CVE-2023-28328 kernel 5.5 CVE-2023-1380 kernel 6.6 CVE-2023-28466 kernel 7 CVE-2022-48424 kernel 7.8 CVE-2022-48423 kernel 7.8 CVE-2022-48425 kernel 7.8 CVE-2023-1281 kernel 7.8 CVE-2023-25809 runc 5 CVE-2023-0466 openssl 5.6 CVE-2023-0465 openssl 5.6 CVE-2023-24593 glib2 6.2 CVE-2023-25180 glib2 6.2 CVE-2023-0464 openssl 7.5 CVE-2023-1513 kernel 7.5 CVE-2023-1108 undertow 7.5 Bugfix： issue 仓库 #I6SFHJ:开源主线网络补丁回合 kernel openEuler-22.03-LTS SP1版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:22.03:LTS https://build.openeuler.org/project/show/openEuler:22.03:LTS:Epol openEuler-22.03-LTS SP1 Update版本发布源链接： https://repo.openeuler.org/openEuler-22.03-LTS/update/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/main/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… openEuler-22.03-LTS SP1 Update版本待修复问题清单公示：任务ID 任务标题关联仓库 sig I6975Y 【arm】--enable-bootstrap构建gcc失败 gcc Compiler I6AASB 【arm】【codedb】-O3 -fipa-struct-reorg=2编译AmberToolsICE: lto1: internal compiler error: rewrite failed for realloc gcc Compiler I6AZZU 【arm】【codedb】-O3 -fipa-struct-reorg=3运行bcftools应用Segmentation fault (core dumped) gcc Compiler I6CBPN 【22.03 lts sp1 udpate 0131 】netdata -W createdataset=10命令执行失败 netdata Base-service I6CKZE 【arm】【deja】使用22.03 LTS-SP1发布源gcc 出现编译ICE:during GIMPLE pass: reassoc:internal compiler error: Segmentation fault gcc Compiler I6DRDY 【x86】【spec2017】-O3 -fipa-struct-reorg=5编译子项失败 gcc Compiler I6DUTF [22.03sp1lts][arm/x86] obsredis.service服务启动失败 obs-server Others I6EUHB create_gcov在kernel6.1上执行报错 autofdo Compiler I6FQCO 【22.03-LTS-SP1】【x86/arm】opengauss缺少安装依赖lsof opengauss-server DB I6I438 【x86】【deja】汇编失败：unsupported masking for `vcvtps2ph' gcc Compiler I6I47O 【x86】【deja】运行出现Segmentation fault gcc Compiler 社区待修复漏洞： openEuler社区根据漏洞严重等级采取差异化的修复策略，请各个SIG 关注涉及CVE组件的修复情况。严重等级（Severity Rating）漏洞修复时长致命（Critical） 7天高（High） 14天中（Medium） 30天低（Low） 30天可参考社区安全委员会漏洞：https://gitee.com/openeuler/security-committee/wikis/%E7%A4%BE… 近14天将超期CVE（4.13日数据）: 漏洞编号 Issue ID 剩余天数 CVSS评分软件包责任SIG CVE-2023-1390 I6N7CV 0.49 6.5 risc-v-kernel sig-RISC-V CVE-2023-28176 I6N797 0.49 0.0 firefox Application CVE-2023-28159 I6N78R 0.49 0.0 firefox Application CVE-2023-28161 I6N8CG 0.52 0.0 firefox Application CVE-2023-28160 I6N89T 0.52 0.0 firefox Application CVE-2023-28164 I6N87J 0.52 6.1 firefox Application CVE-2023-28162 I6N860 0.52 0.0 firefox Application CVE-2023-28177 I6N8JV 0.53 0.0 firefox Application CVE-2023-28163 I6N8EY 0.53 0.0 firefox Application CVE-2023-25751 I6N97Z 0.55 0.0 firefox Application CVE-2023-25752 I6N96P 0.55 6.1 firefox Application CVE-2023-25750 I6N96C 0.55 0.0 firefox Application CVE-2023-25748 I6N965 0.55 0.0 firefox Application CVE-2023-25749 I6N960 0.55 0.0 firefox Application CVE-2023-26485 I6S7WH 2.0 7.5 cmark 　 CVE-2023-24824 I6S7WF 2.0 7.5 cmark 　 CVE-2023-27593 I6O473 3.04 5.5 cilium sig-high-performance-network CVE-2023-26916 I6SX7D 4.73 7.5 libyang sig-high-performance-network CVE-2023-1838 I6T1EZ 5.23 7.1 risc-v-kernel sig-RISC-V CVE-2023-24534 I6T1HL 5.36 7.5 golang sig-golang CVE-2023-24537 I6T1HJ 5.36 8.1 golang sig-golang CVE-2022-4900 I6OOSB 5.98 0.0 php Base-service CVE-2023-28840 I6T4RE 6.0 7.5 moby 　 CVE-2023-28840 I6T4RC 6.0 7.5 docker sig-CloudNative CVE-2023-28425 I6OW4W 6.72 5.5 redis5 sig-bigdata CVE-2023-28425 I6OW46 6.72 5.5 redis Others CVE-2023-28425 I6OW3K 6.72 5.5 python-redis Base-service CVE-2023-28425 I6OW2W 6.72 5.5 redis6 sig-bigdata CVE-2023-1544 I6OZK3 6.85 5.5 qemu Virt CVE-2023-28708 I6PBXT 7.89 4.3 tomcat Application CVE-2023-1583 I6PDF8 8.22 5.5 risc-v-kernel sig-RISC-V CVE-2023-23913 I6PDIP 8.39 0.0 rubygem-rails sig-ruby CVE-2023-1410 I6PLY9 8.76 4.8 grafana Application CVE-2023-0160 I6PPPN 9.0 0.0 risc-v-kernel sig-RISC-V CVE-2023-0870 I6PQ87 9.11 6.7 openstack-horizon sig-openstack CVE-2023-1611 I6PQCU 9.24 6.3 risc-v-kernel sig-RISC-V CVE-2021-3923 I6Q365 10.27 2.3 risc-v-kernel sig-RISC-V CVE-2023-1625 I6Q3J1 10.47 0.0 openstack-heat sig-openstack CVE-2023-1637 I6QEZ5 12.37 5.5 risc-v-kernel sig-RISC-V CVE-2023-28866 I6QHVX 12.52 5.3 risc-v-kernel sig-RISC-V CVE-2023-28859 I6QRYO 12.99 6.5 redis6 sig-bigdata CVE-2023-28859 I6QRYL 12.99 6.5 redis5 sig-bigdata CVE-2023-28859 I6QRYK 12.99 6.5 redis Others CVE-2023-28859 I6QRYH 12.99 6.5 python-redis Base-service CVE-2023-25661 I6QSNP 13.14 6.5 tensorflow sig-ai CVE-2022-39188 I5QVT3 13.81 4.7 kernel Kernel openEuler 社区指导文档及开放平台链接： openEuler 版本分支维护规范： https://gitee.com/openeuler/release-management/blob/master/openEuler%E7%89%… openEuler release-management 版本分支PR指导： https://gitee.com/openeuler/release-management/blob/master/openEuler%E5%BC%… 社区QA 版本测试提单规范 https://gitee.com/openeuler/QA/blob/839f952696f271f83c018ccf3218cf493b92d65… 社区QA 测试平台 radiates https://radiatest.openeuler.org<https://radiatest.openeuler.org/> 沐钰莹（openEuler release SIG） Mobile: +86 15651995918 中国(China)-杭州(Hangzhou)-滨江区江淑路360号华为杭州研发中心 HUAWEI , Jiangshu Road., Binjiang District, Hangzhou, P.R.China E-mail: muyuying1(a)huawei.com<mailto:muyuying1@huawei.com> [cid:image002.png@01D95F4C.8C3691C0]Open Source OS for Digital Infrastructure 本邮件及其附件含有华为公司的保密信息，仅限于发送给上面地址中列出的个人或群组。禁止任何其他人以任何形式使用（包括但不限于全部或部分地泄露、复制、或散发）本邮件中的信息。如果您错收了本邮件，请您立即电话或邮件通知发件人并删除本邮件！ This e-mail and its attachments contain confidential information from HUAWEI, which is intended only for the person or entity whose address is listed above. Any use of the information contained herein in any way (including, but not limited to, total or partial disclosure, reproduction, or dissemination) by persons other than the intended recipient(s) is prohibited. If you receive this e-mail in error, please notify the sender by phone or email immediately and delete it

1 0

openEuler update_20230329版本发布公告
by muyuying 01 Apr '23

01 Apr '23

Dear all，经社区Release SIG、QA SIG及 CICD SIG 评估，openEuler-20.03-LTS-SP1、openEuler-20.03-LTS-SP3及openEuler-22.03-LTS update版本满足版本出口质量，现进行发布公示。本公示分为五部分： 1、openEuler-20.03-LTS-SP1 Update 20230329发布情况及待修复缺陷 2、openEuler-20.03-LTS-SP3 Update 20230329发布情况及待修复缺陷 3、openEuler-22.03-LTS Update 20230329发布情况及待修复缺陷 4、openEuler-22.03-LTS-SP1 Update 20230329发布情况及待修复缺陷 5、openEuler 关键组件待修复CVE 清单 6、openEuler 社区指导文档及开放平台链接本次update版本发布后，下一个版本里程碑点（预计在2023/04/09）提供 update_ 20230405 版本。 openEuler-20.03-LTS-SP1 Update 20230329 经各SIG及社区开发者贡献，本周openEuler-20.03-LTS-SP1修复版本已知问题3个，已知漏洞18个。目前版本分支剩余待修复缺陷35个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP1 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I6QETU?from=project-i… CVE修复： CVE 仓库 score CVE-2020-12762 libfastjson 7.8 CVE-2022-41725 golang 7.5 CVE-2022-41724 golang 7.5 CVE-2022-41723 golang 7.5 CVE-2023-28617 emacs 9.8 CVE-2023-27538 curl 5.8 CVE-2023-27536 curl 5.8 CVE-2023-27535 curl 5.8 CVE-2023-27534 curl 4.5 CVE-2023-27533 curl 4.5 CVE-2023-26769 liblouis 7.5 CVE-2022-36021 redis 5.5 CVE-2023-28466 kernel 7 CVE-2023-1382 kernel 0 CVE-2023-1281 kernel 7.8 CVE-2023-1079 kernel 6.8 CVE-2022-4269 kernel 5.5 CVE-2022-29901 kernel 5.6 Bugfix： issue 仓库 #I6PS8F:vim9.0版本添加用户配置文件vimrc后Backspace键失效 vim #I6D0K1:例行分析grub2软件包补丁 grub2 #I6MR1V:【OLK5.10】文件系统长稳环境出现fsck修复后仍有错误 kernel openEuler-20.03-LTS-SP1版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1 https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1:Epol openEuler-20.03-LTS-SP1 Update版本发布源链接： https://repo.openeuler.org/openEuler-20.03-LTS-SP1/update/ https://repo.openeuler.org/openEuler-20.03-LTS-SP1/EPOL/update/ openEuler CVE 及安全公告公示链接： https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-20.03-LTS-SP1 Update版本待修复问题清单公示：任务ID 任务标题关联仓库 SIG I281C1 【fuzz】runtime error: libsass Base-service I437CR [SP1][arm/x86]obs-server包下11个服务启动关闭，出现报错 obs-server Others I43OSX [clamav] 执行clamscan --statistics pcre命令会出现error，但是最终返回码为0 clamav Others I48GIM 【20.03LTS SP1 update 210901】ovirt-cockpit-sso.service服务启动失败 ovirt-cockpit-sso oVirt I4G4A5 Undefine-shift in _bfd_safe_read_leb128 binutils Compiler I4G4B1 Integer overflow in print_vms_time binutils Compiler I4G4VY memleak in parse_gnu_debugaltlink binutils Compiler I4G4WF Heap-buffer-overflow in slurp_hppa_unwind_table binutils Compiler I4G4WW Use-after-free in make_qualified_name binutils Compiler I4G4X6 memleak in byte_get_little_endian binutils Compiler I4G4XF memleak in process_mips_specific binutils Compiler I4G4Y0 out-of-memory in vms_lib_read_index binutils Compiler I4G4YJ Heap-buffer-overflow in bfd_getl16 binutils Compiler I4G4YV Floating point exception in _bfd_vms_slurp_etir binutils Compiler I4J0OY 【20.03 SP1】【arm/x86】安装好libdap后，getdap4命令的-i和-k参数使用异常 libdap sig-recycle I4JMG4 【20.03 SP1】【arm/x86】robotframework包的三个命令：libdoc、rebot、robot执行--help/-h/-?/--version，查看帮助信息和版本信息，返回值为251 python-robotframework sig-ROS I4K6ES stack-buffer-overflow in UINT32_Marshal libtpms sig-security-facility I4K6FU global-buffer-overflow in Array_Marshal libtpms sig-security-facility I4O16Z 【SP1_update/arm】安装kernel-4.19.90-2108版本有错误提示信息 kernel Kernel I4QV6N 【openEuler-20.03-LTS-SP1】flink命令执行失败 flink sig-bigdata I5IG1V 【20.03-SP1】【x86/arm】epol源下的efl、efl-devel软件包安装报错，gpg检查失败 efl sig-compat-winapp I5IG6K 【20.03-SP1】【x86/arm】epol源下的opencryptoki、opencryptoki-devel软件包安装报错，gpg检查失败 opencryptoki dev-utils I5JHX2 【20.03 SP1 update 20220727】ovirt-engine在update 20220727版本安装失败 ovirt-engine oVirt I6975Y 【arm】--enable-bootstrap构建gcc失败 gcc Compiler I6AASB 【arm】【codedb】-O3 -fipa-struct-reorg=2编译AmberToolsICE: lto1: internal compiler error: rewrite failed for realloc gcc Compiler I6AZZU 【arm】【codedb】-O3 -fipa-struct-reorg=3运行bcftools应用Segmentation fault (core dumped) gcc Compiler I6CBNA 【20.03 sp1 udpate 0131 】netdata -W createdataset=10命令执行失败 netdata Base-service I6CKZE 【arm】【deja】使用22.03 LTS-SP1发布源gcc 出现编译ICE:during GIMPLE pass: reassoc:internal compiler error: Segmentation fault gcc Compiler I6DRDY 【x86】【spec2017】-O3 -fipa-struct-reorg=5编译子项失败 gcc Compiler I6DUTF [22.03sp1lts][arm/x86] obsredis.service服务启动失败 obs-server Others I6EUHB create_gcov在kernel6.1上执行报错 autofdo Compiler I6FQCO 【22.03-LTS-SP1】【x86/arm】opengauss缺少安装依赖lsof opengauss-server DB I6I438 【x86】【deja】汇编失败：unsupported masking for `vcvtps2ph' gcc Compiler I6I47O 【x86】【deja】运行出现Segmentation fault gcc Compiler I6O19D 【20.03 sp1 udpate 0315 】irb-jruby命令执行报错 jruby sig-ruby openEuler-20.03-LTS-SP3 Update 20230329 经各SIG及社区开发者贡献，本周openEuler-20.03-LTS-SP3修复版本已知问5个，已知漏洞18个。目前版本分支剩余待修复缺陷 12个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP3 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I6QETV?from=project-i… CVE修复：需求类型软件包优先级 CVE-2020-12762 libfastjson 7.8 CVE-2022-41723 golang 7.5 CVE-2022-41724 golang 7.5 CVE-2022-41725 golang 7.5 CVE-2023-28617 emacs 9.8 CVE-2023-27533 curl 4.5 CVE-2023-27534 curl 4.5 CVE-2023-27535 curl 5.8 CVE-2023-27536 curl 5.8 CVE-2023-27538 curl 5.8 CVE-2022-36021 redis 5.5 CVE-2023-26769 liblouis 7.5 CVE-2022-29901 kernel 5.6 CVE-2022-4269 kernel 5.5 CVE-2023-1079 kernel 6.8 CVE-2023-1281 kernel 7.8 CVE-2023-1382 kernel 0 CVE-2023-28466 kernel 7 Bugfix： issue 仓库 #I6PS8F:vim9.0版本添加用户配置文件vimrc后Backspace键失效 vim #I6D0K1:例行分析grub2软件包补丁 grub2 #I6KMOJ:grub2支持tpcm3.0特性 grub2 #I6L25L:shim支持可信计算3.0tpcm特性 shim #I6MR1V:【OLK5.10】文件系统长稳环境出现fsck修复后仍有错误 kernel openEuler-20.03-LTS-SP3版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3 https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3:Epol openEuler-20.03-LTS-SP3 Update版本发布源链接： https://repo.openeuler.org/openEuler-20.03-LTS-SP3/update/ https://repo.openeuler.org/openEuler-20.03-LTS-SP3/EPOL/update/main/ openEuler CVE 及安全公告公示链接： https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-20.03-LTS-SP3 Update版本待修复问题清单公示：任务ID 任务标题关联仓库 SIG I4QV7S 【openEuler-20.03-LTS-SP3】flink run 命令执行失败 flink sig-bigdata I4UMEV [openEuler 20.03-LTS SP3]openEuler开启crash_kexec_post_notifiers后，panic通知链无法完全遍历 kernel Kernel I5IGAS 【20.03-SP3】【x86/arm】epol源下的opencryptoki、opencryptoki-devel软件包安装报错，gpg检查失败 opencryptoki dev-utils I5IGOR 【20.03-SP3】【x86/arm】epol源下的fluidsynth、fluidsynth-devel、fluidsynth-help软件包安装报错，gpg检查失败 fluidsynth Application I5KXUY 【20.03 LTS SP3 update 20220803】【arm/x86】ovirt-cockpit-sso.service服务启动失败 ovirt-cockpit-sso oVirt I5KY4S 【20.03 LTS SP3 update 20220803】【arm/x86】vdsmd.service服务启动失败，导致mom-vdsm.service服务无法启动成功 vdsm oVirt I5LYJK 【20.03-sp3_update20220801】【x86】对内核版进行升级后，TCP_option_address安装异常 TCP_option_address Kernel I5XDXJ openeuler：20.03-sp3下lua-lunit0.5和lua5.3不匹配 mugen sig-QA I613DI 【20.03 SP3】当前最新版本的kernel、 oec-hardware、 openEuler-release三个包同时安装，虚拟机启动失败 openEuler-release Base-service I61LEV 【20.03 LTS SP3】【arm/x86】安装oscilloscope，然后执行oscilloscope -h报错 tuna Others I66BBJ [20.03-LTS-SP3]/etc/yum.repos.d/openEuler.repo源中默认没有update的source源 openEuler-repos Base-service I6CBL7 【20.03 sp3 udpate 0131 】netdata -W createdataset=10命令执行失败 netdata Base-service openEuler-22.03-LTS Update 20230329 经各SIG及社区开发者贡献，本周openEuler-22.03-LTS修复版本已知问题22个，已知漏洞5个。目前版本分支剩余待修复缺陷8个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I6QETV?from=project-i… CVE修复： CVE 仓库 score CVE-2020-12762 libfastjson 7.8 CVE-2022-41723 golang 7.5 CVE-2022-41724 golang 7.5 CVE-2022-41725 golang 7.5 CVE-2023-28617 emacs 9.8 CVE-2023-27533 curl 4.5 CVE-2023-27534 curl 4.5 CVE-2023-27535 curl 5.8 CVE-2023-27536 curl 5.8 CVE-2023-27538 curl 5.8 CVE-2023-1161 wireshark 7.1 CVE-2022-36021 redis 5.5 CVE-2023-26769 liblouis 7.5 CVE-2022-48423 kernel 7.8 CVE-2022-48424 kernel 7.8 CVE-2022-48425 kernel 7.8 CVE-2023-1079 kernel 6.8 CVE-2023-1249 kernel 4.1 CVE-2023-1281 kernel 7.8 CVE-2023-1382 kernel 0 CVE-2023-22999 kernel 5.5 CVE-2023-28466 kernel 7 Bugfix： issue 仓库 #I6RD72:upadte20230329【轻量级 PR】：Rebuild for next release perl-libintl-perl #I6PS8F:vim9.0版本添加用户配置文件vimrc后Backspace键失效 vim #I6MTKW:【grub2】grub2-rpm-sort命令执行报错 grub2 #I6RDEF:update20230329 添加sw架构 perftest #I5N162:【OLK 5.10】修复scsi_end_request并发场景出现ref->data空指针解引用问题 kernel openEuler-22.03-LTS版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:22.03:LTS https://build.openeuler.org/project/show/openEuler:22.03:LTS:Epol openEuler-22.03-LTS Update版本发布源链接： https://repo.openeuler.org/openEuler-22.03-LTS/update/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/main/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… openEuler-22.03-LTS Update版本待修复问题清单公示：任务ID 任务标题关联仓库 sig I5JIA6 【22.03 LTS update 20220727】ovirt-engine在update 20220727版本安装失败 ovirt-engine oVirt I5JPII 【22.03_update20220727】【x86/arm】ovirt-engine源码包本地自编译失败，缺少编译依赖ovirt-jboss-modules-maven-plugin ovirt-engine oVirt I665SM resize2fs出现csum不一致 kernel Kernel I66BDE [22.03-LTS]/etc/yum.repos.d/openEuler.repo源中默认没有update的source源 openEuler-repos Base-service I66KIH 【22.03 LTS update 20221214】【arm/x86】openstack-ironic-inspector.service服务stop失败 openstack-ironic-inspector sig-openstack I677QX 【22.03-LTS】【x86/arm】安装opengauss-server时报未找不着lsof命令错误 opengauss-server DB I6CBPQ 【22.03 lts udpate 0131 】netdata -W createdataset=10命令执行失败 netdata Base-service I6O1CK 【22.03 lts udpate 0315 】irb-jruby命令执行报错 jruby sig-ruby openEuler-22.03-LTS SP1 Update 20230329 经各SIG及社区开发者贡献，本周openEuler-22.03-LTS修复版本已知问题10个，已知漏洞12个。目前版本分支剩余待修复缺陷13个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS SP1 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I6QETT?from=project-i… CVE修复： CVE 仓库 score CVE-2020-12762 libfastjson 7.8 CVE-2022-41723 golang 7.5 CVE-2022-41724 golang 7.5 CVE-2022-41725 golang 7.5 CVE-2023-28617 emacs 9.8 CVE-2023-27533 curl 4.5 CVE-2023-27534 curl 4.5 CVE-2023-27535 curl 5.8 CVE-2023-27536 curl 5.8 CVE-2023-27538 curl 5.8 CVE-2023-1161 wireshark 7.1 CVE-2022-36021 redis 5.5 CVE-2023-26769 liblouis 7.5 Bugfix： issue 仓库 #I6RD72:upadte20230329【轻量级 PR】：Rebuild for next release perl-libintl-perl #I6RE2O:update20230329 [Update] Update to v0.4.1 pin-gcc-client #I64VTB:执行命令报错error -4 papi #I6RE3L:update20230329 master到openEuler-22.03-LTS-SP1，升级到4.0.2 procps-ng #I6GCRA:部署好server，client，插入ko，虚拟机重启 dpu-utilities #I6JPN3:openEuler22.03 sp1,4.0版本procps-ng,开启虚拟机top命令统计不到CPU使用率 st，st占用率一直显示为0 procps-ng #I6RE77:update20230329 update syscare to 1.0.1 syscare #I67PXN:fix changelog date error rsyslog #I6PS8F:vim9.0版本添加用户配置文件vimrc后Backspace键失效 vim #I5N162:【OLK 5.10】修复scsi_end_request并发场景出现ref->data空指针解引用问题 kernel openEuler-22.03-LTS SP1版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:22.03:LTS https://build.openeuler.org/project/show/openEuler:22.03:LTS:Epol openEuler-22.03-LTS SP1 Update版本发布源链接： https://repo.openeuler.org/openEuler-22.03-LTS/update/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/main/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… openEuler-22.03-LTS SP1 Update版本待修复问题清单公示：任务ID 任务标题关联仓库 sig I657VX 【22.03_LTS_SP1_RC2】【x86/arm】deepin-dbus-generator不存在安全的编译选项PIE、STRIP deepin-dbus-generator sig-DDE I657W3 【22.03_LTS_SP1_RC2】【x86/arm】deepin-graphics-driver-manager存在不安全的编译选项STRIP deepin-graphics-driver-manager sig-DDE I6975Y 【arm】--enable-bootstrap构建gcc失败 gcc Compiler I6AASB 【arm】【codedb】-O3 -fipa-struct-reorg=2编译AmberToolsICE: lto1: internal compiler error: rewrite failed for realloc gcc Compiler I6AZZU 【arm】【codedb】-O3 -fipa-struct-reorg=3运行bcftools应用Segmentation fault (core dumped) gcc Compiler I6CBPN 【22.03 lts sp1 udpate 0131 】netdata -W createdataset=10命令执行失败 netdata Base-service I6CKZE 【arm】【deja】使用22.03 LTS-SP1发布源gcc 出现编译ICE:during GIMPLE pass: reassoc:internal compiler error: Segmentation fault gcc Compiler I6DRDY 【x86】【spec2017】-O3 -fipa-struct-reorg=5编译子项失败 gcc Compiler I6DUTF [22.03sp1lts][arm/x86] obsredis.service服务启动失败 obs-server Others I6EUHB create_gcov在kernel6.1上执行报错 autofdo Compiler I6FQCO 【22.03-LTS-SP1】【x86/arm】opengauss缺少安装依赖lsof opengauss-server DB I6I438 【x86】【deja】汇编失败：unsupported masking for `vcvtps2ph' gcc Compiler I6I47O 【x86】【deja】运行出现Segmentation fault gcc Compiler 社区待修复漏洞： openEuler社区根据漏洞严重等级采取差异化的修复策略，请各个SIG 关注涉及CVE组件的修复情况。严重等级（Severity Rating）漏洞修复时长致命（Critical） 7天高（High） 14天中（Medium） 30天低（Low） 30天可参考社区安全委员会漏洞：https://gitee.com/openeuler/security-committee/wikis/%E7%A4%BE… 近14天将超期CVE（3.25日数据）: 漏洞编号 Issue ID 剩余天数 CVSS评分软件包责任SIG CVE-2023-25664 I6Q9HZ 0.17 9.8 tensorflow sig-ai CVE-2023-27586 I6OW3B 3.0 7.1 python-cairosvg 　 CVE-2023-0386 I6PBWH 4.17 7.8 risc-v-kernel sig-RISC-V CVE-2023-1192 I6KDQD 4.26 0.0 risc-v-kernel sig-RISC-V CVE-2023-1194 I6KDP0 4.26 0.0 risc-v-kernel sig-RISC-V CVE-2023-1195 I6KDOZ 4.26 0.0 risc-v-kernel sig-RISC-V CVE-2023-1193 I6KEWP 4.38 0.0 risc-v-kernel sig-RISC-V CVE-2023-0464 I6PDB8 4.42 7.5 openssl sig-security-facility CVE-2023-1249 I6KT9F 5.26 5.5 risc-v-kernel sig-RISC-V CVE-2023-1249 I6KT9C 5.26 5.5 kernel Kernel CVE-2023-28772 I6PRCO 5.75 7.8 kernel Kernel CVE-2023-1108 I6KVMO 5.76 0.0 undertow sig-Java CVE-2023-27478 I6KWN7 5.8 6.5 libmemcached Programming-language CVE-2023-25669 I6Q38F 6.67 7.5 tensorflow sig-ai CVE-2023-25670 I6Q38E 6.67 7.5 tensorflow sig-ai CVE-2023-25659 I6Q37O 6.67 7.5 tensorflow sig-ai CVE-2023-25658 I6Q37N 6.67 7.5 tensorflow sig-ai CVE-2023-25673 I6Q9HC 7.16 7.5 tensorflow sig-ai CVE-2023-25671 I6Q9HA 7.16 7.5 tensorflow sig-ai CVE-2023-25665 I6Q9H7 7.16 7.5 tensorflow sig-ai CVE-2023-27579 I6Q9G1 7.16 7.5 tensorflow sig-ai CVE-2023-25663 I6Q9IB 7.17 7.5 tensorflow sig-ai CVE-2023-25666 I6Q9I8 7.17 7.5 tensorflow sig-ai CVE-2023-25667 I6Q9I6 7.17 7.5 tensorflow sig-ai CVE-2023-25660 I6Q9I4 7.17 7.5 tensorflow sig-ai CVE-2023-25674 I6Q9HW 7.17 7.5 tensorflow sig-ai CVE-2023-25662 I6Q9HP 7.17 7.5 tensorflow sig-ai CVE-2023-25672 I6Q9HK 7.17 7.5 tensorflow sig-ai CVE-2023-1289 I6LKHN 7.38 5.5 ImageMagick Others CVE-2011-5034 I6LPRE 7.96 0.0 geronimo-saaj sig-Java CVE-2023-1436 I6P70O 11.35 7.5 jettison dev-utils CVE-2023-1370 I6MX6A 11.35 7.5 json-smart sig-Java CVE-2023-1032 I6MSIY 11.63 0.0 kernel Kernel CVE-2023-28176 I6N797 12.77 0.0 firefox Application CVE-2023-28159 I6N78R 12.77 0.0 firefox Application CVE-2023-1390 I6N7CV 12.78 6.5 risc-v-kernel sig-RISC-V CVE-2023-28164 I6N87J 12.8 6.1 firefox Application CVE-2023-28162 I6N860 12.8 0.0 firefox Application CVE-2023-28177 I6N8JV 12.81 0.0 firefox Application CVE-2023-28163 I6N8EY 12.81 0.0 firefox Application CVE-2023-28161 I6N8CG 12.81 0.0 firefox Application CVE-2023-28160 I6N89T 12.81 0.0 firefox Application CVE-2023-25752 I6N96P 12.83 6.1 firefox Application CVE-2023-25750 I6N96C 12.83 0.0 firefox Application CVE-2023-25748 I6N965 12.83 0.0 firefox Application CVE-2023-25749 I6N960 12.83 0.0 firefox Application CVE-2023-25751 I6N97Z 12.84 0.0 firefox Application CVE-2023-28328 I6NCQH 13.0 0.0 kernel Kernel CVE-2023-28327 I6NCP2 13.0 0.0 kernel Kernel CVE-2023-1380 I6NCVX 13.01 0.0 kernel Kernel CVE-2022-39188 I5QVT3 13.81 4.7 kernel Kernel openEuler 社区指导文档及开放平台链接： openEuler 版本分支维护规范： https://gitee.com/openeuler/release-management/blob/master/openEuler%E7%89%… openEuler release-management 版本分支PR指导： https://gitee.com/openeuler/release-management/blob/master/openEuler%E5%BC%… 社区QA 版本测试提单规范 https://gitee.com/openeuler/QA/blob/839f952696f271f83c018ccf3218cf493b92d65… 社区QA 测试平台 radiates https://radiatest.openeuler.org<https://radiatest.openeuler.org/> 沐钰莹（openEuler release SIG） Mobile: +86 15651995918 中国(China)-杭州(Hangzhou)-滨江区江淑路360号华为杭州研发中心 HUAWEI , Jiangshu Road., Binjiang District, Hangzhou, P.R.China E-mail: muyuying1(a)huawei.com<mailto:muyuying1@huawei.com> [cid:image002.png@01D95F4C.8C3691C0]Open Source OS for Digital Infrastructure 本邮件及其附件含有华为公司的保密信息，仅限于发送给上面地址中列出的个人或群组。禁止任何其他人以任何形式使用（包括但不限于全部或部分地泄露、复制、或散发）本邮件中的信息。如果您错收了本邮件，请您立即电话或邮件通知发件人并删除本邮件！ This e-mail and its attachments contain confidential information from HUAWEI, which is intended only for the person or entity whose address is listed above. Any use of the information contained herein in any way (including, but not limited to, total or partial disclosure, reproduction, or dissemination) by persons other than the intended recipient(s) is prohibited. If you receive this e-mail in error, please notify the sender by phone or email immediately and delete it

