Bug 1130588 - package requires obsolete pwdutils instead of shadow
package requires obsolete pwdutils instead of shadow
Status: RESOLVED FIXED
Classification: openSUSE
Product: openSUSE Distribution
Classification: openSUSE
Component: Other
Leap 15.1
Other Other
: P5 - None : Normal (vote)
: ---
Assigned To: Michael Vetter
E-mail List
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2019-03-26 23:16 UTC by Giacomo Comes
Modified: 2022-03-29 09:50 UTC (History)
0 users

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Giacomo Comes 2019-03-26 23:16:59 UTC
There are packages that have in their spec file:
  Requires(pre) pwdutils
The package pwdutils was last available in 12.2 and was replaced in 12.3 by shadow.
Having Requires(pre) pwdutils in the spec file could sooner or later cause a bug similar to 1127610.

Here is the list of src.rpm present in Leap 15.1 and tumbleweed that are affected:
NetworkManager-openconnect amanda amavisd-new apt-cacher-ng atftp avahi avahi-glib2 avahi-mono avahi-qt4 boinc-client cntlm colord crawl cyrus-imapd ddclient dkimproxy fetchmail firebird fonehome gdm glibc gnome-robots hackrf icingaweb2 keepalived knot libperseus-sdr libxtrxll lightdm lighttpd lldpd lockdev mariadb minidlna motion mpd munge nagios nginx nrpe ntp ntpsec openssh otrs pcsc-lite pdns-common pdns-recursor pesign polkit postfixadmin postgresql pound prosody pulseaudio quagga quassel rabbitmq-server salt shibboleth-sp slurm sphinx subversion tftp tpm2-0-tss tpm2.0-abrmd trousers usbmuxd virtualbox zabbix

Affected packages only in Leap 15.1:
ptokax

Affected packages only in tumbleweed:
influxdb khunphan syncthing(syncthing-relaysrv)

I'm wondering if this is the proper way to submit such kind of 'cumulative' bug, or I should have opened a bug for every single package.
Comment 1 Michael Vetter 2019-04-08 12:18:19 UTC
Thanks for you report Giacomo.

> Having Requires(pre) pwdutils in the spec file could sooner or later cause a bug similar to 1127610.

There has also been https://bugzilla.suse.com/show_bug.cgi?id=1126757

> There are packages that have in their spec file:
  Requires(pre) pwdutils

Shadow has in its spec file:
Provides:       pwdutils = 3.2.20
Obsoletes:      pwdutils <= 3.2.19

So I think shadow should actually by taken by zypper?
But still it makes sense to have clean spec files and require shadow.

> I'm wondering if this is the proper way to submit such kind of 'cumulative' bug, or I should have opened a bug for every single package.

While it would be better for me if the changes would be done by the maintainers of each package since it's their package and not shadows problem, I guess I'll just do it :-)
Comment 2 Giacomo Comes 2019-04-08 21:50:26 UTC
(In reply to Michael Vetter from comment #1)

> Shadow has in its spec file:
> Provides:       pwdutils = 3.2.20
> Obsoletes:      pwdutils <= 3.2.19
> 
> So I think shadow should actually by taken by zypper?

That make sense. If zypper doesn't do it, may be it should be reported to the zypper maintainer?
Comment 3 Michael Vetter 2019-04-26 10:24:53 UTC
> If zypper doesn't do it, may be it should be reported to the zypper maintainer?

Actually in the case of unbound the problem was this:
Package 'unbound' had pwdutils in PreReq. But actually the subpackage 'anchor' was using binaries from shadow/pwdutils. So it was two problems. The resolution probably worked.

> Having Requires(pre) pwdutils in the spec file could sooner or later cause a bug similar to 1127610.

Actually there is nothing to be done here to fix anything (since shadow has the provides/obsoletes), it would just be cleaner if we update the spec files to use shadow in pwdutils. So for Factory packages it would be nice to change it, but I wouldn't bothre with already released products.
Comment 4 Michael Vetter 2019-04-26 11:47:07 UTC
Started:
zabbix - not in factory
SR#698136 virtualization/virtualbox
SR#698137 hardware/usbmuxd
security/trousers SR#698138
security/tpm2.0-abrmd SR#698139
security/tpm2-0-tss SR#698141
network/tftp SR#698142
devel:tools:scm:svn/subversion SR#698143
server:search/sphinx requires /usr/sbin/useradd
network:cluster/slurm has suse_version guard
Apache:Shibboleth/shibboleth-sp SR#698155
systemsmanagement:saltstack:testing/salt SR#698159
network:messaging:amqp/rabbitmq-server SR#698161
KDE:Extra/quassel SR#698162
network/quagga SR#698166
multimedia:libs/pulseaudio SR#698168
devel:languages:lua/prosody SR#698169
network/pound SR#698170
server:database:postgresql/postgresql has suse_version guard
server:php:applications/postfixadmin SR#698172
Base:System/polkit SR#698177
Base:System/pesign SR#698178
server:dns/pdns-recursor SR#698180
server:dns/pdns-common SR#698181
security:chipcard/pcsc-lite SR#698183

