This update provides security fixes and hardenings for Boothole 3 / Boothole 2022 (bsc#1198581)
- CVE-2021-3695: Fixed that a crafted PNG grayscale image could lead to out-of-bounds write in heap (bsc#1191184) - CVE-2021-3696: Fixed that a crafted PNG image could lead to out-of-bound write during huffman table handling (bsc#1191185) - CVE-2021-3697: Fixed that a crafted JPEG image could lead to buffer underflow write in the heap (bsc#1191186) - CVE-2022-28733: Fixed fragmentation math in net/ip (bsc#1198460) - CVE-2022-28734: Fixed an out-of-bound write for split http headers (bsc#1198493) - CVE-2022-28735: Fixed some verifier framework changes (bsc#1198495) - CVE-2022-28736: Fixed a use-after-free in chainloader command (bsc#1198496) - Update SBAT security contact (bsc#1193282) - Bump grub's SBAT generation to 2
- Use boot disks in OpenFirmware, fixing regression caused when the root LV is completely in the boot LUN (bsc#1197948)
openSUSE 13.1 openSUSE Leap 15.4 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 15 SP1 SUSE Linux Enterprise for SAP 12 SUSE Linux Enterprise High Performance Computing 15 SP1 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Module for Desktop Applications 15 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Toolchain 12 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Module for Web Scripting 15 SUSE Linux Enterprise Server 15 SP1 SUSE Linux Enterprise Server for SAP Applications 15 SP1 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Storage 6 SUSE Manager Proxy 4.0 SUSE Manager Server 4.0