1 0

openEuler update_20230322版本发布公告
by muyuying 26 Mar '23

26 Mar '23

Dear all，经社区Release SIG、QA SIG及 CICD SIG 评估，openEuler-20.03-LTS-SP1、openEuler-20.03-LTS-SP3及openEuler-22.03-LTS update版本满足版本出口质量，现进行发布公示。本公示分为五部分： 1、openEuler-20.03-LTS-SP1 Update 20230322发布情况及待修复缺陷 2、openEuler-20.03-LTS-SP3 Update 20230322发布情况及待修复缺陷 3、openEuler-22.03-LTS Update 20230322发布情况及待修复缺陷 4、openEuler-22.03-LTS-SP1 Update 20230322发布情况及待修复缺陷 5、openEuler 关键组件待修复CVE 清单 6、openEuler 社区指导文档及开放平台链接本次update版本发布后，下一个版本里程碑点（预计在2023/04/02）提供 update_ 20230329 版本。 openEuler-20.03-LTS-SP1 Update 20230322 经各SIG及社区开发者贡献，本周openEuler-20.03-LTS-SP1修复版本已知问题4个，已知漏洞4个。目前版本分支剩余待修复缺陷35个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP1 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I6OCCM?from=project-i… CVE修复： CVE 仓库 score CVE-2022-27337 poppler 6.5 CVE-2023-1073 kernel 6.3 CVE-2023-1095 kernel 5.5 CVE-2023-1264 vim 5.5 Bugfix： issue 仓库 #I6P8R2:udpate-20230322 json-c:enable DT json-c #I6E9D3:[openEuler-1.0-LTS] oom: decouple mems_allowed from oom_unkillable_task kernel #I6LJQB: 配置使用saslauthd+pam后鉴权长时间运行，saslauthd进程内打开文件失败 pam #I6P8V4:update20230322 Minor fix in the compatibility library gdbm openEuler-20.03-LTS-SP1版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1 https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1:Epol openEuler-20.03-LTS-SP1 Update版本发布源链接： https://repo.openeuler.org/openEuler-20.03-LTS-SP1/update/ https://repo.openeuler.org/openEuler-20.03-LTS-SP1/EPOL/update/ openEuler CVE 及安全公告公示链接： https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-20.03-LTS-SP1 Update版本待修复问题清单公示：任务ID 任务标题关联仓库 SIG I281C1 【fuzz】runtime error: libsass Base-service I437CR [SP1][arm/x86]obs-server包下11个服务启动关闭，出现报错 obs-server Others I43OSX [clamav] 执行clamscan --statistics pcre命令会出现error，但是最终返回码为0 clamav Others I48GIM 【20.03LTS SP1 update 210901】ovirt-cockpit-sso.service服务启动失败 ovirt-cockpit-sso oVirt I4G4A5 Undefine-shift in _bfd_safe_read_leb128 binutils Compiler I4G4B1 Integer overflow in print_vms_time binutils Compiler I4G4VY memleak in parse_gnu_debugaltlink binutils Compiler I4G4WF Heap-buffer-overflow in slurp_hppa_unwind_table binutils Compiler I4G4WW Use-after-free in make_qualified_name binutils Compiler I4G4X6 memleak in byte_get_little_endian binutils Compiler I4G4XF memleak in process_mips_specific binutils Compiler I4G4Y0 out-of-memory in vms_lib_read_index binutils Compiler I4G4YJ Heap-buffer-overflow in bfd_getl16 binutils Compiler I4G4YV Floating point exception in _bfd_vms_slurp_etir binutils Compiler I4J0OY 【20.03 SP1】【arm/x86】安装好libdap后，getdap4命令的-i和-k参数使用异常 libdap sig-recycle I4JMG4 【20.03 SP1】【arm/x86】robotframework包的三个命令：libdoc、rebot、robot执行--help/-h/-?/--version，查看帮助信息和版本信息，返回值为251 python-robotframework sig-ROS I4K6ES stack-buffer-overflow in UINT32_Marshal libtpms sig-security-facility I4K6FU global-buffer-overflow in Array_Marshal libtpms sig-security-facility I4O16Z 【SP1_update/arm】安装kernel-4.19.90-2108版本有错误提示信息 kernel Kernel I4QV6N 【openEuler-20.03-LTS-SP1】flink命令执行失败 flink sig-bigdata I5IG1V 【20.03-SP1】【x86/arm】epol源下的efl、efl-devel软件包安装报错，gpg检查失败 efl sig-compat-winapp I5IG6K 【20.03-SP1】【x86/arm】epol源下的opencryptoki、opencryptoki-devel软件包安装报错，gpg检查失败 opencryptoki dev-utils I5JHX2 【20.03 SP1 update 20220727】ovirt-engine在update 20220727版本安装失败 ovirt-engine oVirt I6975Y 【arm】--enable-bootstrap构建gcc失败 gcc Compiler I6AASB 【arm】【codedb】-O3 -fipa-struct-reorg=2编译AmberToolsICE: lto1: internal compiler error: rewrite failed for realloc gcc Compiler I6AZZU 【arm】【codedb】-O3 -fipa-struct-reorg=3运行bcftools应用Segmentation fault (core dumped) gcc Compiler I6CBNA 【20.03 sp1 udpate 0131 】netdata -W createdataset=10命令执行失败 netdata Base-service I6CKZE 【arm】【deja】使用22.03 LTS-SP1发布源gcc 出现编译ICE:during GIMPLE pass: reassoc:internal compiler error: Segmentation fault gcc Compiler I6DRDY 【x86】【spec2017】-O3 -fipa-struct-reorg=5编译子项失败 gcc Compiler I6DUTF [22.03sp1lts][arm/x86] obsredis.service服务启动失败 obs-server Others I6EUHB create_gcov在kernel6.1上执行报错 autofdo Compiler I6FQCO 【22.03-LTS-SP1】【x86/arm】opengauss缺少安装依赖lsof opengauss-server DB I6I438 【x86】【deja】汇编失败：unsupported masking for `vcvtps2ph' gcc Compiler I6I47O 【x86】【deja】运行出现Segmentation fault gcc Compiler I6O19D 【20.03 sp1 udpate 0315 】irb-jruby命令执行报错 jruby sig-ruby openEuler-20.03-LTS-SP3 Update 20230322 经各SIG及社区开发者贡献，本周openEuler-20.03-LTS-SP3修复版本已知问4个，已知漏洞5个。目前版本分支剩余待修复缺陷 12个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP3 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I6OCCO?from=project-i… CVE修复：需求类型软件包优先级 CVE-2020-10775 ovirt-engine 5.3 CVE-2022-27337 poppler 6.5 CVE-2023-1073 kernel 6.3 CVE-2023-1095 kernel 5.5 CVE-2023-1264 vim 5.5 Bugfix： issue 仓库 #I6P8R2:udpate-20230322 json-c:enable DT json-c #I6E9D3:[openEuler-1.0-LTS] oom: decouple mems_allowed from oom_unkillable_task kernel #I6LJQB: 配置使用saslauthd+pam后鉴权长时间运行，saslauthd进程内打开文件失败 pam #I6P8V4:update20230322 Minor fix in the compatibility library gdbm openEuler-20.03-LTS-SP3版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3 https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3:Epol openEuler-20.03-LTS-SP3 Update版本发布源链接： https://repo.openeuler.org/openEuler-20.03-LTS-SP3/update/ https://repo.openeuler.org/openEuler-20.03-LTS-SP3/EPOL/update/main/ openEuler CVE 及安全公告公示链接： https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-20.03-LTS-SP3 Update版本待修复问题清单公示：任务ID 任务标题关联仓库 SIG I4QV7S 【openEuler-20.03-LTS-SP3】flink run 命令执行失败 flink sig-bigdata I4UMEV [openEuler 20.03-LTS SP3]openEuler开启crash_kexec_post_notifiers后，panic通知链无法完全遍历 kernel Kernel I5IGAS 【20.03-SP3】【x86/arm】epol源下的opencryptoki、opencryptoki-devel软件包安装报错，gpg检查失败 opencryptoki dev-utils I5IGOR 【20.03-SP3】【x86/arm】epol源下的fluidsynth、fluidsynth-devel、fluidsynth-help软件包安装报错，gpg检查失败 fluidsynth Application I5KXUY 【20.03 LTS SP3 update 20220803】【arm/x86】ovirt-cockpit-sso.service服务启动失败 ovirt-cockpit-sso oVirt I5KY4S 【20.03 LTS SP3 update 20220803】【arm/x86】vdsmd.service服务启动失败，导致mom-vdsm.service服务无法启动成功 vdsm oVirt I5LYJK 【20.03-sp3_update20220801】【x86】对内核版进行升级后，TCP_option_address安装异常 TCP_option_address Kernel I5XDXJ openeuler：20.03-sp3下lua-lunit0.5和lua5.3不匹配 mugen sig-QA I613DI 【20.03 SP3】当前最新版本的kernel、 oec-hardware、 openEuler-release三个包同时安装，虚拟机启动失败 openEuler-release Base-service I61LEV 【20.03 LTS SP3】【arm/x86】安装oscilloscope，然后执行oscilloscope -h报错 tuna Others I66BBJ [20.03-LTS-SP3]/etc/yum.repos.d/openEuler.repo源中默认没有update的source源 openEuler-repos Base-service I6CBL7 【20.03 sp3 udpate 0131 】netdata -W createdataset=10命令执行失败 netdata Base-service openEuler-22.03-LTS Update 20230322 经各SIG及社区开发者贡献，本周openEuler-22.03-LTS修复版本已知问题6个，已知漏洞2个。目前版本分支剩余待修复缺陷8个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I6OCCP?from=project-i… CVE修复： CVE 仓库 score CVE-2022-27337 poppler 6.5 CVE-2023-1264 vim 5.5 Bugfix： issue 仓库 #I6DM2X:兼容-accel参数 stratovirt #I6OFGK:例行分析python-urllib3补丁，需要补丁回合 python-urllib3 #I6LJQB: 配置使用saslauthd+pam后鉴权长时间运行，saslauthd进程内打开文件失败 pam #I6P8V4:update20230322 Minor fix in the compatibility library gdbm #I5YM6P:openEuler 22.03 LTS Next版本python-chardet软件升级至5.0.0 python-chardet #I6NVPT:[OLK-5.10] 产品长稳测试中出现热补丁相关的hungtask<https://gitee.com/open_euler/dashboard?issue_id=I6NVPT> kernel openEuler-22.03-LTS版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:22.03:LTS https://build.openeuler.org/project/show/openEuler:22.03:LTS:Epol openEuler-22.03-LTS Update版本发布源链接： https://repo.openeuler.org/openEuler-22.03-LTS/update/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/main/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… openEuler-22.03-LTS Update版本待修复问题清单公示：任务ID 任务标题关联仓库 sig I5JIA6 【22.03 LTS update 20220727】ovirt-engine在update 20220727版本安装失败 ovirt-engine oVirt I5JPII 【22.03_update20220727】【x86/arm】ovirt-engine源码包本地自编译失败，缺少编译依赖ovirt-jboss-modules-maven-plugin ovirt-engine oVirt I665SM resize2fs出现csum不一致 kernel Kernel I66BDE [22.03-LTS]/etc/yum.repos.d/openEuler.repo源中默认没有update的source源 openEuler-repos Base-service I66KIH 【22.03 LTS update 20221214】【arm/x86】openstack-ironic-inspector.service服务stop失败 openstack-ironic-inspector sig-openstack I677QX 【22.03-LTS】【x86/arm】安装opengauss-server时报未找不着lsof命令错误 opengauss-server DB I6CBPQ 【22.03 lts udpate 0131 】netdata -W createdataset=10命令执行失败 netdata Base-service I6O1CK 【22.03 lts udpate 0315 】irb-jruby命令执行报错 jruby sig-ruby openEuler-22.03-LTS SP1 Update 20230322 经各SIG及社区开发者贡献，本周openEuler-22.03-LTS修复版本已知问题8个，已知漏洞5个。目前版本分支剩余待修复缺陷14个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS SP1 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I6OCCL?from=project-i… CVE修复： CVE 仓库 score CVE-2022-27337 poppler 6.5 CVE-2023-1264 vim 5.5 CVE-2023-1074 kernel 4.7 CVE-2023-1079 kernel 6.8 CVE-2023-1382 kernel 0 Bugfix： issue 仓库 #I6P9BJ:update20230322-update iputils to version 20221126 iputils #I6DM2X:兼容-accel参数 stratovirt #I6ORHV:【22.03_LTS_SP1】jemalloc版本需要从5.2.1升级到5.3.0 jemalloc #I6NY9Y:22.03-openEuler-LTS-SP1升级zbar，通过升级合入上游社区修复的一系列问题 zbar #I6OFGK:例行分析python-urllib3补丁，需要补丁回合 python-urllib3 #I6LJQB: 配置使用saslauthd+pam后鉴权长时间运行，saslauthd进程内打开文件失败 pam #I6P8V4:update20230322 Minor fix in the compatibility library gdbm #I6NVPT:[OLK-5.10] 产品长稳测试中出现热补丁相关的hungtask kernel openEuler-22.03-LTS SP1版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:22.03:LTS https://build.openeuler.org/project/show/openEuler:22.03:LTS:Epol openEuler-22.03-LTS SP1 Update版本发布源链接： https://repo.openeuler.org/openEuler-22.03-LTS/update/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/main/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… openEuler-22.03-LTS SP1 Update版本待修复问题清单公示：任务ID 任务标题关联仓库 sig I657VX 【22.03_LTS_SP1_RC2】【x86/arm】deepin-dbus-generator不存在安全的编译选项PIE、STRIP deepin-dbus-generator sig-DDE I657W0 【22.03_LTS_SP1_RC2】【x86/arm】deepin-editor存在不安全的编译选项STRIP deepin-editor sig-DDE I657W3 【22.03_LTS_SP1_RC2】【x86/arm】deepin-graphics-driver-manager存在不安全的编译选项STRIP deepin-graphics-driver-manager sig-DDE I6975Y 【arm】--enable-bootstrap构建gcc失败 gcc Compiler I6AASB 【arm】【codedb】-O3 -fipa-struct-reorg=2编译AmberToolsICE: lto1: internal compiler error: rewrite failed for realloc gcc Compiler I6AZZU 【arm】【codedb】-O3 -fipa-struct-reorg=3运行bcftools应用Segmentation fault (core dumped) gcc Compiler I6CBPN 【22.03 lts sp1 udpate 0131 】netdata -W createdataset=10命令执行失败 netdata Base-service I6CKZE 【arm】【deja】使用22.03 LTS-SP1发布源gcc 出现编译ICE:during GIMPLE pass: reassoc:internal compiler error: Segmentation fault gcc Compiler I6DRDY 【x86】【spec2017】-O3 -fipa-struct-reorg=5编译子项失败 gcc Compiler I6DUTF [22.03sp1lts][arm/x86] obsredis.service服务启动失败 obs-server Others I6EUHB create_gcov在kernel6.1上执行报错 autofdo Compiler I6FQCO 【22.03-LTS-SP1】【x86/arm】opengauss缺少安装依赖lsof opengauss-server DB I6I438 【x86】【deja】汇编失败：unsupported masking for `vcvtps2ph' gcc Compiler I6I47O 【x86】【deja】运行出现Segmentation fault gcc Compiler 社区待修复漏洞： openEuler社区根据漏洞严重等级采取差异化的修复策略，请各个SIG 关注涉及CVE组件的修复情况。严重等级（Severity Rating）漏洞修复时长致命（Critical） 7天高（High） 14天中（Medium） 30天低（Low） 30天可参考社区安全委员会漏洞：https://gitee.com/openeuler/security-committee/wikis/%E7%A4%BE… 近14天将超期CVE（3.25日数据）: 漏洞编号 Issue ID 剩余天数 CVSS评分软件包责任SIG CVE-2022-48423 I6OD4U 1.61 9.8 kernel Kernel CVE-2021-3329 I6HUIN 3.0 6.5 zephyr 　 CVE-2023-1076 I6I7UH 4.37 4.7 risc-v-kernel sig-RISC-V CVE-2023-1079 I6I7UE 4.37 0.0 risc-v-kernel sig-RISC-V CVE-2023-1074 I6I7UD 4.37 4.7 risc-v-kernel sig-RISC-V CVE-2023-1075 I6I7U8 4.37 0.0 risc-v-kernel sig-RISC-V CVE-2023-20860 I6PDX0 4.6 9.1 springframework sig-Java CVE-2023-28466 I6NIUR 4.61 7.0 kernel Kernel CVE-2023-28466 I6NIUL 4.61 7.0 risc-v-kernel sig-RISC-V CVE-2023-27781 I6NIU2 4.61 7.8 jpegoptim Application CVE-2023-1095 I6IK9V 5.25 5.5 risc-v-kernel sig-RISC-V CVE-2023-1018 I6IKCI 5.5 5.5 libtpms sig-security-facility CVE-2020-12413 I6IKCQ 5.52 5.9 firefox Application CVE-2023-22997 I6IKXC 5.6 5.5 risc-v-kernel sig-RISC-V CVE-2023-22998 I6IKWZ 5.6 5.5 risc-v-kernel sig-RISC-V CVE-2023-22999 I6IKWS 5.6 5.5 kernel Kernel CVE-2023-22996 I6IKWQ 5.6 5.5 risc-v-kernel sig-RISC-V CVE-2023-22997 I6IKWJ 5.6 5.5 kernel Kernel CVE-2023-22998 I6IKWF 5.6 5.5 kernel Kernel CVE-2023-22999 I6IKXV 5.61 5.5 risc-v-kernel sig-RISC-V CVE-2023-25155 I6IRPL 5.87 6.5 redis Others CVE-2023-25155 I6IRP9 5.87 6.5 redis6 sig-bigdata CVE-2023-25155 I6IROQ 5.87 6.5 redis5 sig-bigdata CVE-2022-36021 I6IRS4 5.88 5.5 redis Others CVE-2022-36021 I6IRRY 5.88 5.5 redis6 sig-bigdata CVE-2022-36021 I6IRRU 5.88 5.5 redis5 sig-bigdata CVE-2019-14576 I6ISX4 5.92 0.0 edk2 Virt CVE-2019-14561 I6ISWY 5.92 0.0 edk2 Virt CVE-2023-22462 I6ITUB 5.95 5.4 grafana Application CVE-2023-27594 I6O472 6.19 7.3 cilium sig-high-performance-network CVE-2023-0594 I6IVYK 6.25 5.4 grafana Application CVE-2023-0507 I6IVYI 6.25 5.4 grafana Application CVE-2023-23004 I6IXRY 6.65 5.5 risc-v-kernel sig-RISC-V CVE-2023-23006 I6IXRQ 6.65 5.5 risc-v-kernel sig-RISC-V CVE-2023-23002 I6IXRB 6.65 5.5 risc-v-kernel sig-RISC-V CVE-2023-23005 I6IXQX 6.65 5.5 risc-v-kernel sig-RISC-V CVE-2023-23004 I6IXPT 6.65 5.5 kernel Kernel CVE-2023-23006 I6IXPJ 6.65 5.5 kernel Kernel CVE-2023-23002 I6IXOH 6.65 5.5 kernel Kernel CVE-2023-23005 I6IXO8 6.65 5.5 kernel Kernel CVE-2023-23001 I6IXNW 6.65 5.5 kernel Kernel CVE-2023-1161 I6JJJE 8.25 6.5 wireshark Application CVE-2022-48425 I6OD5R 8.61 7.8 kernel Kernel CVE-2022-48424 I6OD4P 8.61 7.8 kernel Kernel CVE-2023-1281 I6OP9S 9.51 7.8 kernel Kernel CVE-2023-27586 I6OW3B 9.87 7.1 python-cairosvg 　 CVE-2022-41725 I6OXZH 9.93 7.5 golang sig-golang CVE-2022-41724 I6OXZB 9.93 7.5 golang sig-golang CVE-2022-41723 I6OXYJ 9.93 7.5 golang sig-golang CVE-2019-10358 I6K7LN 10.87 6.5 maven2 sig-Java CVE-2017-1000397 I6K7IR 10.87 5.9 maven2 sig-Java CVE-2023-1194 I6KDP0 11.12 0.0 risc-v-kernel sig-RISC-V CVE-2023-1195 I6KDOZ 11.12 0.0 risc-v-kernel sig-RISC-V CVE-2023-1192 I6KDQD 11.13 0.0 risc-v-kernel sig-RISC-V CVE-2023-1192 I6KDP1 11.13 0.0 kernel Kernel CVE-2023-1193 I6KEWP 11.25 0.0 risc-v-kernel sig-RISC-V CVE-2023-1193 I6KEWO 11.25 6.5 kernel Kernel CVE-2023-1249 I6KT9F 12.12 0.0 risc-v-kernel sig-RISC-V CVE-2023-1249 I6KT9C 12.12 4.1 kernel Kernel CVE-2023-1252 I6KTT3 12.25 0.0 risc-v-kernel sig-RISC-V CVE-2023-1108 I6KVMO 12.63 0.0 undertow sig-Java CVE-2023-27478 I6KWN7 12.66 6.5 libmemcached Programming-language CVE-2022-39188 I5QVT3 13.81 4.7 kernel Kernel openEuler 社区指导文档及开放平台链接： openEuler 版本分支维护规范： https://gitee.com/openeuler/release-management/blob/master/openEuler%E7%89%… openEuler release-management 版本分支PR指导： https://gitee.com/openeuler/release-management/blob/master/openEuler%E5%BC%… 社区QA 版本测试提单规范 https://gitee.com/openeuler/QA/blob/839f952696f271f83c018ccf3218cf493b92d65… 社区QA 测试平台 radiates https://radiatest.openeuler.org<https://radiatest.openeuler.org/> 沐钰莹（openEuler release SIG） Mobile: +86 15651995918 中国(China)-杭州(Hangzhou)-滨江区江淑路360号华为杭州研发中心 HUAWEI , Jiangshu Road., Binjiang District, Hangzhou, P.R.China E-mail: muyuying1(a)huawei.com<mailto:muyuying1@huawei.com> [cid:image002.png@01D95F4C.8C3691C0]Open Source OS for Digital Infrastructure 本邮件及其附件含有华为公司的保密信息，仅限于发送给上面地址中列出的个人或群组。禁止任何其他人以任何形式使用（包括但不限于全部或部分地泄露、复制、或散发）本邮件中的信息。如果您错收了本邮件，请您立即电话或邮件通知发件人并删除本邮件！ This e-mail and its attachments contain confidential information from HUAWEI, which is intended only for the person or entity whose address is listed above. Any use of the information contained herein in any way (including, but not limited to, total or partial disclosure, reproduction, or dissemination) by persons other than the intended recipient(s) is prohibited. If you receive this e-mail in error, please notify the sender by phone or email immediately and delete it