Created ticket for spec-cleaner: https://github.com/openSUSE/spec-cleaner/issues/247
Comment 5 Swamp Workflow Management 2019-04-26 11:50:06 UTC
This is an autogenerated message for OBS integration:
This bug (1130588) was mentioned in
https://build.opensuse.org/request/show/698144 Factory / trousers
https://build.opensuse.org/request/show/698147 Factory / tpm2.0-abrmd
https://build.opensuse.org/request/show/698149 Factory / tpm2-0-tss
https://build.opensuse.org/request/show/698169 Factory / prosody
https://build.opensuse.org/request/show/698182 Factory / postfixadmin
Comment 6 Swamp Workflow Management 2019-04-26 13:10:06 UTC
This is an autogenerated message for OBS integration:
This bug (1130588) was mentioned in
https://build.opensuse.org/request/show/698215 Factory / polkit
Comment 7 Swamp Workflow Management 2019-04-26 19:10:10 UTC
This is an autogenerated message for OBS integration:
This bug (1130588) was mentioned in
https://build.opensuse.org/request/show/698333 Factory / virtualbox
Comment 8 Swamp Workflow Management 2019-05-10 09:20:07 UTC
This is an autogenerated message for OBS integration:
This bug (1130588) was mentioned in
https://build.opensuse.org/request/show/701943 15.1 / pesign
Comment 10 Swamp Workflow Management 2019-05-31 13:30:42 UTC
SUSE-RU-2019:1393-1: An update that has two recommended fixes can now be installed.

Category: recommended (moderate)
Bug References: 1130588,1134670
CVE References: 
Sources used:
SUSE Linux Enterprise Module for Development Tools 15 (src):    pesign-0.112-4.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 11 Swamp Workflow Management 2019-06-05 19:20:01 UTC
openSUSE-RU-2019:1517-1: An update that has two recommended fixes can now be installed.

Category: recommended (moderate)
Bug References: 1130588,1134670
CVE References: 
Sources used:
openSUSE Leap 15.0 (src):    pesign-0.112-lp150.3.3.1
Comment 12 Swamp Workflow Management 2019-07-03 22:12:51 UTC
SUSE-RU-2019:1393-2: An update that has two recommended fixes can now be installed.

Category: recommended (moderate)
Bug References: 1130588,1134670
CVE References: 
Sources used:
SUSE Linux Enterprise Module for Development Tools 15-SP1 (src):    pesign-0.112-4.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 13 Swamp Workflow Management 2019-07-20 17:40:24 UTC
This is an autogenerated message for OBS integration:
This bug (1130588) was mentioned in
https://build.opensuse.org/request/show/717246 15.0 / virtualbox
Comment 14 Swamp Workflow Management 2019-07-30 16:12:47 UTC
openSUSE-SU-2019:1814-1: An update that fixes 52 vulnerabilities is now available.