1 0

openEuler update_20230315版本发布公告
by muyuying 19 Mar '23

19 Mar '23

Dear all，经社区Release SIG、QA SIG及 CICD SIG 评估，openEuler-20.03-LTS-SP1、openEuler-20.03-LTS-SP3及openEuler-22.03-LTS update版本满足版本出口质量，现进行发布公示。本公示分为五部分： 1、openEuler-20.03-LTS-SP1 Update 20230315发布情况及待修复缺陷 2、openEuler-20.03-LTS-SP3 Update 20230315发布情况及待修复缺陷 3、openEuler-22.03-LTS Update 20230315发布情况及待修复缺陷 4、openEuler-22.03-LTS-SP1 Update 20230315发布情况及待修复缺陷 5、openEuler 关键组件待修复CVE 清单 6、openEuler 社区指导文档及开放平台链接本次update版本发布后，下一个版本里程碑点（预计在2023/03/26）提供 update_ 20230322 版本。 openEuler-20.03-LTS-SP1 Update 20230315 经各SIG及社区开发者贡献，本周openEuler-20.03-LTS-SP1修复版本已知问题4个，已知漏洞23个。目前版本分支剩余待修复缺陷38个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP1 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I6MFEQ?from=project-i… CVE修复： CVE 仓库 score CVE-2022-40899 future 7.5 CVE-2023-26253 glusterfs 7.5 CVE-2023-27522 httpd 5.9 CVE-2023-25690 httpd 7.5 CVE-2022-25857 snakeyaml 7.5 CVE-2022-38749 snakeyaml 6.5 CVE-2022-38750 snakeyaml 5.5 CVE-2022-38751 snakeyaml 6.5 CVE-2022-38752 snakeyaml 6.5 CVE-2022-41854 snakeyaml 6.5 CVE-2023-20938 kernel 8.8 CVE-2023-0461 kernel 7.8 CVE-2023-1074 kernel 4.7 CVE-2023-1078 kernel 7.8 CVE-2023-1076 kernel 4.7 CVE-2023-1118 kernel 7.8 CVE-2023-26604 systemd 7.8 CVE-2023-1170 vim 7.8 CVE-2023-1175 vim 7.3 CVE-2023-27371 libmicrohttpd 7.5 CVE-2023-26545 kernel 7.8 CVE-2023-20052 clamav 5.3 CVE-2023-20032 clamav 9.8 Bugfix： issue 仓库 #I6LHB0:修复由于snakeyaml升级到1.32版本导致jruby编译失败 jruby #I6LHBA:修复由于snakeyaml升级到1.32版本导致polyglot编译失败 polyglot #I6561X:软件包参数问题 netsniff-ng #I643OL:【openEuler 2003 LTS】【openEuler-1.0-LTS】 [内核] [kernfs] [block] 测试iscsi中blk层宕机 kernel openEuler-20.03-LTS-SP1版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1 https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1:Epol openEuler-20.03-LTS-SP1 Update版本发布源链接： https://repo.openeuler.org/openEuler-20.03-LTS-SP1/update/ https://repo.openeuler.org/openEuler-20.03-LTS-SP1/EPOL/update/ openEuler CVE 及安全公告公示链接： https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-20.03-LTS-SP1 Update版本待修复问题清单公示：任务ID 任务标题关联仓库 SIG I281C1 【fuzz】runtime error: libsass Base-service I437CR [SP1][arm/x86]obs-server包下11个服务启动关闭，出现报错 obs-server Others I43OSX [clamav] 执行clamscan --statistics pcre命令会出现error，但是最终返回码为0 clamav Others I48GIM 【20.03LTS SP1 update 210901】ovirt-cockpit-sso.service服务启动失败 ovirt-cockpit-sso oVirt I4G4A5 Undefine-shift in _bfd_safe_read_leb128 binutils Compiler I4G4B1 Integer overflow in print_vms_time binutils Compiler I4G4VY memleak in parse_gnu_debugaltlink binutils Compiler I4G4WF Heap-buffer-overflow in slurp_hppa_unwind_table binutils Compiler I4G4WW Use-after-free in make_qualified_name binutils Compiler I4G4X6 memleak in byte_get_little_endian binutils Compiler I4G4XF memleak in process_mips_specific binutils Compiler I4G4Y0 out-of-memory in vms_lib_read_index binutils Compiler I4G4YJ Heap-buffer-overflow in bfd_getl16 binutils Compiler I4G4YV Floating point exception in _bfd_vms_slurp_etir binutils Compiler I4J0OY 【20.03 SP1】【arm/x86】安装好libdap后，getdap4命令的-i和-k参数使用异常 libdap sig-recycle I4JMG4 【20.03 SP1】【arm/x86】robotframework包的三个命令：libdoc、rebot、robot执行--help/-h/-?/--version，查看帮助信息和版本信息，返回值为251 python-robotframework sig-ROS I4K6ES stack-buffer-overflow in UINT32_Marshal libtpms sig-security-facility I4K6FU global-buffer-overflow in Array_Marshal libtpms sig-security-facility I4O16Z 【SP1_update/arm】安装kernel-4.19.90-2108版本有错误提示信息 kernel Kernel I4QV6N 【openEuler-20.03-LTS-SP1】flink命令执行失败 flink sig-bigdata I5IG1V 【20.03-SP1】【x86/arm】epol源下的efl、efl-devel软件包安装报错，gpg检查失败 efl sig-compat-winapp I5IG6K 【20.03-SP1】【x86/arm】epol源下的opencryptoki、opencryptoki-devel软件包安装报错，gpg检查失败 opencryptoki dev-utils I5JHX2 【20.03 SP1 update 20220727】ovirt-engine在update 20220727版本安装失败 ovirt-engine oVirt I6975Y 【arm】--enable-bootstrap构建gcc失败 gcc Compiler I6AASB 【arm】【codedb】-O3 -fipa-struct-reorg=2编译AmberToolsICE: lto1: internal compiler error: rewrite failed for realloc gcc Compiler I6AZZU 【arm】【codedb】-O3 -fipa-struct-reorg=3运行bcftools应用Segmentation fault (core dumped) gcc Compiler I6CBNA 【20.03 sp1 udpate 0131 】netdata -W createdataset=10命令执行失败 netdata Base-service I6CKZE 【arm】【deja】使用22.03 LTS-SP1发布源gcc 出现编译ICE:during GIMPLE pass: reassoc:internal compiler error: Segmentation fault gcc Compiler I6DRDY 【x86】【spec2017】-O3 -fipa-struct-reorg=5编译子项失败 gcc Compiler I6DUTF [22.03sp1lts][arm/x86] obsredis.service服务启动失败 obs-server Others I6EUHB create_gcov在kernel6.1上执行报错 autofdo Compiler I6FQCO 【22.03-LTS-SP1】【x86/arm】opengauss缺少安装依赖lsof opengauss-server DB I6I438 【x86】【deja】汇编失败：unsupported masking for `vcvtps2ph' gcc Compiler I6I47O 【x86】【deja】运行出现Segmentation fault gcc Compiler I6ISTD [22.03-sp1]执行iscsiadm -m node -p 127.0.0.1 -u命令失败，内核报错 kernel Kernel I6I438 【x86】【deja】汇编失败：unsupported masking for `vcvtps2ph' gcc Compiler I6I47O 【x86】【deja】运行出现Segmentation fault gcc Compiler I6ISTD [22.03-sp1]执行iscsiadm -m node -p 127.0.0.1 -u命令失败，内核报错 kernel Kernel openEuler-20.03-LTS-SP3 Update 20230315 经各SIG及社区开发者贡献，本周openEuler-20.03-LTS-SP3修复版本已知问4个，已知漏洞23个。目前版本分支剩余待修复缺陷 11个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP3 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I6MFER?from=project-i… CVE修复：需求类型软件包优先级 CVE-2023-27371 libmicrohttpd 7.5 CVE-2022-40899 future 7.5 CVE-2023-27522 httpd 5.9 CVE-2023-25690 httpd 7.5 CVE-2022-25857 snakeyaml 7.5 CVE-2022-38749 snakeyaml 6.5 CVE-2022-38750 snakeyaml 5.5 CVE-2022-38751 snakeyaml 6.5 CVE-2022-38752 snakeyaml 6.5 CVE-2022-41854 snakeyaml 6.5 CVE-2023-20938 kernel 8.8 CVE-2023-0461 kernel 7.8 CVE-2023-1074 kernel 4.7 CVE-2023-1078 kernel 7.8 CVE-2023-1076 kernel 4.7 CVE-2023-1118 kernel 7.8 CVE-2023-26604 systemd 7.8 CVE-2023-1170 vim 7.8 CVE-2023-1175 vim 7.3 CVE-2023-26253 glusterfs 7.5 CVE-2023-26545 kernel 7.8 CVE-2023-20052 clamav 5.3 CVE-2023-20032 clamav 9.8 Bugfix： issue 仓库 #I6LHB0:修复由于snakeyaml升级到1.32版本导致jruby编译失败 jruby #I6LHBA:修复由于snakeyaml升级到1.32版本导致polyglot编译失败 polyglot #I6561X:软件包参数问题 netsniff-ng #I643OL:【openEuler 2003 LTS】【openEuler-1.0-LTS】 [内核] [kernfs] [block] 测试iscsi中blk层宕机 kernel openEuler-20.03-LTS-SP3版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3 https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3:Epol openEuler-20.03-LTS-SP3 Update版本发布源链接： https://repo.openeuler.org/openEuler-20.03-LTS-SP3/update/ https://repo.openeuler.org/openEuler-20.03-LTS-SP3/EPOL/update/main/ openEuler CVE 及安全公告公示链接： https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-20.03-LTS-SP3 Update版本待修复问题清单公示：任务ID 任务标题关联仓库 SIG I4QV7S 【openEuler-20.03-LTS-SP3】flink run 命令执行失败 flink sig-bigdata I5IGAS 【20.03-SP3】【x86/arm】epol源下的opencryptoki、opencryptoki-devel软件包安装报错，gpg检查失败 opencryptoki dev-utils I5IGOR 【20.03-SP3】【x86/arm】epol源下的fluidsynth、fluidsynth-devel、fluidsynth-help软件包安装报错，gpg检查失败 fluidsynth Application I5KXUY 【20.03 LTS SP3 update 20220803】【arm/x86】ovirt-cockpit-sso.service服务启动失败 ovirt-cockpit-sso oVirt I5KY4S 【20.03 LTS SP3 update 20220803】【arm/x86】vdsmd.service服务启动失败，导致mom-vdsm.service服务无法启动成功 vdsm oVirt I5LYJK 【20.03-sp3_update20220801】【x86】对内核版进行升级后，TCP_option_address安装异常 TCP_option_address Kernel I5XDXJ openeuler：20.03-sp3下lua-lunit0.5和lua5.3不匹配 mugen sig-QA I613DI 【20.03 SP3】当前最新版本的kernel、 oec-hardware、 openEuler-release三个包同时安装，虚拟机启动失败 openEuler-release Base-service I61LEV 【20.03 LTS SP3】【arm/x86】安装oscilloscope，然后执行oscilloscope -h报错 tuna Others I66BBJ [20.03-LTS-SP3]/etc/yum.repos.d/openEuler.repo源中默认没有update的source源 openEuler-repos Base-service I6CBL7 【20.03 sp3 udpate 0131 】netdata -W createdataset=10命令执行失败 netdata Base-service openEuler-22.03-LTS Update 20230315 经各SIG及社区开发者贡献，本周openEuler-22.03-LTS修复版本已知问题6个，已知漏洞24个。目前版本分支剩余待修复缺陷9个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I6MFES?from=project-i… CVE修复： CVE 仓库 score CVE-2023-27320 sudo 1 CVE-2023-27371 libmicrohttpd 7.5 CVE-2022-40899 future 7.5 CVE-2023-1170 vim 7.8 CVE-2023-1175 vim 7.3 CVE-2022-25857 snakeyaml 7.5 CVE-2022-38749 snakeyaml 6.5 CVE-2022-38750 snakeyaml 5.5 CVE-2022-38752 snakeyaml 6.5 CVE-2022-41854 snakeyaml 6.5 CVE-2023-20938 kernel 8.8 CVE-2023-0461 kernel 7.8 CVE-2023-1075 kernel 2.5 CVE-2023-1078 kernel 7.8 CVE-2023-1076 kernel 4.7 CVE-2023-22995 kernel 7.8 CVE-2023-1118 kernel 7.8 CVE-2023-27522 httpd 5.9 CVE-2023-25690 httpd 7.5 CVE-2023-26253 glusterfs 7.5 CVE-2023-26545 kernel 7.8 CVE-2022-38751 snakeyaml 6.5 CVE-2023-20052 clamav 5.3 CVE-2023-20032 clamav 9.8 Bugfix： issue 仓库 #I6LBTJ:2203LTS版本的python3-paramiko包,通过RSA秘钥远程ssh验证报错,请求升级至2.11.0或2.11.0以后版本 python-paramiko #I6KPA0:postfix 安装后 postfix.pem 证书有效期小于1年 postfix #I6LHB0:修复由于snakeyaml升级到1.32版本导致jruby编译失败 jruby #I6LHBA:修复由于snakeyaml升级到1.32版本导致polyglot编译失败 polyglot #I6LNLJ:例行分析dnf补丁，需要补丁回合 dnf #I6561X:软件包参数问题 netsniff-ng openEuler-22.03-LTS版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:22.03:LTS https://build.openeuler.org/project/show/openEuler:22.03:LTS:Epol openEuler-22.03-LTS Update版本发布源链接： https://repo.openeuler.org/openEuler-22.03-LTS/update/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/main/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… openEuler-22.03-LTS Update版本待修复问题清单公示：任务ID 任务标题关联仓库 SIG I5JIA6 【22.03 LTS update 20220727】ovirt-engine在update 20220727版本安装失败 ovirt-engine oVirt I5JPII 【22.03_update20220727】【x86/arm】ovirt-engine源码包本地自编译失败，缺少编译依赖ovirt-jboss-modules-maven-plugin ovirt-engine oVirt I665SM resize2fs出现csum不一致 kernel Kernel I66BDE [22.03-LTS]/etc/yum.repos.d/openEuler.repo源中默认没有update的source源 openEuler-repos Base-service I66KIH 【22.03 LTS update 20221214】【arm/x86】openstack-ironic-inspector.service服务stop失败 openstack-ironic-inspector sig-openstack I677QX 【22.03-LTS】【x86/arm】安装opengauss-server时报未找不着lsof命令错误 opengauss-server DB I6AG88 【22.03-LTS】【arm/x86】nvwa第一次卸载时有异常报错信息 nvwa sig-ops I6AGEG 【22.03-LTS-SP1】【arm/x86】nvwa第一次卸载时有异常报错信息 nvwa sig-ops I6CBPQ 【22.03 lts udpate 0131 】netdata -W createdataset=10命令执行失败 netdata Base-service openEuler-22.03-LTS SP1 Update 20230315 经各SIG及社区开发者贡献，本周openEuler-22.03-LTS修复版本已知问题11个，已知漏洞26个。目前版本分支剩余待修复缺陷14个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS SP1 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I6MFEP?from=project-i… CVE修复： CVE 仓库 score CVE-2023-26081 epiphany 7.5 CVE-2023-26253 glusterfs 7.5 CVE-2022-38749 snakeyaml 6.5 CVE-2022-38750 snakeyaml 5.5 CVE-2022-38751 snakeyaml 6.5 CVE-2022-38752 snakeyaml 6.5 CVE-2022-41854 snakeyaml 6.5 CVE-2023-27320 sudo 1 CVE-2023-27522 httpd 5.9 CVE-2023-25690 httpd 7.5 CVE-2022-3560 pesign 5.5 CVE-2023-20938 kernel 8.8 CVE-2023-0461 kernel 7.8 CVE-2023-26607 kernel 7.1 CVE-2023-1075 kernel 2.5 CVE-2023-1078 kernel 7.8 CVE-2023-1076 kernel 4.7 CVE-2023-22995 kernel 7.8 CVE-2023-1118 kernel 7.8 CVE-2023-1175 vim 7.3 CVE-2023-1170 vim 7.8 CVE-2023-27371 libmicrohttpd 7.5 CVE-2023-26545 kernel 7.8 CVE-2022-40899 future 7.5 CVE-2023-20052 clamav 5.3 CVE-2023-20032 clamav 9.8 Bugfix： issue 仓库 #I6J86M:repo python-lit-15.0.7-1源码包 python-lit #I6K0AO:gala-gopher升级到1.0.2版本 gala-gopher #I6KPA0:postfix 安装后 postfix.pem 证书有效期小于1年 postfix #I6MR9A:例行回合社区补丁 efibootmgr #I6LNLJ:例行分析dnf补丁，需要补丁回合 dnf #I6561X:软件包参数问题 netsniff-ng #I6LHB0:修复由于snakeyaml升级到1.32版本导致jruby编译失败 jruby #I6LHBA:修复由于snakeyaml升级到1.32版本导致polyglot编译失败 polyglot #I6NF3Y:update_0315补充clang对c、c++代码编译功能，需要补充libcxx、libcxxabi、llvm-libunwind三款软件 libcxx #I6NF4V:udapte-0315补充clang对c、c++代码编译功能，需要补充libcxx、libcxxabi、llvm-libunwind三款软件 libcxxabi #I6NF5I:update-0315 补充clang对c、c++代码编译功能，需要补充libcxx、libcxxabi、llvm-libunwind三款软件 llvm-libunwind openEuler-22.03-LTS SP1版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:22.03:LTS https://build.openeuler.org/project/show/openEuler:22.03:LTS:Epol openEuler-22.03-LTS SP1 Update版本发布源链接： https://repo.openeuler.org/openEuler-22.03-LTS/update/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/main/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… openEuler-22.03-LTS SP1 Update版本待修复问题清单公示：任务ID 任务标题关联仓库 SIG I6975Y 【arm】--enable-bootstrap构建gcc失败 gcc Compiler I6AASB 【arm】【codedb】-O3 -fipa-struct-reorg=2编译AmberToolsICE: lto1: internal compiler error: rewrite failed for realloc gcc Compiler I6AGEG 【22.03-LTS-SP1】【arm/x86】nvwa第一次卸载时有异常报错信息 nvwa sig-ops I6AZZU 【arm】【codedb】-O3 -fipa-struct-reorg=3运行bcftools应用Segmentation fault (core dumped) gcc Compiler I6CBPN 【22.03 lts sp1 udpate 0131 】netdata -W createdataset=10命令执行失败 netdata Base-service I6CKRQ 【22.03 SP1 update20230201】【arm/x86】ceph-selinux卸载过程中有异常打印信息 ceph sig-ceph I6CKZE 【arm】【deja】使用22.03 LTS-SP1发布源gcc 出现编译ICE:during GIMPLE pass: reassoc:internal compiler error: Segmentation fault gcc Compiler I6DRDY 【x86】【spec2017】-O3 -fipa-struct-reorg=5编译子项失败 gcc Compiler I6DUTF [22.03sp1lts][arm/x86] obsredis.service服务启动失败 obs-server Others I6EUHB create_gcov在kernel6.1上执行报错 autofdo Compiler I6FQCO 【22.03-LTS-SP1】【x86/arm】opengauss缺少安装依赖lsof opengauss-server DB I6I438 【x86】【deja】汇编失败：unsupported masking for `vcvtps2ph' gcc Compiler I6I47O 【x86】【deja】运行出现Segmentation fault gcc Compiler I6ISTD [22.03-sp1]执行iscsiadm -m node -p 127.0.0.1 -u命令失败，内核报错 kernel Kernel 社区待修复漏洞： openEuler社区根据漏洞严重等级采取差异化的修复策略，请各个SIG 关注涉及CVE组件的修复情况。严重等级（Severity Rating）漏洞修复时长致命（Critical） 7天高（High） 14天中（Medium） 30天低（Low） 30天可参考社区安全委员会漏洞：https://gitee.com/openeuler/security-committee/wikis/%E7%A4%BE… 近14天将超期CVE（3.19日数据）: 漏洞编号 Issue ID 剩余天数 CVSS评分软件包责任SIG CVE-2023-0662 I6FWA8 0.13 5.3 php Base-service CVE-2023-0567 I6FXSZ 0.2 6.2 php Base-service CVE-2019-17003 I6FZ58 0.45 6.1 thunderbird sig-desktop-apps CVE-2023-23039 I6H8H5 6.02 5.7 risc-v-kernel sig-RISC-V CVE-2021-33367 I6H8GO 6.02 5.5 freeimage dev-utils CVE-2023-26464 I6MI3U 7.87 7.5 log4j12 Application CVE-2021-3329 I6HUIN 9.2 6.5 zephyr 　 CVE-2023-1055 I6I76Q 10.33 5.5 three-eight-nine-ds-base Application CVE-2023-1076 I6I7UH 10.58 4.7 risc-v-kernel sig-RISC-V CVE-2023-1079 I6I7UE 10.58 0.0 risc-v-kernel sig-RISC-V CVE-2023-1074 I6I7UD 10.58 4.7 risc-v-kernel sig-RISC-V CVE-2023-1079 I6I7U9 10.58 6.8 kernel Kernel CVE-2023-1075 I6I7U8 10.58 0.0 risc-v-kernel sig-RISC-V CVE-2023-1075 I6I7U2 10.58 2.5 kernel Kernel CVE-2023-24533 I6LIQ9 10.8 7.5 golang sig-golang CVE-2023-27781 I6NIU2 10.81 7.8 jpegoptim Application CVE-2023-1073 I6IFV4 11.12 6.3 kernel Kernel CVE-2023-1095 I6IK9V 11.45 5.5 risc-v-kernel sig-RISC-V CVE-2023-1095 I6IK9U 11.45 5.5 kernel Kernel CVE-2023-1018 I6IKCI 11.7 5.5 libtpms sig-security-facility CVE-2020-12413 I6IKCQ 11.72 5.9 firefox Application CVE-2023-22999 I6IKXV 11.81 5.5 risc-v-kernel sig-RISC-V CVE-2023-22997 I6IKXC 11.81 5.5 risc-v-kernel sig-RISC-V CVE-2023-22998 I6IKWZ 11.81 5.5 risc-v-kernel sig-RISC-V CVE-2023-22999 I6IKWS 11.81 5.5 kernel Kernel CVE-2023-22996 I6IKWQ 11.81 5.5 risc-v-kernel sig-RISC-V CVE-2023-22997 I6IKWJ 11.81 5.5 kernel Kernel CVE-2023-22998 I6IKWF 11.81 5.5 kernel Kernel CVE-2023-22996 I6IKWB 11.81 5.5 kernel Kernel CVE-2022-36021 I6IRS4 12.08 5.5 redis Others CVE-2022-36021 I6IRRY 12.08 5.5 redis6 sig-bigdata CVE-2022-36021 I6IRRU 12.08 5.5 redis5 sig-bigdata CVE-2023-25155 I6IRPL 12.08 6.5 redis Others CVE-2023-25155 I6IRP9 12.08 6.5 redis6 sig-bigdata CVE-2023-25155 I6IROQ 12.08 6.5 redis5 sig-bigdata CVE-2019-14576 I6ISX4 12.12 0.0 edk2 Virt CVE-2019-14561 I6ISWY 12.12 0.0 edk2 Virt CVE-2023-22462 I6ITUB 12.16 5.4 grafana Application CVE-2023-0594 I6IVYK 12.45 5.4 grafana Application CVE-2023-0507 I6IVYI 12.45 5.4 grafana Application CVE-2023-23004 I6IXRY 12.85 5.5 risc-v-kernel sig-RISC-V CVE-2023-23006 I6IXRQ 12.85 5.5 risc-v-kernel sig-RISC-V CVE-2023-23002 I6IXRB 12.85 5.5 risc-v-kernel sig-RISC-V CVE-2023-23005 I6IXQX 12.85 5.5 risc-v-kernel sig-RISC-V CVE-2023-23004 I6IXPT 12.85 5.5 kernel Kernel CVE-2023-23006 I6IXPJ 12.85 5.5 kernel Kernel CVE-2023-23002 I6IXOH 12.85 5.5 kernel Kernel CVE-2023-23005 I6IXO8 12.85 5.5 kernel Kernel CVE-2023-23001 I6IXNW 12.85 5.5 kernel Kernel CVE-2022-39188 I5QVT3 13.81 4.7 kernel Kernel CVE-2023-1161 I6JJJE 14.45 6.5 wireshark Application openEuler 社区指导文档及开放平台链接： openEuler 版本分支维护规范： https://gitee.com/openeuler/release-management/blob/master/openEuler%E7%89%… openEuler release-management 版本分支PR指导： https://gitee.com/openeuler/release-management/blob/master/openEuler%E5%BC%… 社区QA 版本测试提单规范 https://gitee.com/openeuler/QA/blob/839f952696f271f83c018ccf3218cf493b92d65… 社区QA 测试平台 radiates https://radiatest.openeuler.org<https://radiatest.openeuler.org/> 沐钰莹（openEuler release SIG） Mobile: +86 15651995918 中国(China)-杭州(Hangzhou)-滨江区江淑路360号华为杭州研发中心 HUAWEI , Jiangshu Road., Binjiang District, Hangzhou, P.R.China E-mail: muyuying1(a)huawei.com<mailto:muyuying1@huawei.com> [cid:image004.png@01D95A6A.D96776D0]Open Source OS for Digital Infrastructure 本邮件及其附件含有华为公司的保密信息，仅限于发送给上面地址中列出的个人或群组。禁止任何其他人以任何形式使用（包括但不限于全部或部分地泄露、复制、或散发）本邮件中的信息。如果您错收了本邮件，请您立即电话或邮件通知发件人并删除本邮件！ This e-mail and its attachments contain confidential information from HUAWEI, which is intended only for the person or entity whose address is listed above. Any use of the information contained herein in any way (including, but not limited to, total or partial disclosure, reproduction, or dissemination) by persons other than the intended recipient(s) is prohibited. If you receive this e-mail in error, please notify the sender by phone or email immediately and delete it