Category: security (important)
Bug References: 1097248,1098050,1112097,1113894,1115041,1116050,1130503,1130588,1132379,1132439,1132827,1133289,1133492,1141801
CVE References: CVE-2018-0734,CVE-2018-11763,CVE-2018-11784,CVE-2018-3288,CVE-2018-3289,CVE-2018-3290,CVE-2018-3291,CVE-2018-3292,CVE-2018-3293,CVE-2018-3294,CVE-2018-3295,CVE-2018-3296,CVE-2018-3297,CVE-2018-3298,CVE-2019-1543,CVE-2019-2446,CVE-2019-2448,CVE-2019-2450,CVE-2019-2451,CVE-2019-2508,CVE-2019-2509,CVE-2019-2511,CVE-2019-2525,CVE-2019-2527,CVE-2019-2554,CVE-2019-2555,CVE-2019-2556,CVE-2019-2574,CVE-2019-2656,CVE-2019-2657,CVE-2019-2678,CVE-2019-2679,CVE-2019-2680,CVE-2019-2690,CVE-2019-2696,CVE-2019-2703,CVE-2019-2721,CVE-2019-2722,CVE-2019-2723,CVE-2019-2848,CVE-2019-2850,CVE-2019-2859,CVE-2019-2863,CVE-2019-2864,CVE-2019-2865,CVE-2019-2866,CVE-2019-2867,CVE-2019-2873,CVE-2019-2874,CVE-2019-2875,CVE-2019-2876,CVE-2019-2877
Sources used:
openSUSE Leap 15.1 (src):    virtualbox-6.0.10-lp151.2.6.1
openSUSE Leap 15.0 (src):    virtualbox-6.0.10-lp150.4.36.1
Comment 15 Michael Vetter 2019-09-05 11:24:26 UTC
SR#698159 got declined but added via https://github.com/openSUSE/salt-packaging/commit/24e59963d380d183a48f6ddd4d66dbf6a8fa4210
Comment 16 Swamp Workflow Management 2019-09-06 12:50:12 UTC
This is an autogenerated message for OBS integration:
This bug (1130588) was mentioned in
https://build.opensuse.org/request/show/728977 Factory / salt
Comment 19 Swamp Workflow Management 2019-11-08 05:58:55 UTC
SUSE-RU-2019:2922-1: An update that has 13 recommended fixes can now be installed.

Category: recommended (moderate)
Bug References: 1101780,1130588,1134860,1135567,1135732,1137642,1140912,1143301,1146192,1146382,1151650,1151947,1152366
CVE References: 
Sources used:
SUSE Linux Enterprise Module for Server Applications 15 (src):    salt-2019.2.0-5.52.1
SUSE Linux Enterprise Module for Basesystem 15 (src):    salt-2019.2.0-5.52.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 20 Swamp Workflow Management 2019-11-08 06:01:19 UTC
SUSE-RU-2019:2924-1: An update that has 13 recommended fixes can now be installed.

Category: recommended (moderate)
Bug References: 1101780,1130588,1134860,1135567,1135732,1137642,1140912,1143301,1146192,1146382,1151650,1151947,1152366
CVE References: 
Sources used:
SUSE Linux Enterprise Module for Server Applications 15-SP1 (src):    salt-2019.2.0-6.14.1
SUSE Linux Enterprise Module for Python2 15-SP1 (src):    salt-2019.2.0-6.14.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    salt-2019.2.0-6.14.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 21 Swamp Workflow Management 2019-11-08 06:30:12 UTC
SUSE-RU-2019:14211-1: An update that has 13 recommended fixes can now be installed.

Category: recommended (moderate)
Bug References: 1101780,1130588,1134860,1135567,1135732,1137642,1140912,1143301,1146192,1146382,1151650,1151947,1152366
CVE References: 
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 22 Swamp Workflow Management 2019-11-08 06:32:27 UTC
SUSE-RU-2019:2923-1: An update that has 13 recommended fixes can now be installed.

Category: recommended (moderate)
Bug References: 1101780,1130588,1134860,1135567,1135732,1137642,1140912,1143301,1146192,1146382,1151650,1151947,1152366
CVE References: 
Sources used:
SUSE Manager Tools 12 (src):    salt-2019.2.0-46.76.1
SUSE Manager Server 3.2 (src):    salt-2019.2.0-46.76.1
SUSE Manager Proxy 3.2 (src):    salt-2019.2.0-46.76.1
SUSE Linux Enterprise Point of Sale 12-SP2 (src):    salt-2019.2.0-46.76.1
SUSE Linux Enterprise Module for Advanced Systems Management 12 (src):    salt-2019.2.0-46.76.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 23 Swamp Workflow Management 2019-11-08 06:37:03 UTC
SUSE-RU-2019:14209-1: An update that has 13 recommended fixes can now be installed.

Category: recommended (moderate)
Bug References: 1101780,1130588,1134860,1135567,1135732,1137642,1140912,1143301,1146192,1146382,1151650,1151947,1152366
CVE References: 
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 24 Swamp Workflow Management 2019-11-13 01:31:55 UTC
openSUSE-RU-2019:2497-1: An update that has 13 recommended fixes can now be installed.