1 0

openEuler update_20230308版本发布公告
by muyuying 12 Mar '23

12 Mar '23

Dear all，经社区Release SIG、QA SIG及 CICD SIG 评估，openEuler-20.03-LTS-SP1、openEuler-20.03-LTS-SP3及openEuler-22.03-LTS update版本满足版本出口质量，现进行发布公示。本公示分为五部分： 1、openEuler-20.03-LTS-SP1 Update 20230308发布情况及待修复缺陷 2、openEuler-20.03-LTS-SP3 Update 20230308发布情况及待修复缺陷 3、openEuler-22.03-LTS Update 20230308发布情况及待修复缺陷 4、openEuler-22.03-LTS-SP1 Update 20230308发布情况及待修复缺陷 5、openEuler 关键组件待修复CVE 清单 6、openEuler 社区指导文档及开放平台链接本次update版本发布后，下一个版本里程碑点（预计在2023/03/19）提供 update_ 20230315 版本。 openEuler-20.03-LTS-SP1 Update 20230308 经各SIG及社区开发者贡献，本周openEuler-20.03-LTS-SP1修复版本已知问题2个，已知漏洞11个。目前版本分支剩余待修复缺陷36个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP1 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I6JXVB?from=project-i… CVE修复： CVE 仓库 score CVE-2023-24998 apache-commons-fileupload 7.5 CVE-2022-37705 amanda 6.7 CVE-2022-37704 amanda 6.7 CVE-2023-0461 kernel 1 CVE-2023-1073 kernel 1 CVE-2023-1076 kernel 1 CVE-2023-1078 kernel 1 CVE-2023-1095 kernel 1 CVE-2023-1118 kernel 1 CVE-2023-23000 kernel 1 CVE-2023-26607 kernel 7.1 Bugfix： issue 仓库 #I6L1MK:update_20230308 fix ipnetns attach failed iproute #I6KOXL:[openEuler-1.0-LTS] dhugetlb: use mutex lock in update_reserve_pages() kernel openEuler-20.03-LTS-SP1版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1 https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1:Epol openEuler-20.03-LTS-SP1 Update版本发布源链接： https://repo.openeuler.org/openEuler-20.03-LTS-SP1/update/ https://repo.openeuler.org/openEuler-20.03-LTS-SP1/EPOL/update/ openEuler CVE 及安全公告公示链接： https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-20.03-LTS-SP1 Update版本待修复问题清单公示：任务ID 任务标题关联仓库 SIG I281C1 【fuzz】runtime error: libsass Base-service I437CR [SP1][arm/x86]obs-server包下11个服务启动关闭，出现报错 obs-server Others I43OSX [clamav] 执行clamscan --statistics pcre命令会出现error，但是最终返回码为0 clamav Others I48GIM 【20.03LTS SP1 update 210901】ovirt-cockpit-sso.service服务启动失败 ovirt-cockpit-sso oVirt I4F8YQ integer overflow in start_input_bmp libjpeg-turbo Desktop I4F903 Unexpect-exit in start_input_tga libjpeg-turbo Desktop I4F913 Timeout in tjDecompress2 libjpeg-turbo Desktop I4G4A5 Undefine-shift in _bfd_safe_read_leb128 binutils Compiler I4G4B1 Integer overflow in print_vms_time binutils Compiler I4G4VY memleak in parse_gnu_debugaltlink binutils Compiler I4G4WF Heap-buffer-overflow in slurp_hppa_unwind_table binutils Compiler I4G4WW Use-after-free in make_qualified_name binutils Compiler I4G4X6 memleak in byte_get_little_endian binutils Compiler I4G4XF memleak in process_mips_specific binutils Compiler I4G4Y0 out-of-memory in vms_lib_read_index binutils Compiler I4G4YJ Heap-buffer-overflow in bfd_getl16 binutils Compiler I4G4YV Floating point exception in _bfd_vms_slurp_etir binutils Compiler I4J0OY 【20.03 SP1】【arm/x86】安装好libdap后，getdap4命令的-i和-k参数使用异常 libdap sig-recycle I4K6ES stack-buffer-overflow in UINT32_Marshal libtpms sig-security-facility I4K6FU global-buffer-overflow in Array_Marshal libtpms sig-security-facility I4O16Z 【SP1_update/arm】安装kernel-4.19.90-2108版本有错误提示信息 kernel Kernel I5IG1V 【20.03-SP1】【x86/arm】epol源下的efl、efl-devel软件包安装报错，gpg检查失败 efl sig-compat-winapp I5IG6K 【20.03-SP1】【x86/arm】epol源下的opencryptoki、opencryptoki-devel软件包安装报错，gpg检查失败 opencryptoki dev-utils I5JHX2 【20.03 SP1 update 20220727】ovirt-engine在update 20220727版本安装失败 ovirt-engine oVirt I6975Y 【arm】--enable-bootstrap构建gcc失败 gcc Compiler I6AASB 【arm】【codedb】-O3 -fipa-struct-reorg=2编译AmberToolsICE: lto1: internal compiler error: rewrite failed for realloc gcc Compiler I6AZZU 【arm】【codedb】-O3 -fipa-struct-reorg=3运行bcftools应用Segmentation fault (core dumped) gcc Compiler I6CBNA 【20.03 sp1 udpate 0131 】netdata -W createdataset=10命令执行失败 netdata Base-service I6CKZE 【arm】【deja】使用22.03 LTS-SP1发布源gcc 出现编译ICE:during GIMPLE pass: reassoc:internal compiler error: Segmentation fault gcc Compiler I6DRDY 【x86】【spec2017】-O3 -fipa-struct-reorg=5编译子项失败 gcc Compiler I6DUTF [22.03sp1lts][arm/x86] obsredis.service服务启动失败 obs-server Others I6EUHB create_gcov在kernel6.1上执行报错 autofdo Compiler I6FQCO 【22.03-LTS-SP1】【x86/arm】opengauss缺少安装依赖lsof opengauss-server DB I6I438 【x86】【deja】汇编失败：unsupported masking for `vcvtps2ph' gcc Compiler I6I47O 【x86】【deja】运行出现Segmentation fault gcc Compiler I6ISTD [22.03-sp1]执行iscsiadm -m node -p 127.0.0.1 -u命令失败，内核报错 kernel Kernel openEuler-20.03-LTS-SP3 Update 20230308 经各SIG及社区开发者贡献，本周openEuler-20.03-LTS-SP3修复版本已知问2个，已知漏洞12个。目前版本分支剩余待修复缺陷 10个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP3 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I6JXVC?from=project-i… CVE修复：需求类型软件包优先级 CVE-2020-10775 ovirt-engine 5.3 CVE-2023-24998 apache-commons-fileupload 7.5 CVE-2022-37705 amanda 6.7 CVE-2022-37704 amanda 6.7 CVE-2023-0461 kernel 1 CVE-2023-1073 kernel 1 CVE-2023-1076 kernel 1 CVE-2023-1078 kernel 1 CVE-2023-1095 kernel 1 CVE-2023-1118 kernel 1 CVE-2023-23000 kernel 1 CVE-2023-26607 kernel 7.1 Bugfix： issue 仓库 #I6L1MK:update_20230308 fix ipnetns attach failed iproute #I6KOXL:[openEuler-1.0-LTS] dhugetlb: use mutex lock in update_reserve_pages() kernel openEuler-20.03-LTS-SP3版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3 https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3:Epol openEuler-20.03-LTS-SP3 Update版本发布源链接： https://repo.openeuler.org/openEuler-20.03-LTS-SP3/update/ https://repo.openeuler.org/openEuler-20.03-LTS-SP3/EPOL/update/main/ openEuler CVE 及安全公告公示链接： https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-20.03-LTS-SP3 Update版本待修复问题清单公示：任务ID 任务标题关联仓库 SIG I5IGAS 【20.03-SP3】【x86/arm】epol源下的opencryptoki、opencryptoki-devel软件包安装报错，gpg检查失败 opencryptoki dev-utils I5IGOR 【20.03-SP3】【x86/arm】epol源下的fluidsynth、fluidsynth-devel、fluidsynth-help软件包安装报错，gpg检查失败 fluidsynth Application I5KXUY 【20.03 LTS SP3 update 20220803】【arm/x86】ovirt-cockpit-sso.service服务启动失败 ovirt-cockpit-sso oVirt I5KY4S 【20.03 LTS SP3 update 20220803】【arm/x86】vdsmd.service服务启动失败，导致mom-vdsm.service服务无法启动成功 vdsm oVirt I5LYJK 【20.03-sp3_update20220801】【x86】对内核版进行升级后，TCP_option_address安装异常 TCP_option_address Kernel I5XDXJ openeuler：20.03-sp3下lua-lunit0.5和lua5.3不匹配 mugen sig-QA I613DI 【20.03 SP3】当前最新版本的kernel、 oec-hardware、 openEuler-release三个包同时安装，虚拟机启动失败 openEuler-release Base-service I61LEV 【20.03 LTS SP3】【arm/x86】安装oscilloscope，然后执行oscilloscope -h报错 tuna Others I66BBJ [20.03-LTS-SP3]/etc/yum.repos.d/openEuler.repo源中默认没有update的source源 openEuler-repos Base-service I6CBL7 【20.03 sp3 udpate 0131 】netdata -W createdataset=10命令执行失败 netdata Base-service openEuler-22.03-LTS Update 20230308 经各SIG及社区开发者贡献，本周openEuler-22.03-LTS修复版本已知问题3个，已知漏洞4个。目前版本分支剩余待修复缺陷9个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I6JXVD?from=project-i… CVE修复： CVE 仓库 score CVE-2022-37705 amanda 6.7 CVE-2022-37704 amanda 6.7 CVE-2023-24998 apache-commons-fileupload 7.5 CVE-2023-23009 libreswan 7.5 Bugfix： issue 仓库 #I6JA8U:【22.03 LTS update20230301】【arm/x86】unbound安装过程中有异常打印信息 unbound #I6L1MK:update_20230308 fix ipnetns attach failed iproute #I6L25Z:update_20230308 Multi-Version_OpenStack-Wallaby_openEuler-22.03-LTS分支修复openstack依赖问题 python-chardet openEuler-22.03-LTS版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:22.03:LTS https://build.openeuler.org/project/show/openEuler:22.03:LTS:Epol openEuler-22.03-LTS Update版本发布源链接： https://repo.openeuler.org/openEuler-22.03-LTS/update/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/main/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… openEuler-22.03-LTS Update版本待修复问题清单公示：任务ID 任务标题关联仓库 SIG I5JIA6 【22.03 LTS update 20220727】ovirt-engine在update 20220727版本安装失败 ovirt-engine oVirt I5JPII 【22.03_update20220727】【x86/arm】ovirt-engine源码包本地自编译失败，缺少编译依赖ovirt-jboss-modules-maven-plugin ovirt-engine oVirt I665SM resize2fs出现csum不一致 kernel Kernel I66BDE [22.03-LTS]/etc/yum.repos.d/openEuler.repo源中默认没有update的source源 openEuler-repos Base-service I66KIH 【22.03 LTS update 20221214】【arm/x86】openstack-ironic-inspector.service服务stop失败 openstack-ironic-inspector sig-openstack I677QX 【22.03-LTS】【x86/arm】安装opengauss-server时报未找不着lsof命令错误 opengauss-server DB I6AG88 【22.03-LTS】【arm/x86】nvwa第一次卸载时有异常报错信息 nvwa sig-ops I6AGEG 【22.03-LTS-SP1】【arm/x86】nvwa第一次卸载时有异常报错信息 nvwa sig-ops I6CBPQ 【22.03 lts udpate 0131 】netdata -W createdataset=10命令执行失败 netdata Base-service openEuler-22.03-LTS SP1 Update 20230308 经各SIG及社区开发者贡献，本周openEuler-22.03-LTS修复版本已知问题3个，已知漏洞12个。目前版本分支剩余待修复缺陷21个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS SP1 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I6JXVA?from=project-i… CVE修复： CVE 仓库 score CVE-2023-22796 rubygem-activesupport 7.5 CVE-2022-37705 amanda 6.7 CVE-2022-37704 amanda 6.7 CVE-2022-3560 pesign 5.5 CVE-2023-0240 kernel 7.8 CVE-2023-0615 kernel 5.5 CVE-2023-0045 kernel 5.1 CVE-2023-20938 kernel 8.8 CVE-2023-23586 kernel 5.5 CVE-2022-47629 libksba 9.8 CVE-2023-23009 libreswan 7.5 CVE-2023-24998 apache-commons-fileupload 7.5 Bugfix： issue 仓库 #I6IQTA:openldap开启build_cross宏支持交叉编译 openldap #I6JA8U:【22.03 LTS update20230301】【arm/x86】unbound安装过程中有异常打印信息 unbound #I6L1MK:update_20230308 fix ipnetns attach failed iproute openEuler-22.03-LTS SP1版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:22.03:LTS https://build.openeuler.org/project/show/openEuler:22.03:LTS:Epol openEuler-22.03-LTS SP1 Update版本发布源链接： https://repo.openeuler.org/openEuler-22.03-LTS/update/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/main/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… openEuler-22.03-LTS SP1 Update版本待修复问题清单公示：任务ID 任务标题关联仓库 SIG I657VS 【22.03_LTS_SP1_RC2】【x86/arm】dde-api不存在安全的编译选项PIE、STRIP dde-api sig-DDE I657VT 【22.03_LTS_SP1_RC2】【x86/arm】dde-daemon存在不安全的编译选项STRIP dde-daemon sig-DDE I657VX 【22.03_LTS_SP1_RC2】【x86/arm】deepin-dbus-generator不存在安全的编译选项PIE、STRIP deepin-dbus-generator sig-DDE I657W0 【22.03_LTS_SP1_RC2】【x86/arm】deepin-editor存在不安全的编译选项STRIP deepin-editor sig-DDE I657W3 【22.03_LTS_SP1_RC2】【x86/arm】deepin-graphics-driver-manager存在不安全的编译选项STRIP deepin-graphics-driver-manager sig-DDE I657W7 【22.03_LTS_SP1_RC2】【x86/arm】deepin-system-monitor存在不安全的编译选项STRIP deepin-system-monitor sig-DDE I6583U 【22.03_LTS_SP1_RC2】【x86/arm】startdde不存在安全的编译选项PIE、STRIP startdde sig-DDE I6975Y 【arm】--enable-bootstrap构建gcc失败 gcc Compiler I6AASB 【arm】【codedb】-O3 -fipa-struct-reorg=2编译AmberToolsICE: lto1: internal compiler error: rewrite failed for realloc gcc Compiler I6AGEG 【22.03-LTS-SP1】【arm/x86】nvwa第一次卸载时有异常报错信息 nvwa sig-ops I6AZZU 【arm】【codedb】-O3 -fipa-struct-reorg=3运行bcftools应用Segmentation fault (core dumped) gcc Compiler I6CBPN 【22.03 lts sp1 udpate 0131 】netdata -W createdataset=10命令执行失败 netdata Base-service I6CKRQ 【22.03 SP1 update20230201】【arm/x86】ceph-selinux卸载过程中有异常打印信息 ceph sig-ceph I6CKZE 【arm】【deja】使用22.03 LTS-SP1发布源gcc 出现编译ICE:during GIMPLE pass: reassoc:internal compiler error: Segmentation fault gcc Compiler I6DRDY 【x86】【spec2017】-O3 -fipa-struct-reorg=5编译子项失败 gcc Compiler I6DUTF [22.03sp1lts][arm/x86] obsredis.service服务启动失败 obs-server Others I6EUHB create_gcov在kernel6.1上执行报错 autofdo Compiler I6FQCO 【22.03-LTS-SP1】【x86/arm】opengauss缺少安装依赖lsof opengauss-server DB I6I438 【x86】【deja】汇编失败：unsupported masking for `vcvtps2ph' gcc Compiler I6I47O 【x86】【deja】运行出现Segmentation fault gcc Compiler I6ISTD [22.03-sp1]执行iscsiadm -m node -p 127.0.0.1 -u命令失败，内核报错 kernel Kernel 社区待修复漏洞： openEuler社区根据漏洞严重等级采取差异化的修复策略，请各个SIG 关注涉及CVE组件的修复情况。严重等级（Severity Rating）漏洞修复时长致命（Critical） 7天高（High） 14天中（Medium） 30天低（Low） 30天可参考社区安全委员会漏洞：https://gitee.com/openeuler/security-committee/wikis/%E7%A4%BE… 近14天将超期CVE: 漏洞编号 Issue ID 剩余天数 CVSS评分软件包责任SIG CVE-2023-26607 I6HWPB 0.64 7.1 risc-v-kernel sig-RISC-V CVE-2023-26605 I6HWOX 0.64 7.8 risc-v-kernel sig-RISC-V CVE-2023-26606 I6HWOO 0.64 7.8 risc-v-kernel sig-RISC-V CVE-2023-1077 I6I7UG 1.39 7.0 risc-v-kernel sig-RISC-V CVE-2023-22995 I6IEHV 1.89 7.8 risc-v-kernel sig-RISC-V CVE-2023-22995 I6IEH4 1.89 7.8 kernel Kernel CVE-2022-41723 I6IKBL 2.35 7.5 perl-Net-HTTP Programming-language CVE-2023-27371 I6IKCF 2.51 7.5 libmicrohttpd Application CVE-2023-1017 I6IUP1 3.01 7.8 libtpms sig-security-facility CVE-2022-25937 I6EUG8 3.1 6.5 openstack-glance sig-openstack CVE-2023-1118 I6IW01 3.53 7.8 kernel Kernel CVE-2023-23003 I6IXRI 3.66 7.8 risc-v-kernel sig-RISC-V CVE-2023-23003 I6IXPB 3.66 7.8 kernel Kernel CVE-2023-25730 I6F4RP 4.41 0.0 firefox Application CVE-2023-25739 I6F4RO 4.41 0.0 firefox Application CVE-2023-25736 I6F4RN 4.41 0.0 firefox Application CVE-2023-25738 I6F4RM 4.41 0.0 firefox Application CVE-2023-25731 I6F4RL 4.41 0.0 firefox Application CVE-2023-25735 I6F4RK 4.41 0.0 firefox Application CVE-2023-25740 I6F4RJ 4.41 0.0 firefox Application CVE-2023-25744 I6F4RI 4.41 0.0 firefox Application CVE-2023-25746 I6F4RH 4.41 0.0 firefox Application CVE-2023-25742 I6F4RG 4.41 0.0 firefox Application CVE-2023-25728 I6F4RF 4.41 0.0 firefox Application CVE-2023-25737 I6F4RE 4.41 0.0 firefox Application CVE-2023-25734 I6F4RD 4.41 0.0 firefox Application CVE-2023-25745 I6F4RA 4.41 0.0 firefox Application CVE-2023-25743 I6F4R8 4.41 0.0 firefox Application CVE-2023-25741 I6F4R6 4.41 0.0 firefox Application CVE-2023-25729 I6F4R2 4.41 0.0 firefox Application CVE-2023-25732 I6F4QX 4.41 0.0 firefox Application CVE-2023-25733 I6F4QT 4.41 0.0 firefox Application CVE-2023-0767 I6F4QN 4.41 0.0 firefox Application CVE-2022-27672 I6FB6C 4.91 4.7 kernel Kernel CVE-2022-38090 I6FDF4 5.03 4.4 microcode_ctl System-tool CVE-2022-33196 I6FDF2 5.03 6.7 microcode_ctl System-tool CVE-2023-23934 I6FDE3 5.03 3.5 python-werkzeug Programming-language CVE-2023-23918 I6GFMC 5.23 7.5 nodejs sig-nodejs CVE-2023-0778 I6FEKK 5.28 0.0 podman sig-CloudNative CVE-2016-3092 I6JLSA 5.72 7.5 struts sig-Java CVE-2023-20052 I6FMJU 5.95 0.0 clamav Others CVE-2023-0616 I6FOOO 6.14 0.0 thunderbird sig-desktop-apps CVE-2023-0662 I6FWA8 6.94 5.3 php Base-service CVE-2023-0567 I6FXSZ 7.01 0.0 php Base-service CVE-2023-23586 I6FYP9 7.14 5.5 kernel Kernel CVE-2019-17003 I6FZ58 7.26 6.1 thunderbird sig-desktop-apps CVE-2019-17003 I6FZ57 7.26 6.1 mozjs78 Desktop CVE-2019-17003 I6FZ56 7.26 6.1 firefox Application CVE-2023-26604 I6JZ81 7.63 7.8 systemd Base-service CVE-2022-36397 I6FZ5I 8.61 7.8 kernel Kernel CVE-2023-1220 I6KVOV 9.64 8.8 chromium Application CVE-2023-1227 I6KVOD 9.64 8.8 chromium Application CVE-2023-1219 I6KVLQ 9.64 8.8 chromium Application CVE-2023-1218 I6KVL8 9.64 8.8 chromium Application CVE-2023-1216 I6KVKV 9.64 8.8 chromium Application CVE-2023-1213 I6KYB7 9.76 8.8 chromium Application CVE-2023-1214 I6KYB6 9.76 8.8 chromium Application CVE-2023-23920 I6GGBS 10.08 4.2 nodejs sig-nodejs CVE-2021-33639 I6H235 12.02 0.0 risc-v-kernel sig-RISC-V CVE-2023-23039 I6H8HC 12.83 5.7 kernel Kernel CVE-2023-23039 I6H8H5 12.83 5.7 risc-v-kernel sig-RISC-V CVE-2021-33367 I6H8GO 12.83 5.5 freeimage dev-utils openEuler 社区指导文档及开放平台链接： openEuler 版本分支维护规范： https://gitee.com/openeuler/release-management/blob/master/openEuler%E7%89%… openEuler release-management 版本分支PR指导： https://gitee.com/openeuler/release-management/blob/master/openEuler%E5%BC%… 社区QA 版本测试提单规范 https://gitee.com/openeuler/QA/blob/839f952696f271f83c018ccf3218cf493b92d65… 社区QA 测试平台 radiates https://radiatest.openeuler.org<https://radiatest.openeuler.org/> 沐钰莹（openEuler release SIG） Mobile: +86 15651995918 中国(China)-杭州(Hangzhou)-滨江区江淑路360号华为杭州研发中心 HUAWEI , Jiangshu Road., Binjiang District, Hangzhou, P.R.China E-mail: muyuying1(a)huawei.com<mailto:muyuying1@huawei.com> [cid:image004.png@01D95511.7855BC70]Open Source OS for Digital Infrastructure 本邮件及其附件含有华为公司的保密信息，仅限于发送给上面地址中列出的个人或群组。禁止任何其他人以任何形式使用（包括但不限于全部或部分地泄露、复制、或散发）本邮件中的信息。如果您错收了本邮件，请您立即电话或邮件通知发件人并删除本邮件！ This e-mail and its attachments contain confidential information from HUAWEI, which is intended only for the person or entity whose address is listed above. Any use of the information contained herein in any way (including, but not limited to, total or partial disclosure, reproduction, or dissemination) by persons other than the intended recipient(s) is prohibited. If you receive this e-mail in error, please notify the sender by phone or email immediately and delete it

1 0

openEuler update_20230301版本发布公告
by muyuying 05 Mar '23

05 Mar '23

Dear all，经社区Release SIG、QA SIG及 CICD SIG 评估，openEuler-20.03-LTS-SP1、openEuler-20.03-LTS-SP3及openEuler-22.03-LTS update版本满足版本出口质量，现进行发布公示。本公示分为五部分： 1、openEuler-20.03-LTS-SP1 Update 20230301发布情况及待修复缺陷 2、openEuler-20.03-LTS-SP3 Update 20230301发布情况及待修复缺陷 3、openEuler-22.03-LTS Update 20230301发布情况及待修复缺陷 4、openEuler-22.03-LTS-SP1 Update 20230301发布情况及待修复缺陷 5、openEuler 关键组件待修复CVE 清单 6、openEuler 社区指导文档及开放平台链接本次update版本发布后，下一个版本里程碑点（预计在2023/03/11）提供 update_ 20230308 版本。 openEuler-20.03-LTS-SP1 Update 20230301 经各SIG及社区开发者贡献，本周openEuler-20.03-LTS-SP1修复版本已知问题5个，已知漏洞24个。目前版本分支剩余待修复缺陷43个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP1 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I6HVKH?from=project-i… CVE修复：需求类型软件包优先级 CVE-2023-0687 glibc 9.8 CVE-2023-25153 containerd 5.5 CVE-2023-25173 containerd 7.8 CVE-2022-48337 emacs 7.8 CVE-2022-48338 emacs 7.3 CVE-2022-48339 emacs 7.3 CVE-2023-24580 python-django 7.5 CVE-2022-4304 nodejs 5.9 CVE-2022-4450 nodejs 7.5 CVE-2023-0215 nodejs 7.5 CVE-2023-0286 nodejs 7.4 CVE-2022-38266 leptonica 6.5 CVE-2023-0056 haproxy 4.3 CVE-2023-25725 haproxy 7.5 CVE-2022-37704 amanda 6.7 CVE-2022-37705 amanda 6.7 CVE-2021-33639 kernel 6.7 CVE-2023-26545 kernel 5.3 CVE-2020-10775 ovirt-engine 5.3 CVE-2022-4450 edk2 7.5 CVE-2023-0215 edk2 7.5 CVE-2023-0286 edk2 7.4 CVE-2023-0401 edk2 7.5 Bugfix： issue 仓库 #I6E9JM:例行分析python-urllib3补丁，需要补丁回合<https://gitee.com/open_euler/dashboard?issue_id=I6E9JM> python-urllib3 #I6AA06:【20.03-LTS-SP1-update-0111】【arm/x86】执行sosreport -a报错“TypeError: 'NoneType' object is not iterable”<https://gitee.com/open_euler/dashboard?issue_id=I6AA06> sos #I63KFX:自动化测试FC卡不显示FC卡的型号信息<https://gitee.com/open_euler/dashboard?issue_id=I63KFX> oec-hardware #I4RU21:回合社区补丁<https://gitee.com/open_euler/dashboard?issue_id=I4RU21> dnf-plugins-core #I6BO2R:【openEuler 1.0-LTS】【OLK-5.10】新增中断重入告警维测<https://gitee.com/open_euler/dashboard?issue_id=I6BO2R> kernel openEuler-20.03-LTS-SP1版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1 https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1:Epol openEuler-20.03-LTS-SP1 Update版本发布源链接： https://repo.openeuler.org/openEuler-20.03-LTS-SP1/update/ https://repo.openeuler.org/openEuler-20.03-LTS-SP1/EPOL/update/ openEuler CVE 及安全公告公示链接： https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-20.03-LTS-SP1 Update版本待修复问题清单公示：任务ID 任务标题关联仓库 SIG I281C1 【fuzz】runtime error: libsass Base-service I437CR [SP1][arm/x86]obs-server包下11个服务启动关闭，出现报错 obs-server Others I43OSX [clamav] 执行clamscan --statistics pcre命令会出现error，但是最终返回码为0 clamav Others I48GIM 【20.03LTS SP1 update 210901】ovirt-cockpit-sso.service服务启动失败 ovirt-cockpit-sso oVirt I490MU Uncaught exception in get_tokens_unprocessed python-pygments Programming-language I4F8YQ integer overflow in start_input_bmp libjpeg-turbo Desktop I4F903 Unexpect-exit in start_input_tga libjpeg-turbo Desktop I4F913 Timeout in tjDecompress2 libjpeg-turbo Desktop I4G4A5 Undefine-shift in _bfd_safe_read_leb128 binutils Compiler I4G4B1 Integer overflow in print_vms_time binutils Compiler I4G4VY memleak in parse_gnu_debugaltlink binutils Compiler I4G4WF Heap-buffer-overflow in slurp_hppa_unwind_table binutils Compiler I4G4WW Use-after-free in make_qualified_name binutils Compiler I4G4X6 memleak in byte_get_little_endian binutils Compiler I4G4XF memleak in process_mips_specific binutils Compiler I4G4Y0 out-of-memory in vms_lib_read_index binutils Compiler I4G4YJ Heap-buffer-overflow in bfd_getl16 binutils Compiler I4G4YV Floating point exception in _bfd_vms_slurp_etir binutils Compiler I4J0OY 【20.03 SP1】【arm/x86】安装好libdap后，getdap4命令的-i和-k参数使用异常 libdap sig-recycle I4JMG4 【20.03 SP1】【arm/x86】robotframework包的三个命令：libdoc、rebot、robot执行--help/-h/-?/--version，查看帮助信息和版本信息，返回值为251 python-robotframework sig-ROS I4K6ES stack-buffer-overflow in UINT32_Marshal libtpms sig-security-facility I4K6FU global-buffer-overflow in Array_Marshal libtpms sig-security-facility I4K6R7 memleak in wrap_nettle_mpi_init gnutls sig-security-facility I4K6UI Timeout in _asn1_find_up gnutls sig-security-facility I4O16Z 【SP1_update/arm】安装kernel-4.19.90-2108版本有错误提示信息 kernel Kernel I4QV6N 【openEuler-20.03-LTS-SP1】flink命令执行失败 flink sig-bigdata I5IG1V 【20.03-SP1】【x86/arm】epol源下的efl、efl-devel软件包安装报错，gpg检查失败 efl sig-compat-winapp I5IG6K 【20.03-SP1】【x86/arm】epol源下的opencryptoki、opencryptoki-devel软件包安装报错，gpg检查失败 opencryptoki dev-utils I5JHX2 【20.03 SP1 update 20220727】ovirt-engine在update 20220727版本安装失败 ovirt-engine oVirt I6975Y 【arm】--enable-bootstrap构建gcc失败 gcc Compiler I6AASB 【arm】【codedb】-O3 -fipa-struct-reorg=2编译AmberToolsICE: lto1: internal compiler error: rewrite failed for realloc gcc Compiler I6AZZU 【arm】【codedb】-O3 -fipa-struct-reorg=3运行bcftools应用Segmentation fault (core dumped) gcc Compiler I6CBNA 【20.03 sp1 udpate 0131 】netdata -W createdataset=10命令执行失败 netdata Base-service I6CKZE 【arm】【deja】使用22.03 LTS-SP1发布源gcc 出现编译ICE:during GIMPLE pass: reassoc:internal compiler error: Segmentation fault gcc Compiler I6DRDY 【x86】【spec2017】-O3 -fipa-struct-reorg=5编译子项失败 gcc Compiler I6DUTF [22.03sp1lts][arm/x86] obsredis.service服务启动失败 obs-server Others I6EUHB create_gcov在kernel6.1上执行报错 autofdo Compiler I6FQCO 【22.03-LTS-SP1】【x86/arm】opengauss缺少安装依赖lsof opengauss-server DB I6I438 【x86】【deja】汇编失败：unsupported masking for `vcvtps2ph' gcc Compiler I6I47O 【x86】【deja】运行出现Segmentation fault gcc Compiler I6ISTD [22.03-sp1]执行iscsiadm -m node -p 127.0.0.1 -u命令失败，内核报错 kernel Kernel I6IU04 【update20230228-22.03-lts-sp1】amcrypt-ossl 命令执行失败 amanda Application I6IU77 【update20230228-22.03-lts-sp1】amaespipe命令执行失败 amanda Application openEuler-20.03-LTS-SP3 Update 20230301 经各SIG及社区开发者贡献，本周openEuler-20.03-LTS-SP3修复版本已知问5个，已知漏洞23个。目前版本分支剩余待修复缺陷 14个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP3 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I6HVKI?from=project-i… CVE修复：需求类型软件包优先级 CVE-2023-0687 glibc 9.8 CVE-2023-25153 containerd 5.5 CVE-2023-25173 containerd 7.8 CVE-2022-48337 emacs 7.8 CVE-2022-48338 emacs 7.3 CVE-2022-48339 emacs 7.3 CVE-2023-24580 python-django 7.5 CVE-2022-4304 nodejs 5.9 CVE-2022-4450 nodejs 7.5 CVE-2023-0215 nodejs 7.5 CVE-2023-0286 nodejs 7.4 CVE-2022-38266 leptonica 6.5 CVE-2023-0056 haproxy 4.3 CVE-2023-25725 haproxy 7.5 CVE-2022-37704 amanda 6.7 CVE-2022-37705 amanda 6.7 CVE-2021-33639 kernel 6.7 CVE-2023-26545 kernel 5.3 CVE-2020-10775 ovirt-engine 5.3 CVE-2022-4450 edk2 7.5 CVE-2023-0215 edk2 7.5 CVE-2023-0286 edk2 7.4 CVE-2023-0401 edk2 7.5 Bugfix： issue 仓库 #I6E9JM:例行分析python-urllib3补丁，需要补丁回合 python-urllib3 #I4RADS:【20.03-LTS-SP1】log4j升级失败 log4j #I63KFX:自动化测试FC卡不显示FC卡的型号信息 oec-hardware #I4RU21:回合社区补丁 dnf-plugins-core #I6BO2R:【openEuler 1.0-LTS】【OLK-5.10】新增中断重入告警维测 kernel openEuler-20.03-LTS-SP3版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3 https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3:Epol openEuler-20.03-LTS-SP3 Update版本发布源链接： https://repo.openeuler.org/openEuler-20.03-LTS-SP3/update/ https://repo.openeuler.org/openEuler-20.03-LTS-SP3/EPOL/update/main/ openEuler CVE 及安全公告公示链接： https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-20.03-LTS-SP3 Update版本待修复问题清单公示：任务ID 任务标题关联仓库 SIG I4QV7S 【openEuler-20.03-LTS-SP3】flink run 命令执行失败 flink sig-bigdata I4UMEV [openEuler 20.03-LTS SP3]openEuler开启crash_kexec_post_notifiers后，panic通知链无法完全遍历 kernel Kernel I5IGAS 【20.03-SP3】【x86/arm】epol源下的opencryptoki、opencryptoki-devel软件包安装报错，gpg检查失败 opencryptoki dev-utils I5IGOR 【20.03-SP3】【x86/arm】epol源下的fluidsynth、fluidsynth-devel、fluidsynth-help软件包安装报错，gpg检查失败 fluidsynth Application I5KXUY 【20.03 LTS SP3 update 20220803】【arm/x86】ovirt-cockpit-sso.service服务启动失败 ovirt-cockpit-sso oVirt I5KY4S 【20.03 LTS SP3 update 20220803】【arm/x86】vdsmd.service服务启动失败，导致mom-vdsm.service服务无法启动成功 vdsm oVirt I5LYJK 【20.03-sp3_update20220801】【x86】对内核版进行升级后，TCP_option_address安装异常 TCP_option_address Kernel I5XDXJ openeuler：20.03-sp3下lua-lunit0.5和lua5.3不匹配 mugen sig-QA I613DI 【20.03 SP3】当前最新版本的kernel、 oec-hardware、 openEuler-release三个包同时安装，虚拟机启动失败 openEuler-release Base-service I61LEV 【20.03 LTS SP3】【arm/x86】安装oscilloscope，然后执行oscilloscope -h报错 tuna Others I66BBJ [20.03-LTS-SP3]/etc/yum.repos.d/openEuler.repo源中默认没有update的source源 openEuler-repos Base-service I6CBL7 【20.03 sp3 udpate 0131 】netdata -W createdataset=10命令执行失败 netdata Base-service I6ITY0 【update20230228-20.03-lts-sp3】amcrypt-ossl 命令执行失败 amanda Application I6IUAO 【update20230228-20.03-lts-sp3】amaespipe命令执行失败 amanda Application openEuler-22.03-LTS Update 20230301 经各SIG及社区开发者贡献，本周openEuler-22.03-LTS修复版本已知问题5个，已知漏洞29个。目前版本分支剩余待修复缺陷11个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I6HVKJ?from=project-i… CVE修复： CVE 仓库 score CVE-2023-0687 glibc 9.8 CVE-2023-25153 containerd 5.5 CVE-2023-25173 containerd 7.8 CVE-2022-48337 emacs 7.8 CVE-2022-48338 emacs 7.3 CVE-2022-48339 emacs 7.3 CVE-2023-22796 rubygem-activesupport 7.5 CVE-2022-44566 rubygem-activerecord 7.5 CVE-2023-22794 rubygem-activerecord 8.8 CVE-2023-24580 python-django 7.5 CVE-2022-4304 nodejs 5.9 CVE-2022-4450 nodejs 7.5 CVE-2023-0215 nodejs 7.5 CVE-2023-0286 nodejs 7.4 CVE-2022-38266 leptonica 6.5 CVE-2023-0056 haproxy 4.3 CVE-2023-25725 haproxy 7.5 CVE-2023-26081 epiphany 0 CVE-2022-37704 amanda 6.7 CVE-2022-37705 amanda 6.7 CVE-2021-33639 kernel 6.7 CVE-2023-0597 kernel 5.5 CVE-2023-0615 kernel 5.5 CVE-2020-10775 ovirt-engine 5.3 CVE-2022-44789 mujs 8.8 CVE-2022-4450 edk2 7.5 CVE-2023-0215 edk2 7.5 CVE-2023-0286 edk2 7.4 CVE-2023-0401 edk2 7.5 Bugfix： issue 仓库 #I6E9JM:例行分析python-urllib3补丁，需要补丁回合 python-urllib3 #I6GM47:openEuler-22.03-LTS-SP1分支unbound为何未合入社区已知#610 #611问题 unbound #I63KFX:自动化测试FC卡不显示FC卡的型号信息 oec-hardware #I57PCI:python3-dnf-plugin-post-transaction-actions子包缺少目录 dnf-plugins-core #I6IRK0:update_0301 避免全量升级出现文件冲突 cups openEuler-22.03-LTS版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:22.03:LTS https://build.openeuler.org/project/show/openEuler:22.03:LTS:Epol openEuler-22.03-LTS Update版本发布源链接： https://repo.openeuler.org/openEuler-22.03-LTS/update/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/main/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… openEuler-22.03-LTS Update版本待修复问题清单公示：任务ID 任务标题关联仓库 SIG I5JIA6 【22.03 LTS update 20220727】ovirt-engine在update 20220727版本安装失败 ovirt-engine oVirt I5JPII 【22.03_update20220727】【x86/arm】ovirt-engine源码包本地自编译失败，缺少编译依赖ovirt-jboss-modules-maven-plugin ovirt-engine oVirt I665SM resize2fs出现csum不一致 kernel Kernel I66BDE [22.03-LTS]/etc/yum.repos.d/openEuler.repo源中默认没有update的source源 openEuler-repos Base-service I66KIH 【22.03 LTS update 20221214】【arm/x86】openstack-ironic-inspector.service服务stop失败 openstack-ironic-inspector sig-openstack I677QX 【22.03-LTS】【x86/arm】安装opengauss-server时报未找不着lsof命令错误 opengauss-server DB I6AG88 【22.03-LTS】【arm/x86】nvwa第一次卸载时有异常报错信息 nvwa sig-ops I6AGEG 【22.03-LTS-SP1】【arm/x86】nvwa第一次卸载时有异常报错信息 nvwa sig-ops I6CBPQ 【22.03 lts udpate 0131 】netdata -W createdataset=10命令执行失败 netdata Base-service I6IU0H 【update20230228-22.03-lts】amcrypt-ossl 命令执行失败 amanda Application I6IU1P 【update20230228-22.03-lts】amaespipe命令执行失败 amanda Application openEuler-22.03-LTS SP1 Update 20230301 经各SIG及社区开发者贡献，本周openEuler-22.03-LTS修复版本已知问题16个，已知漏洞24个。目前版本分支剩余待修复缺陷23个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS SP1 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I6HVKG?from=project-i… CVE修复： CVE 仓库 score CVE-2023-0687 glibc 9.8 CVE-2023-25153 containerd 5.5 CVE-2023-25173 containerd 7.8 CVE-2022-48337 emacs 7.8 CVE-2022-48338 emacs 7.3 CVE-2022-48339 emacs 7.3 CVE-2022-44566 rubygem-activerecord 7.5 CVE-2023-22794 rubygem-activerecord 8.8 CVE-2023-24580 python-django 7.5 CVE-2022-3560 pesign 5.5 CVE-2022-4304 nodejs 5.9 CVE-2022-4450 nodejs 7.5 CVE-2023-0215 nodejs 7.5 CVE-2023-0286 nodejs 7.4 CVE-2022-38266 leptonica 6.5 CVE-2023-0056 haproxy 4.3 CVE-2023-25725 haproxy 7.5 CVE-2022-37704 amanda 6.7 CVE-2022-37705 amanda 6.7 CVE-2022-44789 mujs 8.8 CVE-2022-4450 edk2 7.5 CVE-2023-0215 edk2 7.5 CVE-2023-0286 edk2 7.4 CVE-2023-0401 edk2 7.5 Bugfix： issue 仓库 #I6FF6H:glib2社区补丁回合 glib2 #I6CA2Y:update_20230201-修复glib2-static安装时找不到sysprof-capture-static安装依赖 sysprof #I6HRK9:删除.a库文件并添加make依赖 c-ares #I6HL17:samba 22.03-LTS-SP1升级 samba #I6CGPC:verdor.obscpio文件包缺少stringio-3.0.1.gem obs-bundled-gems #I6GM47:openEuler-22.03-LTS-SP1分支unbound为何未合入社区已知#610 #611问题 unbound #I63KFX:自动化测试FC卡不显示FC卡的型号信息 oec-hardware #I6IRWV:update-0301 fix update conflict of devel and help cups #I6IS21:update-0301 disable static library libXxf86vm #I6GJ7I:安装摘要信息引导界面--root密码输入框，密码输入框眼睛图标含义未汉化 anaconda #I5WLDC:Upgrade to latest release [dnf-plugins-core: 4.0.24 -> 4.3.1] dnf-plugins-core #I6I9HY:delete static library libtirpc #I6IAVJ:delete static library ipset #I6IBB9:delete static library nghttp2 #I6IBLQ:delete static library libdnet #I6E9JM:例行分析python-urllib3补丁，需要补丁回合 python-urllib3 openEuler-22.03-LTS SP1版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:22.03:LTS https://build.openeuler.org/project/show/openEuler:22.03:LTS:Epol openEuler-22.03-LTS SP1 Update版本发布源链接： https://repo.openeuler.org/openEuler-22.03-LTS/update/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/main/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… openEuler-22.03-LTS SP1 Update版本待修复问题清单公示：任务ID 任务标题关联仓库 SIG I657VS 【22.03_LTS_SP1_RC2】【x86/arm】dde-api存在不安全的编译选项PIE、STRIP dde-api sig-DDE I657VT 【22.03_LTS_SP1_RC2】【x86/arm】dde-daemon存在不安全的编译选项STRIP dde-daemon sig-DDE I657VX 【22.03_LTS_SP1_RC2】【x86/arm】deepin-dbus-generator存在不安全的编译选项PIE、STRIP deepin-dbus-generator sig-DDE I657W0 【22.03_LTS_SP1_RC2】【x86/arm】deepin-editor存在不安全的编译选项STRIP deepin-editor sig-DDE I657W3 【22.03_LTS_SP1_RC2】【x86/arm】deepin-graphics-driver-manager存在不安全的编译选项STRIP deepin-graphics-driver-manager sig-DDE I657W7 【22.03_LTS_SP1_RC2】【x86/arm】deepin-system-monitor存在不安全的编译选项STRIP deepin-system-monitor sig-DDE I6583U 【22.03_LTS_SP1_RC2】【x86/arm】startdde存在不安全的编译选项PIE、STRIP startdde sig-DDE I6975Y 【arm】--enable-bootstrap构建gcc失败 gcc Compiler I6AASB 【arm】【codedb】-O3 -fipa-struct-reorg=2编译AmberToolsICE: lto1: internal compiler error: rewrite failed for realloc gcc Compiler I6AGEG 【22.03-LTS-SP1】【arm/x86】nvwa第一次卸载时有异常报错信息 nvwa sig-ops I6AZZU 【arm】【codedb】-O3 -fipa-struct-reorg=3运行bcftools应用Segmentation fault (core dumped) gcc Compiler I6CBPN 【22.03 lts sp1 udpate 0131 】netdata -W createdataset=10命令执行失败 netdata Base-service I6CKRQ 【22.03 SP1 update20230201】【arm/x86】ceph-selinux卸载过程中有异常打印信息 ceph sig-ceph I6CKZE 【arm】【deja】使用22.03 LTS-SP1发布源gcc 出现编译ICE:during GIMPLE pass: reassoc:internal compiler error: Segmentation fault gcc Compiler I6DRDY 【x86】【spec2017】-O3 -fipa-struct-reorg=5编译子项失败 gcc Compiler I6DUTF [22.03sp1lts][arm/x86] obsredis.service服务启动失败 obs-server Others I6EUHB create_gcov在kernel6.1上执行报错 autofdo Compiler I6FQCO 【22.03-LTS-SP1】【x86/arm】opengauss缺少安装依赖lsof opengauss-server DB I6I438 【x86】【deja】汇编失败：unsupported masking for `vcvtps2ph' gcc Compiler I6I47O 【x86】【deja】运行出现Segmentation fault gcc Compiler I6ISTD [22.03-sp1]执行iscsiadm -m node -p 127.0.0.1 -u命令失败，内核报错 kernel Kernel I6IU04 【update20230228-22.03-lts-sp1】amcrypt-ossl 命令执行失败 amanda Application I6IU77 【update20230228-22.03-lts-sp1】amaespipe命令执行失败 amanda Application 社区待修复漏洞： openEuler社区根据漏洞严重等级采取差异化的修复策略，请各个SIG 关注涉及CVE组件的修复情况。严重等级（Severity Rating）漏洞修复时长致命（Critical） 7天高（High） 14天中（Medium） 30天低（Low） 30天可参考社区安全委员会漏洞：https://gitee.com/openeuler/security-committee/wikis/%E7%A4%BE… 近14天将超期CVE: 漏洞编号 Issue ID 剩余天数 CVSS评分软件包责任SIG CVE-2023-23919 I6GFMF 1.26 7.5 nodejs sig-nodejs CVE-2023-23918 I6GFMC 1.26 7.5 nodejs sig-nodejs CVE-2023-24998 I6GH6P 1.55 7.5 apache-commons-fileupload dev-utils CVE-2023-26242 I6GMYX 2.11 7.8 risc-v-kernel sig-RISC-V CVE-2022-48340 I6GQAI 2.26 7.5 glusterfs Storage CVE-2023-23009 I6GTCD 2.91 7.5 libreswan System-tool CVE-2023-26314 I6GYV6 3.14 8.8 mono Base-service CVE-2022-4384 I6DBAC 3.84 6.5 stream CVE-2023-25586 I6DKU7 4.66 0.0 mingw-binutils sig-compat-winapp CVE-2023-25586 I6DKU4 4.66 0.0 binutils Compiler CVE-2022-4304 I6DKV8 4.68 5.9 edk2 Virt CVE-2022-4203 I6DKUZ 4.68 0.0 compat-openssl11 CVE-2023-25585 I6DKUW 4.68 0.0 mingw-binutils sig-compat-winapp CVE-2023-25587 I6DKUV 4.68 0.0 mingw-binutils sig-compat-winapp CVE-2022-4203 I6DKUU 4.68 0.0 edk2 Virt CVE-2023-25585 I6DKUP 4.68 0.0 binutils Compiler CVE-2023-25587 I6DKUO 4.68 0.0 binutils Compiler CVE-2022-4304 I6DKUI 4.68 5.9 compat-openssl11 CVE-2023-25584 I6DSPJ 5.26 0.0 binutils Compiler CVE-2023-25588 I6DSPH 5.26 0.0 mingw-binutils sig-compat-winapp CVE-2023-25584 I6DSPB 5.26 0.0 mingw-binutils sig-compat-winapp CVE-2023-25588 I6DSP8 5.26 0.0 binutils Compiler CVE-2023-21864 I6DZ7V 6.11 4.9 mysql Others CVE-2023-21870 I6DZ7O 6.11 4.9 mysql Others CVE-2023-21866 I6DZ7K 6.11 4.9 mysql Others CVE-2023-21874 I6DZ7A 6.11 2.7 mysql Others CVE-2023-21868 I6DZ76 6.11 6.5 mysql Others CVE-2023-21863 I6DZ6V 6.11 4.9 mysql Others CVE-2023-21869 I6DZ6M 6.11 5.5 mysql Others CVE-2023-21836 I6DZ9K 6.12 4.9 mysql Others CVE-2023-21871 I6DZ99 6.12 4.9 mysql Others CVE-2023-21865 I6DZ8X 6.12 4.9 mysql Others CVE-2023-21872 I6DZ8C 6.12 5.5 mysql Others CVE-2023-21867 I6DZ84 6.12 4.9 mysql Others CVE-2023-21873 I6DZ7Z 6.12 4.9 mysql Others CVE-2023-25166 I6E2G8 6.26 6.5 python-odo sig-python-modules CVE-2022-41862 I6E3MO 6.51 0.0 postgresql DB CVE-2023-20938 I6DKVG 8.15 8.8 kernel Kernel CVE-2023-1077 I6I7UG 8.64 7.0 risc-v-kernel sig-RISC-V CVE-2023-1077 I6I7UB 8.64 7.0 kernel Kernel CVE-2022-25937 I6EUG8 10.35 6.5 openstack-glance sig-openstack CVE-2023-0767 I6F4QN 11.65 0.0 firefox Application CVE-2023-25730 I6F4RP 11.66 0.0 firefox Application CVE-2023-25739 I6F4RO 11.66 0.0 firefox Application CVE-2023-25736 I6F4RN 11.66 0.0 firefox Application CVE-2023-25738 I6F4RM 11.66 0.0 firefox Application CVE-2023-25731 I6F4RL 11.66 0.0 firefox Application CVE-2023-25735 I6F4RK 11.66 0.0 firefox Application CVE-2023-25740 I6F4RJ 11.66 0.0 firefox Application CVE-2023-25744 I6F4RI 11.66 0.0 firefox Application CVE-2023-25746 I6F4RH 11.66 0.0 firefox Application CVE-2023-25742 I6F4RG 11.66 0.0 firefox Application CVE-2023-25728 I6F4RF 11.66 0.0 firefox Application CVE-2023-25737 I6F4RE 11.66 0.0 firefox Application CVE-2023-25734 I6F4RD 11.66 0.0 firefox Application CVE-2023-25745 I6F4RA 11.66 0.0 firefox Application CVE-2023-25743 I6F4R8 11.66 0.0 firefox Application CVE-2023-25741 I6F4R6 11.66 0.0 firefox Application CVE-2023-25729 I6F4R2 11.66 0.0 firefox Application CVE-2023-25732 I6F4QX 11.66 0.0 firefox Application CVE-2023-25733 I6F4QT 11.66 0.0 firefox Application CVE-2023-26242 I6GMYH 11.86 7.8 kernel Kernel CVE-2022-27672 I6FB6C 12.16 0.0 kernel Kernel CVE-2022-38090 I6FDF4 12.28 0.0 microcode_ctl System-tool CVE-2022-33196 I6FDF2 12.28 0.0 microcode_ctl System-tool CVE-2023-23934 I6FDE3 12.28 3.5 python-werkzeug Programming-language CVE-2023-0778 I6FEKK 12.53 0.0 podman sig-CloudNative CVE-2016-3092 I6JLSA 12.97 7.5 struts sig-Java CVE-2023-20052 I6FMJU 13.2 0.0 clamav Others CVE-2023-20032 I6FMJ3 13.2 0.0 clamav Others CVE-2023-0616 I6FOOO 13.39 0.0 thunderbird sig-desktop-apps openEuler 社区指导文档及开放平台链接： openEuler 版本分支维护规范： https://gitee.com/openeuler/release-management/blob/master/openEuler%E7%89%… openEuler release-management 版本分支PR指导： https://gitee.com/openeuler/release-management/blob/master/openEuler%E5%BC%… 社区QA 版本测试提单规范 https://gitee.com/openeuler/QA/blob/839f952696f271f83c018ccf3218cf493b92d65… 社区QA 测试平台 radiates https://radiatest.openeuler.org<https://radiatest.openeuler.org/> 沐钰莹（openEuler release SIG） Mobile: +86 15651995918 中国(China)-杭州(Hangzhou)-滨江区江淑路360号华为杭州研发中心 HUAWEI , Jiangshu Road., Binjiang District, Hangzhou, P.R.China E-mail: muyuying1(a)huawei.com<mailto:muyuying1@huawei.com> [cid:image004.png@01D94F60.32558360]Open Source OS for Digital Infrastructure 本邮件及其附件含有华为公司的保密信息，仅限于发送给上面地址中列出的个人或群组。禁止任何其他人以任何形式使用（包括但不限于全部或部分地泄露、复制、或散发）本邮件中的信息。如果您错收了本邮件，请您立即电话或邮件通知发件人并删除本邮件！ This e-mail and its attachments contain confidential information from HUAWEI, which is intended only for the person or entity whose address is listed above. Any use of the information contained herein in any way (including, but not limited to, total or partial disclosure, reproduction, or dissemination) by persons other than the intended recipient(s) is prohibited. If you receive this e-mail in error, please notify the sender by phone or email immediately and delete it