Category: recommended (moderate)
Bug References: 1101780,1130588,1134860,1135567,1135732,1137642,1140912,1143301,1146192,1146382,1151650,1151947,1152366
CVE References: 
Sources used:
openSUSE Leap 15.0 (src):    salt-2019.2.0-lp150.3.39.1
Comment 25 Swamp Workflow Management 2019-11-26 11:30:16 UTC
This is an autogenerated message for OBS integration:
This bug (1130588) was mentioned in
https://build.opensuse.org/request/show/751001 15.1 / salt
Comment 26 Swamp Workflow Management 2019-11-26 14:30:17 UTC
This is an autogenerated message for OBS integration:
This bug (1130588) was mentioned in
https://build.opensuse.org/request/show/751047 15.1 / salt
Comment 27 Swamp Workflow Management 2019-11-30 20:11:28 UTC
openSUSE-RU-2019:2586-1: An update that has 16 recommended fixes can now be installed.

Category: recommended (moderate)
Bug References: 1101780,1130588,1134860,1135567,1135732,1137642,1137989,1140912,1142306,1142762,1143301,1146192,1146382,1151650,1151947,1152366
CVE References: 
Sources used:
openSUSE Leap 15.1 (src):    drbd-formula-0.3.7-lp151.2.1, habootstrap-formula-0.2.9-lp151.10.1, python-shaptools-0.3.3-lp151.8.1, salt-2019.2.0-lp151.5.6.1, salt-shaptools-0.2.3-lp151.5.1, saphanabootstrap-formula-0.3.2-lp151.10.1
openSUSE Leap 15.0 (src):    drbd-formula-0.3.7-lp150.2.1, habootstrap-formula-0.2.9-lp150.9.1, python-shaptools-0.3.3-lp150.8.1, salt-shaptools-0.2.3-lp150.5.1, saphanabootstrap-formula-0.3.2-lp150.9.1
Comment 28 Swamp Workflow Management 2019-11-30 20:15:59 UTC
openSUSE-RU-2019:2586-1: An update that has 16 recommended fixes can now be installed.

Category: recommended (moderate)
Bug References: 1101780,1130588,1134860,1135567,1135732,1137642,1137989,1140912,1142306,1142762,1143301,1146192,1146382,1151650,1151947,1152366
CVE References: 
Sources used:
openSUSE Leap 15.1 (src):    drbd-formula-0.3.7-lp151.2.1, habootstrap-formula-0.2.9-lp151.10.1, python-shaptools-0.3.3-lp151.8.1, salt-2019.2.0-lp151.5.6.1, salt-shaptools-0.2.3-lp151.5.1, saphanabootstrap-formula-0.3.2-lp151.10.1
openSUSE Leap 15.0 (src):    drbd-formula-0.3.7-lp150.2.1, habootstrap-formula-0.2.9-lp150.9.1, python-shaptools-0.3.3-lp150.8.1, salt-shaptools-0.2.3-lp150.5.1, saphanabootstrap-formula-0.3.2-lp150.9.1
SUSE Package Hub for SUSE Linux Enterprise 12 (src):    drbd-formula-0.3.7-2.1, habootstrap-formula-0.2.9-9.1, python-shaptools-0.3.3-8.1, salt-shaptools-0.2.3-5.1, saphanabootstrap-formula-0.3.2-9.1
Comment 30 Swamp Workflow Management 2019-12-05 23:11:11 UTC
openSUSE-RU-2019:2646-1: An update that has 16 recommended fixes can now be installed.

Category: recommended (moderate)
Bug References: 1101780,1130588,1134860,1135567,1135732,1137642,1137989,1140912,1142306,1142762,1143301,1146192,1146382,1151650,1151947,1152366
CVE References: 
Sources used:
openSUSE Backports SLE-15-SP1 (src):    habootstrap-formula-0.2.9-bp151.8.1, python-shaptools-0.3.3-bp151.8.1, saphanabootstrap-formula-0.3.2-bp151.8.1
openSUSE Backports SLE-15 (src):    habootstrap-formula-0.2.9-bp150.8.1, python-shaptools-0.3.3-bp150.8.1, saphanabootstrap-formula-0.3.2-bp150.8.1
Comment 34 Swamp Workflow Management 2020-06-23 16:35:42 UTC
SUSE-SU-2020:14402-1: An update that solves 11 vulnerabilities and has 245 fixes is now available.