1 0

openEuler update_20230222版本发布公告
by muyuying 26 Feb '23

26 Feb '23

Dear all，经社区Release SIG、QA SIG及 CICD SIG 评估，openEuler-20.03-LTS-SP1、openEuler-20.03-LTS-SP3及openEuler-22.03-LTS update版本满足版本出口质量，现进行发布公示。本公示分为五部分： 1、openEuler-20.03-LTS-SP1 Update 20230222发布情况及待修复缺陷 2、openEuler-20.03-LTS-SP3 Update 20230222发布情况及待修复缺陷 3、openEuler-22.03-LTS Update 20230222发布情况及待修复缺陷 4、openEuler-22.03-LTS-SP1 Update 20230222发布情况及待修复缺陷 5、openEuler 关键组件待修复CVE 清单 6、openEuler 社区指导文档及开放平台链接本次update版本发布后，下一个版本里程碑点（预计在2023/03/05）提供 update_ 20230301 版本。 openEuler-20.03-LTS-SP1 Update 20230222 经各SIG及社区开发者贡献，本周openEuler-20.03-LTS-SP1修复版本已知问题4个，已知漏洞22个。目前版本分支剩余待修复缺陷39个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP1 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I6G5JO?from=project-i… CVE修复： CVE 仓库 score CVE-2023-23946 git 6.2 CVE-2023-22490 git 5.5 CVE-2023-0361 gnutls 5.9 CVE-2023-0286 shim 7.4 CVE-2022-46663 less 5.5 CVE-2023-23916 curl 6.5 CVE-2023-0804 libtiff 5.5 CVE-2023-0803 libtiff 5.5 CVE-2023-0802 libtiff 5.5 CVE-2023-0801 libtiff 5.5 CVE-2023-0800 libtiff 5.5 CVE-2023-0799 libtiff 5.5 CVE-2023-0798 libtiff 5.5 CVE-2023-0797 libtiff 5.5 CVE-2023-0796 libtiff 5.5 CVE-2023-0795 libtiff 5.5 CVE-2023-25567 gssntlmssp 7.5 CVE-2023-25565 gssntlmssp 7.5 CVE-2023-25564 gssntlmssp 6.5 CVE-2022-3560 pesign 5.5 CVE-2020-10775 ovirt-engine 5.3 CVE-2023-0494 xorg-x11-server 7.8 Bugfix： issue 仓库 #I6FFRD:grub2-common软件包删除与grubby软件包重复的脚本文件/usr/sbin/installkernel grub2 #I5Z32F:【openEuler-1.0-LTS】bonding 支持MPLS特性 kernel #I6EXS8:例行分析dnf补丁，需要补丁回合 dnf #I6GDU3:backport-CVE-2022-48281.patch上下文匹配出错，需修改 libtiff openEuler-20.03-LTS-SP1版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1 https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1:Epol openEuler-20.03-LTS-SP1 Update版本发布源链接： https://repo.openeuler.org/openEuler-20.03-LTS-SP1/update/ https://repo.openeuler.org/openEuler-20.03-LTS-SP1/EPOL/update/ openEuler CVE 及安全公告公示链接： https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-20.03-LTS-SP1 Update版本待修复问题清单公示：任务ID 任务标题关联仓库 SIG I281C1 【fuzz】runtime error: libsass Base-service I437CR [SP1][arm/x86]obs-server包下11个服务启动关闭，出现报错 obs-server Others I43OSX [clamav] 执行clamscan --statistics pcre命令会出现error，但是最终返回码为0 clamav Others I48GIM 【20.03LTS SP1 update 210901】ovirt-cockpit-sso.service服务启动失败 ovirt-cockpit-sso oVirt I490MU Uncaught exception in get_tokens_unprocessed python-pygments Programming-language I4F8YQ integer overflow in start_input_bmp libjpeg-turbo Desktop I4F903 Unexpect-exit in start_input_tga libjpeg-turbo Desktop I4F913 Timeout in tjDecompress2 libjpeg-turbo Desktop I4G4A5 Undefine-shift in _bfd_safe_read_leb128 binutils Compiler I4G4B1 Integer overflow in print_vms_time binutils Compiler I4G4VY memleak in parse_gnu_debugaltlink binutils Compiler I4G4WF Heap-buffer-overflow in slurp_hppa_unwind_table binutils Compiler I4G4WW Use-after-free in make_qualified_name binutils Compiler I4G4X6 memleak in byte_get_little_endian binutils Compiler I4G4XF memleak in process_mips_specific binutils Compiler I4G4Y0 out-of-memory in vms_lib_read_index binutils Compiler I4G4YJ Heap-buffer-overflow in bfd_getl16 binutils Compiler I4G4YV Floating point exception in _bfd_vms_slurp_etir binutils Compiler I4J0OY 【20.03 SP1】【arm/x86】安装好libdap后，getdap4命令的-i和-k参数使用异常 libdap sig-recycle I4JMG4 【20.03 SP1】【arm/x86】robotframework包的三个命令：libdoc、rebot、robot执行--help/-h/-?/--version，查看帮助信息和版本信息，返回值为251 python-robotframework sig-ROS I4K6ES stack-buffer-overflow in UINT32_Marshal libtpms sig-security-facility I4K6FU global-buffer-overflow in Array_Marshal libtpms sig-security-facility I4K6R7 memleak in wrap_nettle_mpi_init gnutls sig-security-facility I4K6UI Timeout in _asn1_find_up gnutls sig-security-facility I4O16Z 【SP1_update/arm】安装kernel-4.19.90-2108版本有错误提示信息 kernel Kernel I4QV6N 【openEuler-20.03-LTS-SP1】flink命令执行失败 flink sig-bigdata I5IG1V 【20.03-SP1】【x86/arm】epol源下的efl、efl-devel软件包安装报错，gpg检查失败 efl sig-compat-winapp I5IG6K 【20.03-SP1】【x86/arm】epol源下的opencryptoki、opencryptoki-devel软件包安装报错，gpg检查失败 opencryptoki dev-utils I5JHX2 【20.03 SP1 update 20220727】ovirt-engine在update 20220727版本安装失败 ovirt-engine oVirt I6975Y 【arm】--enable-bootstrap构建gcc失败 gcc Compiler I6AA06 【20.03-LTS-SP1-update-0111】【arm/x86】执行sosreport -a报错“TypeError: 'NoneType' object is not iterable” sos Base-service I6AASB 【arm】【codedb】-O3 -fipa-struct-reorg=2编译AmberToolsICE: lto1: internal compiler error: rewrite failed for realloc gcc Compiler I6AZZU 【arm】【codedb】-O3 -fipa-struct-reorg=3运行bcftools应用Segmentation fault (core dumped) gcc Compiler I6CBNA 【20.03 sp1 udpate 0131 】netdata -W createdataset=10命令执行失败 netdata Base-service I6CKZE 【arm】【deja】使用22.03 LTS-SP1发布源gcc 出现编译ICE:during GIMPLE pass: reassoc:internal compiler error: Segmentation fault gcc Compiler I6DRDY 【x86】【spec2017】-O3 -fipa-struct-reorg=5编译子项失败 gcc Compiler I6DUTF [22.03sp1lts][arm/x86] obsredis.service服务启动失败 obs-server Others I6EUHB create_gcov在kernel6.1上执行报错 autofdo Compiler I6FQCO 【22.03-LTS-SP1】【x86/arm】opengauss缺少安装依赖lsof opengauss-server DB openEuler-20.03-LTS-SP3 Update 20230222 经各SIG及社区开发者贡献，本周openEuler-20.03-LTS-SP3修复版本已知问4个，已知漏洞23个。目前版本分支剩余待修复缺陷 13个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP3 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I6G5JP?from=project-i… CVE修复：需求类型软件包 status 优先级 CVE-2023-0286 shim 已完成 7.4 CVE-2022-46663 less 已完成 5.5 CVE-2023-0361 gnutls 已完成 5.9 CVE-2023-22490 git 已完成 5.5 CVE-2023-23946 git 已完成 6.2 CVE-2023-0795 libtiff 已完成 5.5 CVE-2023-0796 libtiff 已完成 5.5 CVE-2023-0797 libtiff 已完成 5.5 CVE-2023-0798 libtiff 已完成 5.5 CVE-2023-0799 libtiff 已完成 5.5 CVE-2023-0800 libtiff 已完成 5.5 CVE-2023-0801 libtiff 已完成 5.5 CVE-2023-0802 libtiff 已完成 5.5 CVE-2023-0803 libtiff 已完成 5.5 CVE-2023-0804 libtiff 已完成 5.5 CVE-2023-23916 curl 已完成 6.5 CVE-2023-22796 rubygem-activesupport 已完成 7.5 CVE-2022-3560 pesign 已完成 5.5 CVE-2023-25564 gssntlmssp 已完成 6.5 CVE-2023-25565 gssntlmssp 已完成 7.5 CVE-2023-25567 gssntlmssp 已完成 7.5 CVE-2020-10775 ovirt-engine 已完成 5.3 CVE-2023-0494 xorg-x11-server 已完成 7.8 Bugfix： issue 仓库 #I6FFRD:grub2-common软件包删除与grubby软件包重复的脚本文件/usr/sbin/installkernel grub2 #I5Z32F:【openEuler-1.0-LTS】bonding 支持MPLS特性 kernel #I6EXS8:例行分析dnf补丁，需要补丁回合 dnf #I6GDU3:backport-CVE-2022-48281.patch上下文匹配出错，需修改 libtiff openEuler-20.03-LTS-SP3版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3 https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3:Epol openEuler-20.03-LTS-SP3 Update版本发布源链接： https://repo.openeuler.org/openEuler-20.03-LTS-SP3/update/ https://repo.openeuler.org/openEuler-20.03-LTS-SP3/EPOL/update/main/ openEuler CVE 及安全公告公示链接： https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-20.03-LTS-SP3 Update版本待修复问题清单公示：任务ID 任务标题关联仓库 SIG I4QV7S 【openEuler-20.03-LTS-SP3】flink run 命令执行失败 flink sig-bigdata I4UMEV [openEuler 20.03-LTS SP3]openEuler开启crash_kexec_post_notifiers后，panic通知链无法完全遍历 kernel Kernel I5IGAS 【20.03-SP3】【x86/arm】epol源下的opencryptoki、opencryptoki-devel软件包安装报错，gpg检查失败 opencryptoki dev-utils I5IGOR 【20.03-SP3】【x86/arm】epol源下的fluidsynth、fluidsynth-devel、fluidsynth-help软件包安装报错，gpg检查失败 fluidsynth Application I5KXUY 【20.03 LTS SP3 update 20220803】【arm/x86】ovirt-cockpit-sso.service服务启动失败 ovirt-cockpit-sso oVirt I5KY4S 【20.03 LTS SP3 update 20220803】【arm/x86】vdsmd.service服务启动失败，导致mom-vdsm.service服务无法启动成功 vdsm oVirt I5LYJK 【20.03-sp3_update20220801】【x86】对内核版进行升级后，TCP_option_address安装异常 TCP_option_address Kernel I5XDXJ openeuler：20.03-sp3下lua-lunit0.5和lua5.3不匹配 mugen sig-QA I613DI 【20.03 SP3】当前最新版本的kernel、 oec-hardware、 openEuler-release三个包同时安装，虚拟机启动失败 openEuler-release Base-service I61LEV 【20.03 LTS SP3】【arm/x86】安装oscilloscope，然后执行oscilloscope -h报错 tuna Others I66BBJ [20.03-LTS-SP3]/etc/yum.repos.d/openEuler.repo源中默认没有update的source源 openEuler-repos Base-service I6CBL7 【20.03 sp3 udpate 0131 】netdata -W createdataset=10命令执行失败 netdata Base-service I6CTKO 【openEuler sp3】【arm】ltp执行用例memcg_stress失败 kernel Kernel openEuler-22.03-LTS Update 20230222 经各SIG及社区开发者贡献，本周openEuler-22.03-LTS修复版本已知问题3个，已知漏洞25个。目前版本分支剩余待修复缺陷9个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I6G5JQ?from=project-i… CVE修复： CVE 仓库 status score CVE-2023-0286 shim 已完成 7.4 CVE-2022-46663 less 已完成 5.5 CVE-2023-0361 gnutls 已完成 5.9 CVE-2023-22490 git 已完成 5.5 CVE-2023-23946 git 已完成 6.2 CVE-2022-24963 apr 已完成 9.8 CVE-2023-0795 libtiff 已完成 5.5 CVE-2023-0796 libtiff 已完成 5.5 CVE-2023-0797 libtiff 已完成 5.5 CVE-2023-0798 libtiff 已完成 5.5 CVE-2023-0799 libtiff 已完成 5.5 CVE-2023-0800 libtiff 已完成 5.5 CVE-2023-0801 libtiff 已完成 5.5 CVE-2023-0802 libtiff 已完成 5.5 CVE-2023-0803 libtiff 已完成 5.5 CVE-2023-0804 libtiff 已完成 5.5 CVE-2023-23914 curl 已完成 4.3 CVE-2023-23915 curl 已完成 4.3 CVE-2023-23916 curl 已完成 6.5 CVE-2022-3560 pesign 已完成 5.5 CVE-2023-25564 gssntlmssp 已完成 6.5 CVE-2023-25565 gssntlmssp 已完成 7.5 CVE-2023-25567 gssntlmssp 已完成 7.5 CVE-2020-10775 ovirt-engine 已完成 5.3 CVE-2023-0494 xorg-x11-server 已完成 7.8 Bugfix： issue 仓库 #I6D6JH:anaconda软件包补丁 anaconda #I6ELVA:例行分析dnf补丁，需要补丁回合 dnf #I6GDU3:backport-CVE-2022-48281.patch上下文匹配出错，需修改 libtiff openEuler-22.03-LTS版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:22.03:LTS https://build.openeuler.org/project/show/openEuler:22.03:LTS:Epol openEuler-22.03-LTS Update版本发布源链接： https://repo.openeuler.org/openEuler-22.03-LTS/update/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/main/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… openEuler-22.03-LTS Update版本待修复问题清单公示：任务ID 任务标题关联仓库 SIG I5JIA6 【22.03 LTS update 20220727】ovirt-engine在update 20220727版本安装失败 ovirt-engine oVirt I5JPII 【22.03_update20220727】【x86/arm】ovirt-engine源码包本地自编译失败，缺少编译依赖ovirt-jboss-modules-maven-plugin ovirt-engine oVirt I665SM resize2fs出现csum不一致 kernel Kernel I66BDE [22.03-LTS]/etc/yum.repos.d/openEuler.repo源中默认没有update的source源 openEuler-repos Base-service I66KIH 【22.03 LTS update 20221214】【arm/x86】openstack-ironic-inspector.service服务stop失败 openstack-ironic-inspector sig-openstack I677QX 【22.03-LTS】【x86/arm】安装opengauss-server时报未找不着lsof命令错误 opengauss-server DB I6AG88 【22.03-LTS】【arm/x86】nvwa第一次卸载时有异常报错信息 nvwa sig-ops I6AGEG 【22.03-LTS-SP1】【arm/x86】nvwa第一次卸载时有异常报错信息 nvwa sig-ops I6CBPQ 【22.03 lts udpate 0131 】netdata -W createdataset=10命令执行失败 netdata Base-service openEuler-22.03-LTS SP1 Update 20230222 经各SIG及社区开发者贡献，本周openEuler-22.03-LTS修复版本已知问题7个，已知漏洞33个。目前版本分支剩余待修复缺陷19个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS SP1 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I6G5JN?from=project-i… CVE修复： CVE 仓库 status score CVE-2023-0286 shim 已完成 7.4 CVE-2022-46663 less 已完成 5.5 CVE-2023-0361 gnutls 已完成 5.9 CVE-2023-22490 git 已完成 5.5 CVE-2023-23946 git 已完成 6.2 CVE-2022-24963 apr 已完成 9.8 CVE-2023-0795 libtiff 已完成 5.5 CVE-2023-0796 libtiff 已完成 5.5 CVE-2023-0797 libtiff 已完成 5.5 CVE-2023-0798 libtiff 已完成 5.5 CVE-2023-0799 libtiff 已完成 5.5 CVE-2023-0800 libtiff 已完成 5.5 CVE-2023-0801 libtiff 已完成 5.5 CVE-2023-0802 libtiff 已完成 5.5 CVE-2023-0803 libtiff 已完成 5.5 CVE-2023-0804 libtiff 已完成 5.5 CVE-2023-23914 curl 已完成 4.3 CVE-2023-23915 curl 已完成 4.3 CVE-2023-23916 curl 已完成 6.5 CVE-2022-3724 wireshark 已完成 7.5 CVE-2022-4344 wireshark 已完成 4.3 CVE-2022-4345 wireshark 已完成 6.5 CVE-2023-0411 wireshark 已完成 6.5 CVE-2023-0412 wireshark 已完成 6.5 CVE-2023-0413 wireshark 已完成 6.5 CVE-2023-0415 wireshark 已完成 6.5 CVE-2023-0416 wireshark 已完成 6.5 CVE-2023-0417 wireshark 已完成 6.5 CVE-2022-3560 pesign 已完成 5.5 CVE-2023-25564 gssntlmssp 已完成 6.5 CVE-2023-25565 gssntlmssp 已完成 7.5 CVE-2023-25567 gssntlmssp 已完成 7.5 CVE-2023-0494 xorg-x11-server 已完成 7.8 Bugfix： issue 仓库 #I6FF1I:clean code oncn-bwm #I6G8W9:例行回合社区补丁 efibootmgr #I6FF6H:glib2社区补丁回合 glib2 #I66VIG:默认启动项中增加cgroup_disable=files anaconda #I6ELVA:例行分析dnf补丁，需要补丁回合 dnf #I6G6XJ:删除新增的dbus-tools安装依赖，不必特地写明依赖 initscripts #I6GDU3:backport-CVE-2022-48281.patch上下文匹配出错，需修改 libtiff openEuler-22.03-LTS SP1版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:22.03:LTS https://build.openeuler.org/project/show/openEuler:22.03:LTS:Epol openEuler-22.03-LTS SP1 Update版本发布源链接： https://repo.openeuler.org/openEuler-22.03-LTS/update/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/main/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… openEuler-22.03-LTS SP1 Update版本待修复问题清单公示：任务ID 任务标题关联仓库 SIG I65688 【22.03_LTS_SP1_RC2】【x86/arm】biometric-authentication存在不安全的编译选项STRIP、RPATH biometric-authentication sig-UKUI I657VS 【22.03_LTS_SP1_RC2】【x86/arm】dde-api存在不安全的编译选项PIE、STRIP dde-api sig-DDE I657VT 【22.03_LTS_SP1_RC2】【x86/arm】dde-daemon存在不安全的编译选项STRIP dde-daemon sig-DDE I657VX 【22.03_LTS_SP1_RC2】【x86/arm】deepin-dbus-generator存在不安全的编译选项PIE、STRIP deepin-dbus-generator sig-DDE I657W0 【22.03_LTS_SP1_RC2】【x86/arm】deepin-editor存在不安全的编译选项STRIP deepin-editor sig-DDE I657W3 【22.03_LTS_SP1_RC2】【x86/arm】deepin-graphics-driver-manager存在不安全的编译选项STRIP deepin-graphics-driver-manager sig-DDE I657W7 【22.03_LTS_SP1_RC2】【x86/arm】deepin-system-monitor存在不安全的编译选项STRIP deepin-system-monitor sig-DDE I6583U 【22.03_LTS_SP1_RC2】【x86/arm】startdde存在不安全的编译选项PIE、STRIP startdde sig-DDE I6975Y 【arm】--enable-bootstrap构建gcc失败 gcc Compiler I6AASB 【arm】【codedb】-O3 -fipa-struct-reorg=2编译AmberToolsICE: lto1: internal compiler error: rewrite failed for realloc gcc Compiler I6AGEG 【22.03-LTS-SP1】【arm/x86】nvwa第一次卸载时有异常报错信息 nvwa sig-ops I6AZZU 【arm】【codedb】-O3 -fipa-struct-reorg=3运行bcftools应用Segmentation fault (core dumped) gcc Compiler I6CBPN 【22.03 lts sp1 udpate 0131 】netdata -W createdataset=10命令执行失败 netdata Base-service I6CKRQ 【22.03 SP1 update20230201】【arm/x86】ceph-selinux卸载过程中有异常打印信息 ceph sig-ceph I6CKZE 【arm】【deja】使用22.03 LTS-SP1发布源gcc 出现编译ICE:during GIMPLE pass: reassoc:internal compiler error: Segmentation fault gcc Compiler I6DRDY 【x86】【spec2017】-O3 -fipa-struct-reorg=5编译子项失败 gcc Compiler I6DUTF [22.03sp1lts][arm/x86] obsredis.service服务启动失败 obs-server Others I6EUHB create_gcov在kernel6.1上执行报错 autofdo Compiler I6FQCO 【22.03-LTS-SP1】【x86/arm】opengauss缺少安装依赖lsof opengauss-server DB 社区待修复漏洞： openEuler社区根据漏洞严重等级采取差异化的修复策略，请各个SIG 关注涉及CVE组件的修复情况。严重等级（Severity Rating）漏洞修复时长致命（Critical） 7天高（High） 14天中（Medium） 30天低（Low） 30天可参考社区安全委员会漏洞：https://gitee.com/openeuler/security-committee/wikis/%E7%A4%BE… 近14天将超期CVE: 漏洞编号 Issue ID 剩余天数 CVSS评分软件包责任SIG CVE-2023-25577 I6FDDR 2.89 7.5 python-werkzeug Programming-language CVE-2022-37705 I6BTSW 3.0 0.0 amanda Application CVE-2023-22332 I6BU4U 3.12 6.5 pgpool2 DB CVE-2022-1922 I5D235 3.45 7.1 gstreamer1-plugins-good Others CVE-2022-1921 I5D213 3.45 7.8 gstreamer1-plugins-good Others CVE-2022-2122 I5D1ZP 3.45 7.1 gstreamer1-plugins-good Others CVE-2022-1920 I5D1Y3 3.45 7.8 gstreamer1-plugins-good Others CVE-2022-1923 I5D24F 3.46 7.1 gstreamer1-plugins-good Others CVE-2022-1925 I5D2FN 3.47 7.1 gstreamer1-plugins-good Others CVE-2022-1924 I5D2EE 3.47 7.1 gstreamer1-plugins-good Others CVE-2023-0687 I6DBA9 3.51 9.8 glibc Computing CVE-2023-0568 I6FMFH 3.81 7.5 php Base-service CVE-2023-22605 I6C2FM 3.87 0.0 mingw-binutils sig-compat-winapp CVE-2023-22608 I6C2FI 3.87 0.0 mingw-binutils sig-compat-winapp CVE-2023-22609 I6C2FH 3.87 0.0 binutils Compiler CVE-2023-22607 I6C2FD 3.87 0.0 mingw-binutils sig-compat-winapp CVE-2023-22606 I6C2F9 3.87 0.0 mingw-binutils sig-compat-winapp CVE-2023-22603 I6C2F5 3.87 0.0 mingw-binutils sig-compat-winapp CVE-2023-22604 I6C2F2 3.87 0.0 mingw-binutils sig-compat-winapp CVE-2023-22605 I6C2EY 3.87 0.0 binutils Compiler CVE-2023-22608 I6C2EW 3.87 0.0 binutils Compiler CVE-2023-22609 I6C2ET 3.87 0.0 mingw-binutils sig-compat-winapp CVE-2023-22607 I6C2EO 3.87 0.0 binutils Compiler CVE-2023-22606 I6C2EN 3.87 0.0 binutils Compiler CVE-2023-22603 I6C2EM 3.87 0.0 binutils Compiler CVE-2023-22604 I6C2EJ 3.87 0.0 binutils Compiler CVE-2023-0590 I6C30L 3.95 0.0 risc-v-kernel sig-RISC-V CVE-2023-25173 I6FP5B 4.12 7.8 containerd sig-CloudNative CVE-2023-0482 I6C3N1 4.24 0.0 resteasy sig-Java CVE-2022-38266 I6C3NB 4.39 6.5 leptonica Base-service CVE-2023-0430 I6C6UA 4.62 0.0 thunderbird sig-desktop-apps CVE-2023-24807 I6FXT1 4.87 7.5 nodejs sig-nodejs CVE-2023-0615 I6CIGU 5.75 5.5 risc-v-kernel sig-RISC-V CVE-2023-0045 I6CU98 7.28 0.0 kernel Kernel CVE-2022-48337 I6GNJ9 8.75 7.8 emacs Desktop CVE-2022-48338 I6GNJ6 8.75 7.3 emacs Desktop CVE-2022-48339 I6GNIQ 8.75 7.3 emacs Desktop CVE-2022-4384 I6DBAC 10.45 6.5 stream CVE-2022-37704 I6DKBH 11.0 0.0 amanda Application CVE-2023-25725 I6F4NL 11.09 7.5 haproxy System-tool CVE-2023-25586 I6DKU7 11.27 0.0 mingw-binutils sig-compat-winapp CVE-2023-25586 I6DKU4 11.27 0.0 binutils Compiler CVE-2022-4304 I6DKV8 11.29 0.0 edk2 Virt CVE-2022-4203 I6DKUZ 11.29 0.0 compat-openssl11 CVE-2023-25585 I6DKUW 11.29 0.0 mingw-binutils sig-compat-winapp CVE-2023-25587 I6DKUV 11.29 0.0 mingw-binutils sig-compat-winapp CVE-2022-4203 I6DKUU 11.29 0.0 edk2 Virt CVE-2023-25585 I6DKUP 11.29 0.0 binutils Compiler CVE-2023-25587 I6DKUO 11.29 0.0 binutils Compiler CVE-2022-4304 I6DKUI 11.29 0.0 compat-openssl11 CVE-2023-20938 I6DKVG 11.41 0.0 kernel Kernel CVE-2023-25584 I6DSPJ 11.87 0.0 binutils Compiler CVE-2023-25588 I6DSPH 11.87 0.0 mingw-binutils sig-compat-winapp CVE-2023-25584 I6DSPB 11.87 0.0 mingw-binutils sig-compat-winapp CVE-2023-25588 I6DSP8 11.87 0.0 binutils Compiler CVE-2023-21866 I6DZ7K 12.72 4.9 mysql Others CVE-2023-21874 I6DZ7A 12.72 2.7 mysql Others CVE-2023-21868 I6DZ76 12.72 6.5 mysql Others CVE-2023-21863 I6DZ6V 12.72 4.9 mysql Others CVE-2023-21869 I6DZ6M 12.72 5.5 mysql Others CVE-2023-21836 I6DZ9K 12.73 4.9 mysql Others CVE-2023-21871 I6DZ99 12.73 4.9 mysql Others CVE-2023-21865 I6DZ8X 12.73 4.9 mysql Others CVE-2023-21872 I6DZ8C 12.73 5.5 mysql Others CVE-2023-21867 I6DZ84 12.73 4.9 mysql Others CVE-2023-21873 I6DZ7Z 12.73 4.9 mysql Others CVE-2023-21864 I6DZ7V 12.73 4.9 mysql Others CVE-2023-21870 I6DZ7O 12.73 4.9 mysql Others CVE-2023-25166 I6E2G8 12.87 6.5 python-odo sig-python-modules CVE-2022-41862 I6E3MO 13.12 0.0 postgresql DB openEuler 社区指导文档及开放平台链接： openEuler 版本分支维护规范： https://gitee.com/openeuler/release-management/blob/master/openEuler%E7%89%… openEuler release-management 版本分支PR指导： https://gitee.com/openeuler/release-management/blob/master/openEuler%E5%BC%… 社区QA 版本测试提单规范 https://gitee.com/openeuler/QA/blob/839f952696f271f83c018ccf3218cf493b92d65… 社区QA 测试平台 radiates https://radiatest.openeuler.org<https://radiatest.openeuler.org/> 沐钰莹（openEuler release SIG） Mobile: +86 15651995918 中国(China)-杭州(Hangzhou)-滨江区江淑路360号华为杭州研发中心 HUAWEI , Jiangshu Road., Binjiang District, Hangzhou, P.R.China E-mail: muyuying1(a)huawei.com<mailto:muyuying1@huawei.com> [cid:image004.png@01D94A2D.4ADECF00]Open Source OS for Digital Infrastructure 本邮件及其附件含有华为公司的保密信息，仅限于发送给上面地址中列出的个人或群组。禁止任何其他人以任何形式使用（包括但不限于全部或部分地泄露、复制、或散发）本邮件中的信息。如果您错收了本邮件，请您立即电话或邮件通知发件人并删除本邮件！ This e-mail and its attachments contain confidential information from HUAWEI, which is intended only for the person or entity whose address is listed above. Any use of the information contained herein in any way (including, but not limited to, total or partial disclosure, reproduction, or dissemination) by persons other than the intended recipient(s) is prohibited. If you receive this e-mail in error, please notify the sender by phone or email immediately and delete it

1 0

openEuler update_20230215版本发布公告
by muyuying 18 Feb '23

18 Feb '23

Dear all，经社区Release SIG、QA SIG及 CICD SIG 评估，openEuler-20.03-LTS-SP1、openEuler-20.03-LTS-SP3及openEuler-22.03-LTS update版本满足版本出口质量，现进行发布公示。本公示分为五部分： 1、openEuler-20.03-LTS-SP1 Update 20230215发布情况及待修复缺陷 2、openEuler-20.03-LTS-SP3 Update 20230215发布情况及待修复缺陷 3、openEuler-22.03-LTS Update 20230215发布情况及待修复缺陷 4、openEuler 关键组件待修复CVE 清单 5、openEuler 社区指导文档及开放平台链接本次update版本发布后，下一个版本里程碑点（预计在2023/02/26）提供 update_ 20230222 版本。 openEuler-20.03-LTS-SP1 Update 20230215 经各SIG及社区开发者贡献，本周openEuler-20.03-LTS-SP1修复版本已知问题4个，已知漏洞16个。目前版本分支剩余待修复缺陷46个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP1 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I6EJNU?from=project-i… CVE 仓库 score CVE-2022-25147 apr-util 9.8 CVE-2022-24963 apr 9.8 CVE-2022-48303 tar 7.8 CVE-2023-25193 harfbuzz 7.5 CVE-2023-23969 python-django 7.5 CVE-2023-0286 openssl 7.4 CVE-2022-4904 c-ares 6.9 CVE-2023-0215 openssl 5.9 CVE-2022-4450 openssl 5.9 CVE-2022-4304 openssl 5.9 CVE-2023-0615 kernel 5.5 CVE-2023-22799 rubygem-globalid 5.3 CVE-2020-10775 ovirt-engine 5.3 CVE-2022-3707 kernel 5.1 CVE-2023-23931 python-cryptography 4.8 CVE-2023-0045 kernel 1 CVE修复： Bugfix： issue 仓库 #I5CM8U:apache-commons-io包中的Ignore-some-test-because-bep.patch文件为空，但是spec文件中 apache-commons-io #I637N1:varnishd -?命令执行报错 varnish #I5GT2K:【20.03-SP1、20.03-SP3】【arm/x86】pcp-system-tools包下的pcp-mpstat命令执行报错 pcp #I6DZIB:【openEuler-1.0-LTS】block, bfq: switch 'bfqg->ref' to use atomic refcount apis kernel openEuler-20.03-LTS-SP1版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1 https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1:Epol openEuler-20.03-LTS-SP1 Update版本发布源链接： https://repo.openeuler.org/openEuler-20.03-LTS-SP1/update/ https://repo.openeuler.org/openEuler-20.03-LTS-SP1/EPOL/update/ openEuler CVE 及安全公告公示链接： https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-20.03-LTS-SP1 Update版本待修复问题清单公示：任务标题关联仓库 SIG 【fuzz】runtime error: libsass Base-service [SP1][arm/x86]obs-server包下11个服务启动关闭，出现报错 obs-server Others [clamav] 执行clamscan --statistics pcre命令会出现error，但是最终返回码为0 clamav Others 【20.03LTS SP1 update 210901】ovirt-cockpit-sso.service服务启动失败 ovirt-cockpit-sso oVirt Uncaught exception in get_tokens_unprocessed python-pygments Programming-language integer overflow in start_input_bmp libjpeg-turbo Desktop Unexpect-exit in start_input_tga libjpeg-turbo Desktop Timeout in tjDecompress2 libjpeg-turbo Desktop Undefine-shift in _bfd_safe_read_leb128 binutils Compiler Integer overflow in print_vms_time binutils Compiler memleak in parse_gnu_debugaltlink binutils Compiler Heap-buffer-overflow in slurp_hppa_unwind_table binutils Compiler Use-after-free in make_qualified_name binutils Compiler memleak in byte_get_little_endian binutils Compiler memleak in process_mips_specific binutils Compiler out-of-memory in vms_lib_read_index binutils Compiler Heap-buffer-overflow in bfd_getl16 binutils Compiler Floating point exception in _bfd_vms_slurp_etir binutils Compiler 【20.03 SP1】【arm/x86】安装好libdap后，getdap4命令的-i和-k参数使用异常 libdap sig-recycle 【20.03 SP1】【arm/x86】robotframework包的三个命令：libdoc、rebot、robot执行--help/-h/-?/--version，查看帮助信息和版本信息，返回值为251 python-robotframework sig-ROS stack-buffer-overflow in UINT32_Marshal libtpms sig-security-facility global-buffer-overflow in Array_Marshal libtpms sig-security-facility memleak in wrap_nettle_mpi_init gnutls sig-security-facility Timeout in _asn1_find_up gnutls sig-security-facility integer overflow in luaV_execute lua Base-service integer overflow in intarith lua Base-service Division by zero in luaV_execute lua Base-service Timeout in luaV_finishget lua Base-service 【SP1_update/arm】安装kernel-4.19.90-2108版本有错误提示信息 kernel Kernel 【openEuler-20.03-LTS-SP1】flink命令执行失败 flink sig-bigdata 【20.03-SP1】【x86/arm】epol源下的efl、efl-devel软件包安装报错，gpg检查失败 efl sig-compat-winapp 【20.03-SP1】【x86/arm】epol源下的opencryptoki、opencryptoki-devel软件包安装报错，gpg检查失败 opencryptoki dev-utils 【20.03 SP1 update 20220727】ovirt-engine在update 20220727版本安装失败 ovirt-engine oVirt 【22.03 LTS-SP1】【arm】【fuzz】编译ICE:internal compiler error: in tree_to_uhwi, at tree.c:7395 pin-gcc-client #N/A 【arm】--enable-bootstrap构建gcc失败 gcc Compiler 【22.03 LTS-SP1】【arm】gcc12编译mysql 8.0.20报错 gcc-12 #N/A 【20.03-LTS-SP1-update-0111】【arm/x86】执行sosreport -a报错“TypeError: 'NoneType' object is not iterable” sos Base-service 【arm】【codedb】-O3 -fipa-struct-reorg=2编译AmberToolsICE: lto1: internal compiler error: rewrite failed for realloc gcc Compiler 【arm】【codedb】-O3 -fipa-struct-reorg=3运行bcftools应用Segmentation fault (core dumped) gcc Compiler 【20.03 sp1 udpate 0131 】netdata -W createdataset=10命令执行失败 netdata Base-service 【arm】【deja】使用22.03 LTS-SP1发布源gcc 出现编译ICE:during GIMPLE pass: reassoc:internal compiler error: Segmentation fault gcc Compiler [22.03SP1lts][arm/x86] gala-gopher服务启动后，日志存在报错：ldapdb_canonuser_plug_init() failed in sasl_canonuser_add_plugin(): invalid paramer gala-gopher #N/A 【x86】【spec2017】-O3 -fipa-struct-reorg=5编译子项失败 gcc Compiler [22.03sp1lts][arm/x86] obsredis.service服务启动失败 obs-server Others yum安装pin-server-demo后安装pin-gcc-client显示libMLIRPlugin.so.12冲突 pin-gcc-client #N/A create_gcov在kernel6.1上执行报错 autofdo Compiler openEuler-20.03-LTS-SP3 Update 20230215 经各SIG及社区开发者贡献，本周openEuler-20.03-LTS-SP3修复版本已知问4个，已知漏洞17个。目前版本分支剩余待修复缺陷 13个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP3 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I6EJNV?from=project-i… CVE修复：需求类型软件包优先级 CVE-2022-25147 apr-util 9.8 CVE-2022-24963 apr 9.8 CVE-2022-48303 tar 7.8 CVE-2023-25193 harfbuzz 7.5 CVE-2023-23969 python-django 7.5 CVE-2023-0286 openssl 7.4 CVE-2022-4904 c-ares 6.9 CVE-2022-4304 openssl 5.9 CVE-2022-4450 openssl 5.9 CVE-2023-0215 openssl 5.9 CVE-2023-0615 kernel 5.5 CVE-2022-41717 golang 5.3 CVE-2023-22799 rubygem-globalid 5.3 CVE-2020-10775 ovirt-engine 5.3 CVE-2022-3707 kernel 5.1 CVE-2023-23931 python-cryptography 4.8 CVE-2023-0045 kernel 1 Bugfix： issue 仓库 #I5CM8U:apache-commons-io包中的Ignore-some-test-because-bep.patch文件为空，但是spec文件中 apache-commons-io #I637OK:varnishd -? 命令执行报错 varnish #I5GT2K:【20.03-SP1、20.03-SP3】【arm/x86】pcp-system-tools包下的pcp-mpstat命令执行报错 pcp #I6DZIB:【openEuler-1.0-LTS】block, bfq: switch 'bfqg->ref' to use atomic refcount apis kernel openEuler-20.03-LTS-SP3版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3 https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3:Epol openEuler-20.03-LTS-SP3 Update版本发布源链接： https://repo.openeuler.org/openEuler-20.03-LTS-SP3/update/ https://repo.openeuler.org/openEuler-20.03-LTS-SP3/EPOL/update/main/ openEuler CVE 及安全公告公示链接： https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-20.03-LTS-SP3 Update版本待修复问题清单公示：任务ID 任务标题关联仓库 SIG I4QV7S 【openEuler-20.03-LTS-SP3】flink run 命令执行失败 flink sig-bigdata I4UMEV [openEuler 20.03-LTS SP3]openEuler开启crash_kexec_post_notifiers后，panic通知链无法完全遍历 kernel Kernel I5IGAS 【20.03-SP3】【x86/arm】epol源下的opencryptoki、opencryptoki-devel软件包安装报错，gpg检查失败 opencryptoki dev-utils I5IGOR 【20.03-SP3】【x86/arm】epol源下的fluidsynth、fluidsynth-devel、fluidsynth-help软件包安装报错，gpg检查失败 fluidsynth Application I5KXUY 【20.03 LTS SP3 update 20220803】【arm/x86】ovirt-cockpit-sso.service服务启动失败 ovirt-cockpit-sso oVirt I5KY4S 【20.03 LTS SP3 update 20220803】【arm/x86】vdsmd.service服务启动失败，导致mom-vdsm.service服务无法启动成功 vdsm oVirt I5LYJK 【20.03-sp3_update20220801】【x86】对内核版进行升级后，TCP_option_address安装异常 TCP_option_address Kernel I5XDXJ openeuler：20.03-sp3下lua-lunit0.5和lua5.3不匹配 mugen sig-QA I613DI 【20.03 SP3】当前最新版本的kernel、 oec-hardware、 openEuler-release三个包同时安装，虚拟机启动失败 openEuler-release Base-service I61LEV 【20.03 LTS SP3】【arm/x86】安装oscilloscope，然后执行oscilloscope -h报错 tuna Others I66BBJ [20.03-LTS-SP3]/etc/yum.repos.d/openEuler.repo源中默认没有update的source源 openEuler-repos Base-service I6CBL7 【20.03 sp3 udpate 0131 】netdata -W createdataset=10命令执行失败 netdata Base-service I6CTKO 【openEuler sp3】【arm】ltp执行用例memcg_stress失败 kernel Kernel openEuler-22.03-LTS Update 20230215 经各SIG及社区开发者贡献，本周openEuler-22.03-LTS修复版本已知问题3个，已知漏洞24个。目前版本分支剩余待修复缺陷13个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I6EJNW?from=project-i… CVE修复： CVE 仓库 score CVE-2022-25147 apr-util 9.8 CVE-2022-48303 tar 7.8 CVE-2023-25193 harfbuzz 7.5 CVE-2022-3724 wireshark 7.5 CVE-2023-23969 python-django 7.5 CVE-2023-0286 openssl 7.4 CVE-2023-0590 kernel 7 CVE-2022-4904 c-ares 6.9 CVE-2022-4345 wireshark 6.5 CVE-2023-0411 wireshark 6.5 CVE-2023-0412 wireshark 6.5 CVE-2023-0413 wireshark 6.5 CVE-2023-0415 wireshark 6.5 CVE-2023-0416 wireshark 6.5 CVE-2023-0417 wireshark 6.5 CVE-2022-4304 openssl 5.9 CVE-2022-4450 openssl 5.9 CVE-2023-0215 openssl 5.9 CVE-2023-0394 kernel 5.5 CVE-2023-22799 rubygem-globalid 5.3 CVE-2020-10775 ovirt-engine 5.3 CVE-2022-3707 kernel 5.1 CVE-2023-23931 python-cryptography 4.8 CVE-2022-4344 wireshark 4.3 Bugfix： issue 仓库 #I5CM8U:apache-commons-io包中的Ignore-some-test-because-bep.patch文件为空，但是spec文件中 apache-commons-io #I6DAK8:glibc新增对外符号pthread_cond_clockwait@GLIBC_2.28 glibc #I5GSXG:【22.03-LTS、22.03-SP1】【arm/x86】pcp-system-tools包下的pcp-mpstat命令执行报错 pcp openEuler-22.03-LTS版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:22.03:LTS https://build.openeuler.org/project/show/openEuler:22.03:LTS:Epol openEuler-22.03-LTS Update版本发布源链接： https://repo.openeuler.org/openEuler-22.03-LTS/update/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/main/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… openEuler-22.03-LTS Update版本待修复问题清单公示：任务ID 任务标题关联仓库 SIG I5G9CY 升级iinstall-scripts包会导致系统启动异常 install-scripts sig-OS-Builder I5JIA6 【22.03 LTS update 20220727】ovirt-engine在update 20220727版本安装失败 ovirt-engine oVirt I5JPII 【22.03_update20220727】【x86/arm】ovirt-engine源码包本地自编译失败，缺少编译依赖ovirt-jboss-modules-maven-plugin ovirt-engine oVirt I5Q4S3 [22.03-LTS]x86虚拟机卸载qxl模块，机器自动重启 openEuler/kernel #N/A I5QKGT 【22.03LTS_update0907】【arm/x86】kmod-drbd90软件包安装之后文件有缺失 kmod-drbd90 sig-Ha I64919 【22.03_LTS_update1130】【arm/x86】xorg-x11-server-Xwayland因缺少依赖导致无法安装 xorg-x11-server-xwayland Desktop I665SM resize2fs出现csum不一致 kernel Kernel I66BDE [22.03-LTS]/etc/yum.repos.d/openEuler.repo源中默认没有update的source源 openEuler-repos Base-service I66KIH 【22.03 LTS update 20221214】【arm/x86】openstack-ironic-inspector.service服务stop失败 openstack-ironic-inspector sig-openstack I6AG88 【22.03-LTS】【arm/x86】nvwa第一次卸载时有异常报错信息 nvwa sig-ops I6AGEG 【22.03-LTS-SP1】【arm/x86】nvwa第一次卸载时有异常报错信息 nvwa sig-ops I6CBPQ 【22.03 lts udpate 0131 】netdata -W createdataset=10命令执行失败 netdata Base-service I6CN7B 【22.03 LTS update20230201】【arm/x86】cephadm卸载过程中有异常打印信息 ceph sig-ceph openEuler-22.03-LTS SP1 Update 20230215 经各SIG及社区开发者贡献，本周openEuler-22.03-LTS修复版本已知问题5个，已知漏洞14个。目前版本分支剩余待修复缺陷26个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS SP1 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I6EJNT?from=project-i… CVE修复： CVE 仓库 score CVE-2022-48303 tar 7.8 CVE-2023-23931 python-cryptography 4.8 CVE-2022-4304 openssl 5.9 CVE-2022-4450 openssl 5.9 CVE-2023-0215 openssl 5.9 CVE-2023-0286 openssl 7.4 CVE-2022-25147 apr-util 9.8 CVE-2023-25193 harfbuzz 7.5 CVE-2022-4904 c-ares 6.9 CVE-2023-22799 rubygem-globalid 5.3 CVE-2023-23969 python-django 7.5 CVE-2022-3707 kernel 5.1 CVE-2023-0394 kernel 5.5 CVE-2023-0590 kernel 7 Bugfix： issue 仓库 #I6DQPW:优化iproute版本号 iproute #I5D9O9:Upgrade to latest release [initscripts: 10.12 -> 10.17] initscripts #I6DAK8:glibc新增对外符号pthread_cond_clockwait@GLIBC_2.28 glibc #I5GSXG:【22.03-LTS、22.03-SP1】【arm/x86】pcp-system-tools包下的pcp-mpstat命令执行报错 pcp #I6FA2S:update_20230215-openEuler 22.03-LTS-SP1版本申请新增jieba jieba openEuler-22.03-LTS SP1版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:22.03:LTS https://build.openeuler.org/project/show/openEuler:22.03:LTS:Epol openEuler-22.03-LTS SP1 Update版本发布源链接： https://repo.openeuler.org/openEuler-22.03-LTS/update/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/main/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… openEuler-22.03-LTS SP1 Update版本待修复问题清单公示：任务ID 任务标题关联仓库 SIG I6566R 【22.03_LTS_SP1_RC2】【x86/arm】k3s存在不安全的编译选项PIE k3s #N/A I65688 【22.03_LTS_SP1_RC2】【x86/arm】biometric-authentication存在不安全的编译选项STRIP、RPATH biometric-authentication sig-UKUI I657VS 【22.03_LTS_SP1_RC2】【x86/arm】dde-api存在不安全的编译选项PIE、STRIP dde-api sig-DDE I657VT 【22.03_LTS_SP1_RC2】【x86/arm】dde-daemon存在不安全的编译选项STRIP dde-daemon sig-DDE I657VX 【22.03_LTS_SP1_RC2】【x86/arm】deepin-dbus-generator存在不安全的编译选项PIE、STRIP deepin-dbus-generator sig-DDE I657W0 【22.03_LTS_SP1_RC2】【x86/arm】deepin-editor存在不安全的编译选项STRIP deepin-editor sig-DDE I657W3 【22.03_LTS_SP1_RC2】【x86/arm】deepin-graphics-driver-manager存在不安全的编译选项STRIP deepin-graphics-driver-manager sig-DDE I657W7 【22.03_LTS_SP1_RC2】【x86/arm】deepin-system-monitor存在不安全的编译选项STRIP deepin-system-monitor sig-DDE I657WZ 【22.03_LTS_SP1_RC2】【x86/arm】hikptool存在不安全的编译选项PIE、RPATH、STRIP hikptool #N/A I6583U 【22.03_LTS_SP1_RC2】【x86/arm】startdde存在不安全的编译选项PIE、STRIP startdde sig-DDE I67RNK 【22.03 LTS-SP1】【arm】【fuzz】编译ICE:internal compiler error: in tree_to_uhwi, at tree.c:7395 pin-gcc-client #N/A I683UO 【22.03 LTS-SP1】【arm】【codedb】编译ICE:internal compiler error:Aborted pin-gcc-client #N/A I6975Y 【arm】--enable-bootstrap构建gcc失败 gcc Compiler I69WOV 【22.03 LTS-SP1】【arm】gcc12编译mysql 8.0.20报错 gcc-12 #N/A I6AASB 【arm】【codedb】-O3 -fipa-struct-reorg=2编译AmberToolsICE: lto1: internal compiler error: rewrite failed for realloc gcc Compiler I6AGEG 【22.03-LTS-SP1】【arm/x86】nvwa第一次卸载时有异常报错信息 nvwa sig-ops I6AZZU 【arm】【codedb】-O3 -fipa-struct-reorg=3运行bcftools应用Segmentation fault (core dumped) gcc Compiler I6CBPN 【22.03 lts sp1 udpate 0131 】netdata -W createdataset=10命令执行失败 netdata Base-service I6CKRQ 【22.03 SP1 update20230201】【arm/x86】ceph-selinux卸载过程中有异常打印信息 ceph sig-ceph I6CKZE 【arm】【deja】使用22.03 LTS-SP1发布源gcc 出现编译ICE:during GIMPLE pass: reassoc:internal compiler error: Segmentation fault gcc Compiler I6CN3V 【22.03 SP1 update20230201】【arm/x86】cephadm卸载过程中有异常打印信息 ceph sig-ceph I6CPVR [22.03SP1lts][arm/x86] gala-gopher服务启动后，日志存在报错：ldapdb_canonuser_plug_init() failed in sasl_canonuser_add_plugin(): invalid paramer gala-gopher #N/A I6DRDY 【x86】【spec2017】-O3 -fipa-struct-reorg=5编译子项失败 gcc Compiler I6DUTF [22.03sp1lts][arm/x86] obsredis.service服务启动失败 obs-server Others I6E8LE yum安装pin-server-demo后安装pin-gcc-client显示libMLIRPlugin.so.12冲突 pin-gcc-client #N/A I6EUHB create_gcov在kernel6.1上执行报错 autofdo Compiler 社区待修复漏洞： openEuler社区根据漏洞严重等级采取差异化的修复策略，请各个SIG 关注涉及CVE组件的修复情况。严重等级（Severity Rating）漏洞修复时长致命（Critical） 7天高（High） 14天中（Medium） 30天低（Low） 30天可参考社区安全委员会漏洞：https://gitee.com/openeuler/security-committee/wikis/%E7%A4%BE… 近14天将超期CVE: 漏洞编号 Issue ID 剩余天数 CVSS评分软件包责任SIG CVE-2023-0397 I6B4B3 0.6 6.5 zephyr CVE-2023-0396 I6B579 1.52 6.8 zephyr CVE-2023-0240 I6BTWC 2.91 7.8 kernel Kernel CVE-2023-0494 I6DHAD 3.2 7.8 xorg-x11-server Desktop CVE-2023-0286 I6DKU5 3.71 7.4 shim Base-service CVE-2021-37501 I6DM5L 3.96 7.5 hdf5 Runtime CVE-2023-0341 I6DPL7 4.17 7.8 editorconfig CVE-2022-46663 I6DQ53 4.19 7.5 nodejs-less sig-nodejs CVE-2023-22796 I6B6XB 5.31 0.0 rubygem-activesupport sig-ruby CVE-2023-22797 I6B6X9 5.31 0.0 rubygem-actionpack sig-ruby CVE-2022-47951 I6B751 5.56 5.7 openstack-cinder sig-openstack CVE-2023-0468 I6B7IH 6.32 4.7 risc-v-kernel sig-RISC-V CVE-2023-0469 I6B7VG 7.1 5.5 risc-v-kernel sig-RISC-V CVE-2023-25565 I6F4NQ 10.58 7.5 gssntlmssp dev-utils CVE-2023-25566 I6F4NO 10.58 7.5 gssntlmssp dev-utils CVE-2023-25567 I6F4NM 10.58 7.5 gssntlmssp dev-utils CVE-2022-40152 I6F9G7 11.15 7.5 jackson-dataformat-xml sig-Java CVE-2022-37705 I6BTSW 11.44 0.0 amanda Application CVE-2023-22332 I6BU4U 11.56 6.5 pgpool2 DB CVE-2023-0568 I6FMFH 12.25 7.5 php Base-service CVE-2023-22607 I6C2FD 12.31 0.0 mingw-binutils sig-compat-winapp CVE-2023-22606 I6C2F9 12.31 0.0 mingw-binutils sig-compat-winapp CVE-2023-22603 I6C2F5 12.31 0.0 mingw-binutils sig-compat-winapp CVE-2023-22604 I6C2F2 12.31 0.0 mingw-binutils sig-compat-winapp CVE-2023-22605 I6C2EY 12.31 0.0 binutils Compiler CVE-2023-22608 I6C2EW 12.31 0.0 binutils Compiler CVE-2023-22609 I6C2ET 12.31 0.0 mingw-binutils sig-compat-winapp CVE-2023-22607 I6C2EO 12.31 0.0 binutils Compiler CVE-2023-22606 I6C2EN 12.31 0.0 binutils Compiler CVE-2023-22603 I6C2EM 12.31 0.0 binutils Compiler CVE-2023-22604 I6C2EJ 12.31 0.0 binutils Compiler CVE-2023-22605 I6C2FM 12.32 0.0 mingw-binutils sig-compat-winapp CVE-2023-22608 I6C2FI 12.32 0.0 mingw-binutils sig-compat-winapp CVE-2023-22609 I6C2FH 12.32 0.0 binutils Compiler CVE-2023-0590 I6C30L 12.39 0.0 risc-v-kernel sig-RISC-V CVE-2023-0482 I6C3N1 12.69 0.0 resteasy sig-Java CVE-2022-38266 I6C3NB 12.83 6.5 leptonica Base-service CVE-2023-0597 I6C6UC 13.06 5.5 kernel Kernel CVE-2023-0430 I6C6UA 13.06 0.0 thunderbird sig-desktop-apps openEuler 社区指导文档及开放平台链接： openEuler 版本分支维护规范： https://gitee.com/openeuler/release-management/blob/master/openEuler%E7%89%… openEuler release-management 版本分支PR指导： https://gitee.com/openeuler/release-management/blob/master/openEuler%E5%BC%… 社区QA 版本测试提单规范 https://gitee.com/openeuler/QA/blob/839f952696f271f83c018ccf3218cf493b92d65… 社区QA 测试平台 radiates https://radiatest.openeuler.org<https://radiatest.openeuler.org/> 沐钰莹（openEuler release SIG） Mobile: +86 15651995918 中国(China)-杭州(Hangzhou)-滨江区江淑路360号华为杭州研发中心 HUAWEI , Jiangshu Road., Binjiang District, Hangzhou, P.R.China E-mail: muyuying1(a)huawei.com<mailto:muyuying1@huawei.com> [cid:image004.png@01D9438B.2FBED150]Open Source OS for Digital Infrastructure 本邮件及其附件含有华为公司的保密信息，仅限于发送给上面地址中列出的个人或群组。禁止任何其他人以任何形式使用（包括但不限于全部或部分地泄露、复制、或散发）本邮件中的信息。如果您错收了本邮件，请您立即电话或邮件通知发件人并删除本邮件！ This e-mail and its attachments contain confidential information from HUAWEI, which is intended only for the person or entity whose address is listed above. Any use of the information contained herein in any way (including, but not limited to, total or partial disclosure, reproduction, or dissemination) by persons other than the intended recipient(s) is prohibited. If you receive this e-mail in error, please notify the sender by phone or email immediately and delete it