Category: security (moderate)
Bug References: 1002529,1003449,1004047,1004260,1004723,1008933,1011304,1011800,1012398,1012999,1013876,1013938,1015882,1017078,1019386,1020831,1022562,1022841,1023535,1024406,1025896,1027044,1027240,1027426,1027722,1030009,1030073,1032213,1032452,1032931,1035914,1036125,1038855,1039370,1040886,1041993,1042749,1043111,1044719,1050003,1051948,1052264,1053376,1053955,1057635,1059291,1059758,1060230,1061407,1062462,1062464,1063419,1064520,1065792,1068446,1068566,1070372,1071322,1072599,1075950,1076578,1079048,1080290,1081151,1081592,1083294,1085667,1087055,1087278,1087581,1087891,1088070,1088888,1089112,1089362,1089526,1091371,1092161,1092373,1094055,1094190,1095507,1095651,1095942,1096514,1097174,1097413,1098394,1099323,1099460,1099887,1099945,1100142,1100225,1100697,1101780,1101812,1101880,1102013,1102218,1102265,1102819,1103090,1103530,1103696,1104034,1104154,1104491,1106164,1107333,1108557,1108834,1108969,1108995,1109023,1109893,1110938,1111542,1112874,1113698,1113699,1113784,1114029,1114197,1114474,1114824,1116343,1116837,1117995,1121091,1121439,1122663,1122680,1123044,1123512,1123865,1124277,1125015,1125610,1125744,1127389,1128061,1128554,1129079,1129243,1130077,1130588,1130784,1131114,1132076,1133523,1133647,1134860,1135360,1135507,1135567,1135732,1135881,1137642,1138454,1139761,1140193,1140912,1143301,1146192,1146382,1148311,1148714,1150447,1151650,1151947,1152366,1153090,1153277,1153611,1154620,1154940,1155372,1157465,1157479,1158441,1159284,1162327,1162504,1163871,1163981,1165425,1165572,1167437,1167556,1168340,1169604,1169800,1170104,1170288,1170595,1171687,1171906,1172075,1173072,769106,769108,776615,849184,849204,849205,879904,887879,889605,892707,902494,908849,926318,932288,945380,948245,955373,958350,959572,963322,965403,967803,969320,970669,971372,972311,972490,975093,975303,975306,975733,975757,976148,977264,978150,978833,979448,979676,980313,983017,983512,985112,985661,986019,987798,988506,989193,989798,990029,990439,990440,991048,993039,993549,996455,999852
CVE References: CVE-2016-1866,CVE-2016-9639,CVE-2017-12791,CVE-2017-14695,CVE-2017-14696,CVE-2018-15750,CVE-2018-15751,CVE-2019-17361,CVE-2019-18897,CVE-2020-11651,CVE-2020-11652
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 36 Swamp Workflow Management 2020-07-21 04:33:42 UTC
SUSE-SU-2020:14431-1: An update that solves 11 vulnerabilities and has 251 fixes is now available.