1 0

openEuler update_20230208版本发布公告
by muyuying 14 Feb '23

14 Feb '23

Dear all，经社区Release SIG、QA SIG及 CICD SIG 评估，openEuler-20.03-LTS-SP1、openEuler-20.03-LTS-SP3及openEuler-22.03-LTS update版本满足版本出口质量，现进行发布公示。本公示分为五部分： 1、openEuler-20.03-LTS-SP1 Update 20230201发布情况及待修复缺陷 2、openEuler-20.03-LTS-SP3 Update 20230201发布情况及待修复缺陷 3、openEuler-22.03-LTS Update 20230201发布情况及待修复缺陷 4、openEuler 关键组件待修复CVE 清单 5、openEuler 社区指导文档及开放平台链接本次update版本发布后，下一个版本里程碑点（预计在2023/02/18）提供 update_20230217 版本。 openEuler-20.03-LTS-SP1 Update 20230208 经各SIG及社区开发者贡献，本周openEuler-20.03-LTS-SP1修复版本已知问题3个，已知漏洞12个。目前版本分支剩余待修复缺陷39个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP1 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I6BKWV?from=project-i… CVE 仓库 score CVE-2023-22745 tpm2-tss 6.4 CVE-2023-0433 vim 7.8 CVE-2022-41717 golang 5.3 CVE-2022-4883 libXpm 8.1 CVE-2022-46285 libXpm 7.5 CVE-2022-44617 libXpm 7.5 CVE-2023-22497 netdata 9.1 CVE-2023-22496 netdata 9.8 CVE-2023-23455 kernel 5.5 CVE-2023-23454 kernel 5.5 CVE-2023-0394 kernel 5.5 CVE-2020-10775 ovirt-engine 5.3 CVE修复： Bugfix： issue 仓库 #I6CR2R:openEuler 20.03 SP3 上安装完spdk后，缺少setup.sh文件，无法切换到用户态。 spdk #I6CE9I:【openEuler 1.0-LTS】回合主线trace特性相关的bugfix补丁 kernel #I6DQPW:优化iproute版本号 iproute openEuler-20.03-LTS-SP1版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1 https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1:Epol openEuler-20.03-LTS-SP1 Update版本发布源链接： https://repo.openeuler.org/openEuler-20.03-LTS-SP1/update/ https://repo.openeuler.org/openEuler-20.03-LTS-SP1/EPOL/update/ openEuler CVE 及安全公告公示链接： https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-20.03-LTS-SP1 Update版本待修复问题清单公示：任务ID 任务标题关联仓库 SIG I281C1 【fuzz】runtime error: libsass Base-service I437CR [SP1][arm/x86]obs-server包下11个服务启动关闭，出现报错 obs-server Others I43OSX [clamav] 执行clamscan --statistics pcre命令会出现error，但是最终返回码为0 clamav Others I48GIM 【20.03LTS SP1 update 210901】ovirt-cockpit-sso.service服务启动失败 ovirt-cockpit-sso oVirt I490MU Uncaught exception in get_tokens_unprocessed python-pygments Programming-language I4F8YQ integer overflow in start_input_bmp libjpeg-turbo Desktop I4F8ZI heap-buffer-overflow in get_word_rgb_row libjpeg-turbo Desktop I4F903 Unexpect-exit in start_input_tga libjpeg-turbo Desktop I4F913 Timeout in tjDecompress2 libjpeg-turbo Desktop I4G4A5 Undefine-shift in _bfd_safe_read_leb128 binutils Compiler I4G4B1 Integer overflow in print_vms_time binutils Compiler I4G4VY memleak in parse_gnu_debugaltlink binutils Compiler I4G4WF Heap-buffer-overflow in slurp_hppa_unwind_table binutils Compiler I4G4WW Use-after-free in make_qualified_name binutils Compiler I4G4X6 memleak in byte_get_little_endian binutils Compiler I4G4XF memleak in process_mips_specific binutils Compiler I4G4Y0 out-of-memory in vms_lib_read_index binutils Compiler I4G4YJ Heap-buffer-overflow in bfd_getl16 binutils Compiler I4G4YV Floating point exception in _bfd_vms_slurp_etir binutils Compiler I4J0OY 【20.03 SP1】【arm/x86】安装好libdap后，getdap4命令的-i和-k参数使用异常 libdap sig-recycle I4JMG4 【20.03 SP1】【arm/x86】robotframework包的三个命令：libdoc、rebot、robot执行--help/-h/-?/--version，查看帮助信息和版本信息，返回值为251 python-robotframework sig-ROS I4K6ES stack-buffer-overflow in UINT32_Marshal libtpms sig-security-facility I4K6FU global-buffer-overflow in Array_Marshal libtpms sig-security-facility I4K6R7 memleak in wrap_nettle_mpi_init gnutls sig-security-facility I4K6UI Timeout in _asn1_find_up gnutls sig-security-facility I4KT2A integer overflow in luaV_execute lua Base-service I4KT3D integer overflow in intarith lua Base-service I4KT3Q Division by zero in luaV_execute lua Base-service I4KT40 Timeout in luaV_finishget lua Base-service I4O16Z 【SP1_update/arm】安装kernel-4.19.90-2108版本有错误提示信息 kernel Kernel I5IG1V 【20.03-SP1】【x86/arm】epol源下的efl、efl-devel软件包安装报错，gpg检查失败 efl sig-compat-winapp I5IG6K 【20.03-SP1】【x86/arm】epol源下的opencryptoki、opencryptoki-devel软件包安装报错，gpg检查失败 opencryptoki dev-utils I5JHX2 【20.03 SP1 update 20220727】ovirt-engine在update 20220727版本安装失败 ovirt-engine oVirt I6975Y 【arm】--enable-bootstrap构建gcc失败 gcc Compiler I6AA06 【20.03-LTS-SP1-update-0111】【arm/x86】执行sosreport -a报错“TypeError: 'NoneType' object is not iterable” sos Base-service I6AASB 【arm】【codedb】-O3 -fipa-struct-reorg=2编译AmberToolsICE: lto1: internal compiler error: rewrite failed for realloc gcc Compiler I6AZZU 【arm】【codedb】-O3 -fipa-struct-reorg=3运行bcftools应用Segmentation fault (core dumped) gcc Compiler I6CBNA 【20.03 sp1 udpate 0131 】netdata -W createdataset=10命令执行失败 netdata Base-service I6CKZE 【arm】【deja】使用22.03 LTS-SP1发布源gcc 出现编译ICE:during GIMPLE pass: reassoc:internal compiler error: Segmentation fault gcc Compiler openEuler-20.03-LTS-SP3 Update 20230208 经各SIG及社区开发者贡献，本周openEuler-20.03-LTS-SP3修复版本已知问3个，已知漏洞12个。目前版本分支剩余待修复缺陷 16个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP3 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I64IWS?from=project-i… CVE修复：需求类型软件包优先级 CVE-2023-22745 tpm2-tss 6.4 CVE-2023-0433 vim 7.8 CVE-2022-47952 lxc 3.3 CVE-2022-4883 libXpm 8.1 CVE-2022-46285 libXpm 7.5 CVE-2022-44617 libXpm 7.5 CVE-2023-22497 netdata 9.1 CVE-2023-22496 netdata 9.8 CVE-2023-23455 kernel 5.5 CVE-2023-23454 kernel 5.5 CVE-2023-0394 kernel 5.5 CVE-2020-10775 ovirt-engine 5.3 Bugfix： issue 仓库 status 责任田 #I6CQI9:eggo部署k8s集群失败 eggo 已完成 EulerOS-容器 #I6CR2R:openEuler 20.03 SP3 上安装完spdk后，缺少setup.sh文件，无法切换到用户态。 spdk 已完成 EulerOS-存算 #I6CE9I:【openEuler 1.0-LTS】回合主线trace特性相关的bugfix补丁 kernel 待办的内核 openEuler-20.03-LTS-SP3版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3 https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3:Epol openEuler-20.03-LTS-SP3 Update版本发布源链接： https://repo.openeuler.org/openEuler-20.03-LTS-SP3/update/ https://repo.openeuler.org/openEuler-20.03-LTS-SP3/EPOL/update/main/ openEuler CVE 及安全公告公示链接： https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-20.03-LTS-SP3 Update版本待修复问题清单公示：任务ID 任务标题关联仓库 SIG I4UMEV [openEuler 20.03-LTS SP3]openEuler开启crash_kexec_post_notifiers后，panic通知链无法完全遍历 kernel Kernel I5IGAS 【20.03-SP3】【x86/arm】epol源下的opencryptoki、opencryptoki-devel软件包安装报错，gpg检查失败 opencryptoki dev-utils I5IGOR 【20.03-SP3】【x86/arm】epol源下的fluidsynth、fluidsynth-devel、fluidsynth-help软件包安装报错，gpg检查失败 fluidsynth Application I5KXUY 【20.03 LTS SP3 update 20220803】【arm/x86】ovirt-cockpit-sso.service服务启动失败 ovirt-cockpit-sso oVirt I5KY4S 【20.03 LTS SP3 update 20220803】【arm/x86】vdsmd.service服务启动失败，导致mom-vdsm.service服务无法启动成功 vdsm oVirt I5LYJK 【20.03-sp3_update20220801】【x86】对内核版进行升级后，TCP_option_address安装异常 TCP_option_address Kernel I5XDXJ openeuler：20.03-sp3下lua-lunit0.5和lua5.3不匹配 mugen sig-QA I613DI 【20.03 SP3】当前最新版本的kernel、 oec-hardware、 openEuler-release三个包同时安装，虚拟机启动失败 openEuler-release Base-service I61LEV 【20.03 LTS SP3】【arm/x86】安装oscilloscope，然后执行oscilloscope -h报错 tuna Others I66BBJ [20.03-LTS-SP3]/etc/yum.repos.d/openEuler.repo源中默认没有update的source源 openEuler-repos Base-service I66J22 【20.03-LTS-SP3】【arm/x86】openvswitch-ipsec软件包安装失败，提示冲突 openvswitch Networking I66J48 【20.03-LTS-SP3】【arm/x86】ovn-controller.service服务启动失败 openvswitch Networking I66J58 【20.03-LTS-SP3】【arm/x86】ovn-northd.service服务启动失败 openvswitch Networking I66J5V 【20.03-LTS-SP3】【arm/x86】ovn-controller-vtep.service服务启动失败 openvswitch Networking I6CBL7 【20.03 sp3 udpate 0131 】netdata -W createdataset=10命令执行失败 netdata Base-service I6CTKO 【openEuler sp3】【arm】ltp执行用例memcg_stress失败 kernel Kernel openEuler-22.03-LTS Update 20230208 经各SIG及社区开发者贡献，本周openEuler-22.03-LTS修复版本已知问题4个，已知漏洞18个。目前版本分支剩余待修复缺陷10个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I64IWT?from=project-i… CVE修复： CVE 仓库 score CVE-2023-0433 vim 7.8 CVE-2023-22745 tpm2-tss 6.4 CVE-2022-47952 lxc 3.3 CVE-2022-41717 golang 5.3 CVE-2022-47016 tmux 7.8 CVE-2023-25136 openssh 5.5 CVE-2022-44617 libXpm 7.5 CVE-2022-46285 libXpm 7.5 CVE-2022-4883 libXpm 8.1 CVE-2022-3094 bind 7.5 CVE-2022-3736 bind 7.5 CVE-2022-3924 bind 7.5 CVE-2023-22496 netdata 9.8 CVE-2023-22497 netdata 9.1 CVE-2023-0179 kernel 7.8 CVE-2023-23454 kernel 5.5 CVE-2023-23455 kernel 5.5 CVE-2020-10775 ovirt-engine 5.3 Bugfix： issue 仓库 #I6CQI9:eggo部署k8s集群失败 eggo #I6CHOH:升级qemu6.2.0后在X86环境启动安全容器报错Expected '=' after parameter 'kernel_irqchip kata-containers #I6D0K1:例行分析grub2软件包补丁 grub2 #I5L4QX:[合规提升]建议统一spec文件的License名称规范 install-scripts openEuler-22.03-LTS版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:22.03:LTS https://build.openeuler.org/project/show/openEuler:22.03:LTS:Epol openEuler-22.03-LTS Update版本发布源链接： https://repo.openeuler.org/openEuler-22.03-LTS/update/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/main/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… openEuler-22.03-LTS Update版本待修复问题清单公示：任务ID 任务标题关联仓库 SIG I5JIA6 【22.03 LTS update 20220727】ovirt-engine在update 20220727版本安装失败 ovirt-engine oVirt I5JPII 【22.03_update20220727】【x86/arm】ovirt-engine源码包本地自编译失败，缺少编译依赖ovirt-jboss-modules-maven-plugin ovirt-engine oVirt I5Q4S3 [22.03-LTS]x86虚拟机卸载qxl模块，机器自动重启 kernel Kernel I665SM resize2fs出现csum不一致 kernel Kernel I66BDE [22.03-LTS]/etc/yum.repos.d/openEuler.repo源中默认没有update的source源 openEuler-repos Base-service I6CBPQ 【22.03 lts udpate 0131 】netdata -W createdataset=10命令执行失败 netdata Base-service I66KIH 【22.03 LTS update 20221214】【arm/x86】openstack-ironic-inspector.service服务stop失败 openstack-ironic-inspector sig-openstack I6AG88 【22.03-LTS】【arm/x86】nvwa第一次卸载时有异常报错信息 nvwa sig-ops I6AGEG 【22.03-LTS-SP1】【arm/x86】nvwa第一次卸载时有异常报错信息 nvwa sig-ops I6CN7B 【22.03 LTS update20230201】【arm/x86】cephadm卸载过程中有异常打印信息 ceph sig-ceph openEuler-22.03-LTS SP1 Update 20230208 经各SIG及社区开发者贡献，本周openEuler-22.03-LTS修复版本已知问题5个，已知漏洞17个。目前版本分支剩余待修复缺陷20个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS SP1 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I64IWT?from=project-i… CVE修复： CVE 仓库 score CVE-2023-0433 vim 7.8 CVE-2023-22745 tpm2-tss 6.4 CVE-2022-47952 lxc 3.3 CVE-2022-41717 golang 5.3 CVE-2022-47016 tmux 7.8 CVE-2022-44617 libXpm 7.5 CVE-2022-46285 libXpm 7.5 CVE-2022-4883 libXpm 8.1 CVE-2022-3094 bind 7.5 CVE-2022-3736 bind 7.5 CVE-2022-3924 bind 7.5 CVE-2023-22497 netdata 9.1 CVE-2023-22496 netdata 9.8 CVE-2023-0179 kernel 7.8 CVE-2023-23454 kernel 5.5 CVE-2023-23455 kernel 5.5 CVE-2023-25136 openssh 5.5 Bugfix： issue 仓库 #I6CQI9:eggo部署k8s集群失败 eggo #I6CHOH:升级qemu6.2.0后在X86环境启动安全容器报错Expected '=' after parameter 'kernel_irqchip kata-containers #I6D0K1:例行分析grub2软件包补丁 grub2 #I6DFQT:spec文件中缺少Patch0003，导致部分补丁未生效 install-scripts #I6D9QD:删除.a库文件 newt openEuler-22.03-LTS SP1版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:22.03:LTS https://build.openeuler.org/project/show/openEuler:22.03:LTS:Epol openEuler-22.03-LTS SP1 Update版本发布源链接： https://repo.openeuler.org/openEuler-22.03-LTS/update/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/main/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… openEuler-22.03-LTS SP1 Update版本待修复问题清单公示：任务ID 任务标题关联仓库 SIG I65688 【22.03_LTS_SP1_RC2】【x86/arm】biometric-authentication存在不安全的编译选项STRIP、RPATH biometric-authentication sig-UKUI I657VE 【22.03_LTS_SP1_RC2】【x86/arm】blackbox_exporter存在不安全的编译选项PIE、STRIP blackbox_exporter sig-CloudNative I657VP 【22.03_LTS_SP1_RC2】【x86/arm】containernetworking-plugins存在不安全的编译选项PIE、STRIP containernetworking-plugins sig-CloudNative I657VS 【22.03_LTS_SP1_RC2】【x86/arm】dde-api存在不安全的编译选项PIE、STRIP dde-api sig-DDE I657VT 【22.03_LTS_SP1_RC2】【x86/arm】dde-daemon存在不安全的编译选项STRIP dde-daemon sig-DDE I657VX 【22.03_LTS_SP1_RC2】【x86/arm】deepin-dbus-generator存在不安全的编译选项PIE、STRIP deepin-dbus-generator sig-DDE I657W0 【22.03_LTS_SP1_RC2】【x86/arm】deepin-editor存在不安全的编译选项STRIP deepin-editor sig-DDE I657W3 【22.03_LTS_SP1_RC2】【x86/arm】deepin-graphics-driver-manager存在不安全的编译选项STRIP deepin-graphics-driver-manager sig-DDE I657W7 【22.03_LTS_SP1_RC2】【x86/arm】deepin-system-monitor存在不安全的编译选项STRIP deepin-system-monitor sig-DDE I657W8 【22.03_LTS_SP1_RC2】【x86/arm】delve存在不安全的编译选项PIE、STRIP delve dev-utils I65839 【22.03_LTS_SP1_RC2】【x86/arm】pushgateway存在不安全的编译选项PIE、STRIP pushgateway sig-CloudNative I6583U 【22.03_LTS_SP1_RC2】【x86/arm】startdde存在不安全的编译选项PIE、STRIP startdde sig-DDE I6975Y 【arm】--enable-bootstrap构建gcc失败 gcc Compiler I6AASB 【arm】【codedb】-O3 -fipa-struct-reorg=2编译AmberToolsICE: lto1: internal compiler error: rewrite failed for realloc gcc Compiler I6AGEG 【22.03-LTS-SP1】【arm/x86】nvwa第一次卸载时有异常报错信息 nvwa sig-ops I6AZZU 【arm】【codedb】-O3 -fipa-struct-reorg=3运行bcftools应用Segmentation fault (core dumped) gcc Compiler I6CBPN 【22.03 lts sp1 udpate 0131 】netdata -W createdataset=10命令执行失败 netdata Base-service I6CKRQ 【22.03 SP1 update20230201】【arm/x86】ceph-selinux卸载过程中有异常打印信息 ceph sig-ceph I6CKZE 【arm】【deja】使用22.03 LTS-SP1发布源gcc 出现编译ICE:during GIMPLE pass: reassoc:internal compiler error: Segmentation fault gcc Compiler I6CN3V 【22.03 SP1 update20230201】【arm/x86】cephadm卸载过程中有异常打印信息 ceph sig-ceph 社区待修复漏洞： openEuler社区根据漏洞严重等级采取差异化的修复策略，请各个SIG 关注涉及CVE组件的修复情况。严重等级（Severity Rating）漏洞修复时长致命（Critical） 7天高（High） 14天中（Medium） 30天低（Low） 30天可参考社区安全委员会漏洞：https://gitee.com/openeuler/security-committee/wikis/%E7%A4%BE… 近14天将超期CVE: 漏洞编号 Issue ID 剩余天数 CVSS评分软件包责任SIG CVE-2023-22458 I6ATA3 1.42 5.5 redis6 sig-bigdata CVE-2022-35977 I6ATA2 1.42 5.5 redis6 sig-bigdata CVE-2023-22458 I6ATA1 1.42 5.5 redis5 sig-bigdata CVE-2022-35977 I6ATA0 1.42 5.5 redis5 sig-bigdata CVE-2022-23498 I6CK4L 1.87 8.8 grafana Application CVE-2022-47950 I6AY3Q 2.29 6.5 openstack-swift sig-openstack CVE-2023-22486 I6B8C9 2.51 7.5 cmark CVE-2022-47929 I6B0FD 2.79 5.5 risc-v-kernel sig-RISC-V CVE-2023-21843 I6B1HM 2.92 3.7 openjdk-11 Compiler CVE-2023-21830 I6B1HL 2.92 5.3 openjdk-11 Compiler CVE-2023-21835 I6B1HK 2.92 5.3 openjdk-17 Compiler CVE-2023-21835 I6B1HJ 2.92 5.3 openjdk-11 Compiler CVE-2023-21843 I6B1HI 2.92 3.7 openjdk-1.8.0 Compiler CVE-2023-21830 I6B1HG 2.92 5.3 openjdk-1.8.0 Compiler CVE-2023-21835 I6B1HE 2.92 5.3 openjdk-1.8.0 Compiler CVE-2023-21843 I6B1H9 2.92 3.7 openjdk-latest Compiler CVE-2023-21830 I6B1H8 2.92 5.3 openjdk-latest Compiler CVE-2023-21835 I6B1H7 2.92 5.3 openjdk-latest Compiler CVE-2023-0394 I6B1V3 3.42 5.5 risc-v-kernel sig-RISC-V CVE-2023-0397 I6B4B3 4.21 6.5 zephyr CVE-2022-4344 I6B4CF 4.52 4.3 wireshark Application CVE-2023-0396 I6B579 5.13 6.8 zephyr CVE-2022-4345 I6B59U 5.44 6.5 wireshark Application CVE-2023-25193 I6CZP6 5.54 7.5 harfbuzz Desktop CVE-2023-0240 I6BTWC 6.51 7.8 kernel Kernel CVE-2022-25147 I6EWIN 6.56 9.8 apr Base-service CVE-2023-0286 I6DKTF 7.31 7.4 openssl sig-security-facility CVE-2023-0341 I6DPL7 7.77 7.8 editorconfig CVE-2022-44566 I6B6XD 8.92 0.0 rubygem-activerecord sig-ruby CVE-2023-22796 I6B6XB 8.92 0.0 rubygem-activesupport sig-ruby CVE-2023-22794 I6B6XA 8.92 0.0 rubygem-activerecord sig-ruby CVE-2023-22797 I6B6X9 8.92 0.0 rubygem-actionpack sig-ruby CVE-2022-47951 I6B751 9.17 5.7 openstack-cinder sig-openstack CVE-2023-0468 I6B7IH 9.92 4.7 risc-v-kernel sig-RISC-V CVE-2023-0469 I6B7VG 10.71 5.5 risc-v-kernel sig-RISC-V CVE-2023-22799 I6B82I 10.92 0.0 rubygem-globalid sig-ruby CVE-2023-0416 I6B8C4 11.3 6.5 wireshark Application CVE-2023-0412 I6B8C2 11.3 6.5 wireshark Application CVE-2023-0411 I6B8C1 11.3 6.5 wireshark Application CVE-2023-0415 I6B8C0 11.3 6.5 wireshark Application CVE-2023-0417 I6B8BW 11.3 6.5 wireshark Application CVE-2023-0413 I6B8BS 11.3 6.5 wireshark Application openEuler 社区指导文档及开放平台链接： openEuler 版本分支维护规范： https://gitee.com/openeuler/release-management/blob/master/openEuler%E7%89%… openEuler release-management 版本分支PR指导： https://gitee.com/openeuler/release-management/blob/master/openEuler%E5%BC%… 社区QA 版本测试提单规范 https://gitee.com/openeuler/QA/blob/839f952696f271f83c018ccf3218cf493b92d65… 社区QA 测试平台 radiates https://radiatest.openeuler.org<https://radiatest.openeuler.org/> 沐钰莹（openEuler release SIG） Mobile: +86 15651995918 中国(China)-杭州(Hangzhou)-滨江区江淑路360号华为杭州研发中心 HUAWEI , Jiangshu Road., Binjiang District, Hangzhou, P.R.China E-mail: muyuying1(a)huawei.com<mailto:muyuying1@huawei.com> [cid:image004.png@01D940B8.00571F10]Open Source OS for Digital Infrastructure 本邮件及其附件含有华为公司的保密信息，仅限于发送给上面地址中列出的个人或群组。禁止任何其他人以任何形式使用（包括但不限于全部或部分地泄露、复制、或散发）本邮件中的信息。如果您错收了本邮件，请您立即电话或邮件通知发件人并删除本邮件！ This e-mail and its attachments contain confidential information from HUAWEI, which is intended only for the person or entity whose address is listed above. Any use of the information contained herein in any way (including, but not limited to, total or partial disclosure, reproduction, or dissemination) by persons other than the intended recipient(s) is prohibited. If you receive this e-mail in error, please notify the sender by phone or email immediately and delete it

1 0

[Dev] openEuler update_20230201版本发布公告
by muyuying 06 Feb '23

06 Feb '23

Dear all，经社区Release SIG、QA SIG及 CICD SIG 评估，openEuler-20.03-LTS-SP1、openEuler-20.03-LTS-SP3及openEuler-22.03-LTS update版本满足版本出口质量，现进行发布公示。本公示分为五部分： 1、openEuler-20.03-LTS-SP1 Update 20230201发布情况及待修复缺陷 2、openEuler-20.03-LTS-SP3 Update 20230201发布情况及待修复缺陷 3、openEuler-22.03-LTS Update 20230201发布情况及待修复缺陷 4、openEuler 关键组件待修复CVE 清单 5、openEuler 社区指导文档及开放平台链接本次update版本发布后，下一个版本里程碑点（预计在2023/02/07）提供 update_20230203 版本。 openEuler-20.03-LTS-SP1 Update 20230201 经各SIG及社区开发者贡献，本周openEuler-20.03-LTS-SP1修复版本已知问题2个，已知漏洞17个。目前版本分支剩余待修复缺陷39个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP1 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I6BKWV?from=project-i… CVE 仓库 score CVE-2023-24056 pkgconf 9.8 CVE-2023-22809 sudo 7.8 CVE-2023-0288 vim 7.8 CVE-2022-47024 vim 7.8 CVE-2022-41953 git 7.8 CVE-2022-48281 libtiff 7.5 CVE-2022-38023 samba 8.1 CVE-2022-47021 opusfile 7.8 CVE-2022-42890 batik 7.5 CVE-2022-42252 tomcat 7.5 CVE-2022-41704 batik 7.5 CVE-2023-23455 kernel 5.5 CVE-2023-23454 kernel 7.8 CVE-2023-0047 kernel 5.1 CVE-2022-47929 kernel 5.5 CVE-2020-10775 ovirt-engine 5.3 CVE-2021-3930 qemu 6.5 CVE修复： Bugfix： issue 仓库 #I6AXHU:4.19回合主线bugfix补丁 kernel #I5UNVT:开源软件包libbpf补丁例行分析回合 libbpf openEuler-20.03-LTS-SP1版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1 https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP1:Epol openEuler-20.03-LTS-SP1 Update版本发布源链接： https://repo.openeuler.org/openEuler-20.03-LTS-SP1/update/ https://repo.openeuler.org/openEuler-20.03-LTS-SP1/EPOL/update/ openEuler CVE 及安全公告公示链接： https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-20.03-LTS-SP1 Update版本待修复问题清单公示：任务ID 任务标题关联仓库 SIG I281C1 【fuzz】runtime error: libsass Base-service I437CR [SP1][arm/x86]obs-server包下11个服务启动关闭，出现报错 obs-server Others I43OSX [clamav] 执行clamscan --statistics pcre命令会出现error，但是最终返回码为0 clamav Others I490MU Uncaught exception in get_tokens_unprocessed python-pygments Programming-language I4F8YQ integer overflow in start_input_bmp libjpeg-turbo Desktop I4F8ZI heap-buffer-overflow in get_word_rgb_row libjpeg-turbo Desktop I4F903 Unexpect-exit in start_input_tga libjpeg-turbo Desktop I4F913 Timeout in tjDecompress2 libjpeg-turbo Desktop I4G4A5 Undefine-shift in _bfd_safe_read_leb128 binutils Base-service I4G4B1 Integer overflow in print_vms_time binutils Base-service I4G4VY memleak in parse_gnu_debugaltlink binutils Base-service I4G4WF Heap-buffer-overflow in slurp_hppa_unwind_table binutils Base-service I4G4WW Use-after-free in make_qualified_name binutils Base-service I4G4X6 memleak in byte_get_little_endian binutils Base-service I4G4XF memleak in process_mips_specific binutils Base-service I4G4Y0 out-of-memory in vms_lib_read_index binutils Base-service I4G4YJ Heap-buffer-overflow in bfd_getl16 binutils Base-service I4G4YV Floating point exception in _bfd_vms_slurp_etir binutils Base-service I4J0OY 【20.03 SP1】【arm/x86】安装好libdap后，getdap4命令的-i和-k参数使用异常 libdap sig-recycle I4K6ES stack-buffer-overflow in UINT32_Marshal libtpms sig-security-facility I4K6FU global-buffer-overflow in Array_Marshal libtpms sig-security-facility I4K6R7 memleak in wrap_nettle_mpi_init gnutls sig-security-facility I4K6UI Timeout in _asn1_find_up gnutls sig-security-facility I4KT2A integer overflow in luaV_execute lua Base-service I4KT3D integer overflow in intarith lua Base-service I4KT3Q Division by zero in luaV_execute lua Base-service I4KT40 Timeout in luaV_finishget lua Base-service I4O16Z 【SP1_update/arm】安装kernel-4.19.90-2108版本有错误提示信息 kernel Kernel I4QV6N 【openEuler-20.03-LTS-SP1】flink命令执行失败 flink sig-ai-bigdata I5IG1V 【20.03-SP1】【x86/arm】epol源下的efl、efl-devel软件包安装报错，gpg检查失败 efl sig-compat-winapp I5IG6K 【20.03-SP1】【x86/arm】epol源下的opencryptoki、opencryptoki-devel软件包安装报错，gpg检查失败 opencryptoki dev-utils I6975Y 【arm】--enable-bootstrap构建gcc失败 gcc Compiler I6AA06 【20.03-LTS-SP1-update-0111】【arm/x86】执行sosreport -a报错“TypeError: 'NoneType' object is not iterable” sos Base-service I6AASB 【arm】【codedb】-O3 -fipa-struct-reorg=2编译AmberToolsICE: lto1: internal compiler error: rewrite failed for realloc gcc Compiler I6AZZU 【arm】【codedb】-O3 -fipa-struct-reorg=3运行bcftools应用Segmentation fault (core dumped) gcc Compiler openEuler-20.03-LTS-SP3 Update 20230201 经各SIG及社区开发者贡献，本周openEuler-20.03-LTS-SP3修复版本已知问2个，已知漏洞16个。目前版本分支剩余待修复缺陷 11个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-20.03-LTS-SP3 Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I64IWS?from=project-i… CVE修复：需求类型软件包优先级 CVE-2023-24056 pkgconf 9.8 CVE-2023-22809 sudo 7.8 CVE-2023-0288 vim 7.8 CVE-2022-47024 vim 7.8 CVE-2022-41953 git 7.8 CVE-2022-48281 libtiff 7.5 CVE-2022-38023 samba 8.1 CVE-2022-47021 opusfile 7.8 CVE-2022-42890 batik 7.5 CVE-2022-42252 tomcat 7.5 CVE-2022-41704 batik 7.5 CVE-2023-23455 kernel 5.5 CVE-2023-23454 kernel 7.8 CVE-2023-0047 kernel 5.1 CVE-2022-47929 kernel 5.5 CVE-2021-3930 qemu 6.5 Bugfix： issue 仓库 status 责任田 #I6AXHU:4.19回合主线bugfix补丁 kernel 已完成内核 #I5UNVT:开源软件包libbpf补丁例行分析回合 libbpf 已完成 EulerOS-网络 openEuler-20.03-LTS-SP3版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3 https://build.openeuler.org/project/show/openEuler:20.03:LTS:SP3:Epol openEuler-20.03-LTS-SP3 Update版本发布源链接： https://repo.openeuler.org/openEuler-20.03-LTS-SP3/update/ https://repo.openeuler.org/openEuler-20.03-LTS-SP3/EPOL/update/main/ openEuler CVE 及安全公告公示链接： https://www.openeuler.org/zh/security/cve/ https://www.openeuler.org/zh/security/safety-bulletin/ https://repo.openeuler.org/security/data/cvrf/ openEuler-20.03-LTS-SP3 Update版本待修复问题清单公示：任务ID 任务标题关联仓库 SIG I4QV7S 【openEuler-20.03-LTS-SP3】flink run 命令执行失败 flink sig-ai-bigdata I4UMEV [openEuler 20.03-LTS SP3]openEuler开启crash_kexec_post_notifiers后，panic通知链无法完全遍历 kernel Kernel I5IGAS 【20.03-SP3】【x86/arm】epol源下的opencryptoki、opencryptoki-devel软件包安装报错，gpg检查失败 opencryptoki dev-utils I5IGOR 【20.03-SP3】【x86/arm】epol源下的fluidsynth、fluidsynth-devel、fluidsynth-help软件包安装报错，gpg检查失败 fluidsynth Application I613DI 【20.03 SP3】当前最新版本的kernel、 oec-hardware、 openEuler-release三个包同时安装，虚拟机启动失败 openEuler-release Base-service I61LEV 【20.03 LTS SP3】【arm/x86】安装oscilloscope，然后执行oscilloscope -h报错 tuna Others I66BBJ [20.03-LTS-SP3]/etc/yum.repos.d/openEuler.repo源中默认没有update的source源 openEuler-repos Base-service I66J22 【20.03-LTS-SP3】【arm/x86】openvswitch-ipsec软件包安装失败，提示冲突 openvswitch Networking I66J48 【20.03-LTS-SP3】【arm/x86】ovn-controller.service服务启动失败 openvswitch Networking I66J58 【20.03-LTS-SP3】【arm/x86】ovn-northd.service服务启动失败 openvswitch Networking I66J5V 【20.03-LTS-SP3】【arm/x86】ovn-controller-vtep.service服务启动失败 openvswitch Networking openEuler-22.03-LTS Update 20230201 经各SIG及社区开发者贡献，本周openEuler-22.03-LTS修复版本已知问题8个，已知漏洞21个。目前版本分支剩余待修复缺陷3个，缺陷/漏洞统计详见清单，缺陷/漏洞问题详见各软件包源码仓库 openEuler-22.03-LTS Update版本CVE修复及Bugfix list公示链接： https://gitee.com/openeuler/release-management/issues/I64IWT?from=project-i… CVE修复： CVE 仓库 score CVE-2022-47024 vim 7.8 CVE-2023-0288 vim 7.8 CVE-2023-22809 sudo 7.8 CVE-2023-24056 pkgconf 9.8 CVE-2022-41953 git 7.8 CVE-2022-38023 samba 8.1 CVE-2022-48281 libtiff 7.5 CVE-2022-42252 tomcat 7.5 CVE-2022-47021 opusfile 7.8 CVE-2022-41704 batik 7.5 CVE-2022-42890 batik 7.5 CVE-2021-36690 sqlite 7.5 CVE-2022-4696 kernel 7.8 CVE-2022-47929 kernel 5.5 CVE-2023-0179 kernel 1 CVE-2023-0210 kernel 5.9 CVE-2023-20928 kernel 7.5 CVE-2023-23454 kernel 7.8 CVE-2023-23455 kernel 5.5 CVE-2023-23559 kernel 7.8 CVE-2020-10775 ovirt-engine 5.3 Bugfix： issue 仓库 #I6CA2Y:update_20230201-修复glib2-static安装时找不到sysprof-capture-static安装依赖 sysprof #I6CA6S:update-20230201-add loongarch support for ceph ceph #I6AYYO:PR373 SPEC删除了补丁，但补丁文件没有被删除 systemd #I6C4QA:【X86/ARM】【SDV-All-libxml2-补丁分析】补丁数量：4 libxml2 #I6C2MC:使用gradle编译项目报Javac compiler message file broken: key=compiler.misc.msg.bug arguments openjdk-11 #I6BCMV:【openEuler:Mainline】obs编译失败 A-Tune #I6AW65:【backport】mm/vmpressure: fix data-race with memcg->socket_pressure kernel #I5UNVT:开源软件包libbpf补丁例行分析回合 libbpf openEuler-22.03-LTS版本编译构建信息查询链接： https://build.openeuler.org/project/show/openEuler:22.03:LTS https://build.openeuler.org/project/show/openEuler:22.03:LTS:Epol openEuler-22.03-LTS Update版本发布源链接： https://repo.openeuler.org/openEuler-22.03-LTS/update/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/main/ https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… https://repo.openeuler.org/openEuler-22.03-LTS/EPOL/update/multi_version/Op… openEuler-22.03-LTS Update版本待修复问题清单公示：任务ID 任务标题关联仓库 SIG I5Q4S3 [22.03-LTS]x86虚拟机卸载qxl模块，机器自动重启 kernel Kernel I665SM resize2fs出现csum不一致 kernel Kernel I66BDE [22.03-LTS]/etc/yum.repos.d/openEuler.repo源中默认没有update的source源 openEuler-repos Base-service 社区待修复漏洞： openEuler社区根据漏洞严重等级采取差异化的修复策略，请各个SIG 关注涉及CVE组件的修复情况。严重等级（Severity Rating）漏洞修复时长致命（Critical） 7天高（High） 14天中（Medium） 30天低（Low） 30天可参考社区安全委员会漏洞：https://gitee.com/openeuler/security-committee/wikis/%E7%A4%BE… 近14天将超期CVE: 漏洞编号 Issue ID 剩余天数 CVSS评分软件包责任SIG CVE-2023-23454 I6AQIL 3.56 7.8 kernel Kernel CVE-2022-0553 I6A0G8 7.77 4.6 zephyr CVE-2023-0210 I6A0GV 7.77 0.0 risc-v-kernel sig-RISC-V CVE-2022-47015 I6BCFO 8.73 7.5 mariadb DB CVE-2022-47016 I6BCFM 8.73 7.8 tmux Desktop CVE-2023-0433 I6BU72 11.35 7.8 vim Base-service CVE-2023-0047 I68UPT 1.14 0.0 risc-v-kernel sig-RISC-V CVE-2023-0047 I68UPT 1.14 0.0 risc-v-kernel sig-RISC-V CVE-2022-47952 I68C10 12.47 3.3 lxc iSulad CVE-2022-41717 I6ANT9 12.53 5.3 golang sig-golang CVE-2023-0179 I6AOP8 12.59 0.0 kernel Kernel CVE-2023-0266 I6AOWP 12.62 0.0 kernel Kernel CVE-2023-23455 I6AQG9 12.76 5.5 kernel Kernel CVE-2023-22458 I6ATA3 13.38 0.0 redis6 sig-bigdata CVE-2022-35977 I6ATA2 13.38 0.0 redis6 sig-bigdata CVE-2023-22458 I6ATA1 13.38 0.0 redis5 sig-bigdata CVE-2022-35977 I6ATA0 13.38 0.0 redis5 sig-bigdata CVE-2022-47630 I6AVW5 13.74 3.5 arm-trusted-firmware Base-service openEuler 社区指导文档及开放平台链接： openEuler 版本分支维护规范： https://gitee.com/openeuler/release-management/blob/master/openEuler%E7%89%… openEuler release-management 版本分支PR指导： https://gitee.com/openeuler/release-management/blob/master/openEuler%E5%BC%… 社区QA 版本测试提单规范 https://gitee.com/openeuler/QA/blob/839f952696f271f83c018ccf3218cf493b92d65… 社区QA 测试平台 radiates https://radiatest.openeuler.org<https://radiatest.openeuler.org/> 沐钰莹（openEuler release SIG） Mobile: +86 15651995918 中国(China)-杭州(Hangzhou)-滨江区江淑路360号华为杭州研发中心 HUAWEI , Jiangshu Road., Binjiang District, Hangzhou, P.R.China E-mail: muyuying1(a)huawei.com<mailto:muyuying1@huawei.com> [cid:image002.png@01D937F6.CC7F7D50]Open Source OS for Digital Infrastructure 本邮件及其附件含有华为公司的保密信息，仅限于发送给上面地址中列出的个人或群组。禁止任何其他人以任何形式使用（包括但不限于全部或部分地泄露、复制、或散发）本邮件中的信息。如果您错收了本邮件，请您立即电话或邮件通知发件人并删除本邮件！ This e-mail and its attachments contain confidential information from HUAWEI, which is intended only for the person or entity whose address is listed above. Any use of the information contained herein in any way (including, but not limited to, total or partial disclosure, reproduction, or dissemination) by persons other than the intended recipient(s) is prohibited. If you receive this e-mail in error, please notify the sender by phone or email immediately and delete it _______________________________________________ Dev mailing list -- dev(a)openeuler.org To unsubscribe send an email to dev-leave(a)openeuler.org

1 0

2024

2023

2022

2021

2020