Category: security (moderate)
Bug References: 1002529,1003449,1004047,1004260,1004723,1008933,1011304,1011800,1012398,1012999,1013876,1013938,1015882,1017078,1019386,1020831,1022562,1022841,1023535,1024406,1025896,1027044,1027240,1027426,1027722,1030009,1030073,1032213,1032452,1032931,1035914,1036125,1038855,1039370,1040886,1041993,1042749,1043111,1044719,1050003,1051948,1052264,1053376,1053955,1057635,1059291,1059758,1060230,1061407,1062462,1062464,1063419,1064520,1065792,1068446,1068566,1070372,1071322,1072599,1075950,1076578,1079048,1080290,1081151,1081592,1083294,1085667,1087055,1087278,1087581,1087891,1088070,1088888,1089112,1089362,1089526,1091371,1092161,1092373,1094055,1094190,1095507,1095651,1095942,1096514,1097174,1097413,1098394,1099323,1099460,1099887,1099945,1100142,1100225,1100697,1101780,1101812,1101880,1102013,1102218,1102265,1102819,1103090,1103530,1103696,1104034,1104154,1104491,1106164,1107333,1108557,1108834,1108969,1108995,1109023,1109893,1110938,1111542,1112874,1113698,1113699,1113784,1114029,1114197,1114474,1114824,1116343,1116837,1117995,1121091,1121439,1122663,1122680,1123044,1123512,1123865,1124277,1125015,1125610,1125744,1127389,1128061,1128554,1129079,1129243,1130077,1130588,1130784,1131114,1132076,1133523,1133647,1134860,1135360,1135507,1135567,1135656,1135732,1135881,1137642,1138454,1138952,1139761,1140193,1140912,1143301,1146192,1146382,1148311,1148714,1150447,1151650,1151947,1152366,1153090,1153277,1153611,1154620,1154940,1155372,1157465,1157479,1158441,1158940,1159118,1159284,1160931,1162327,1162504,1163871,1165425,1165572,1167437,1167556,1168340,1169604,1169800,1170042,1170104,1170288,1170595,1171687,1171906,1172075,1173072,1174165,769106,769108,776615,849184,849204,849205,879904,887879,889605,892707,902494,908849,926318,932288,945380,948245,955373,958350,959572,963322,965403,967803,969320,970669,971372,972311,972490,975093,975303,975306,975733,975757,976148,977264,978150,978833,979448,979676,980313,983017,983512,985112,985661,986019,987798,988506,989193,989798,990029,990439,990440,991048,993039,993549,996455,999852
CVE References: CVE-2016-1866,CVE-2016-9639,CVE-2017-12791,CVE-2017-14695,CVE-2017-14696,CVE-2018-15750,CVE-2018-15751,CVE-2019-17361,CVE-2019-18897,CVE-2020-11651,CVE-2020-11652
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 39 OBSbugzilla Bot 2021-01-11 19:00:07 UTC
This is an autogenerated message for OBS integration:
This bug (1130588) was mentioned in
https://build.opensuse.org/request/show/862422 Backports:SLE-15-SP3 / postfixadmin
Comment 44 Swamp Workflow Management 2021-02-08 14:52:41 UTC
SUSE-SU-2021:0315-1: An update that solves 14 vulnerabilities and has 218 fixes is now available.

Category: security (moderate)
Bug References: 1002529,1004047,1004260,1004723,1008933,1011304,1011800,1012398,1012999,1017078,1019386,1020831,1022562,1022841,1023535,1025896,1027044,1027240,1027722,1030009,1030073,1032213,1032452,1032931,1035914,1036125,1038855,1039370,1040886,1041993,1042749,1043111,1050003,1051948,1052264,1053376,1053955,1057635,1059291,1059758,1060230,1061407,1062462,1062464,1063419,1064520,1065792,1068446,1068566,1071322,1072599,1075950,1079048,1081592,1083110,1087055,1087278,1087581,1087891,1088888,1089112,1089362,1089526,1091371,1092161,1092373,1094055,1095507,1095651,1095942,1096514,1097174,1097413,1098394,1099323,1099460,1099887,1099945,1100142,1100225,1100697,1101780,1101812,1101880,1102013,1102218,1102248,1102265,1102819,1103530,1104154,1104491,1106164,1107333,1108557,1108834,1108969,1108995,1109893,1110938,1112874,1113698,1113699,1113784,1114029,1114197,1114474,1114824,1116343,1116837,1117995,1121091,1121439,1122663,1122680,1123044,1123512,1123865,1124277,1125015,1128061,1128554,1129079,1130588,1130784,1131114,1132076,1133523,1133647,1134860,1135360,1135507,1135567,1135656,1135732,1137642,1138952,1139761,1140193,1140912,1143301,1146192,1146382,1148714,1150447,1151650,1151947,1152366,1153611,1154620,1157465,1157479,1158441,1158940,1159118,1159284,1159670,1160931,1162327,1162504,1165425,1165572,1167437,1167556,1168340,1169604,1169800,1170042,1170104,1170288,1170595,1171461,1171906,1172075,1172211,1173072,1173909,1173911,1173936,1174165,1175549,1175987,1176024,1176294,1176397,1176480,1177867,1178319,1178361,1178362,1178485,849184,849204,849205,955373,958350,959572,963322,965403,967803,969320,970669,971372,972311,972490,975093,975303,975306,975733,975757,976148,978150,978833,979448,979676,980313,983017,983512,985112,985661,986019,988506,989193,989798,990029,990439,990440,991048,993039,993549,996455,999852
CVE References: CVE-2016-1866,CVE-2016-9639,CVE-2017-12791,CVE-2017-14695,CVE-2017-14696,CVE-2018-15750,CVE-2018-15751,CVE-2019-17361,CVE-2019-18897,CVE-2020-11651,CVE-2020-11652,CVE-2020-16846,CVE-2020-17490,CVE-2020-25592
JIRA References: 
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 45 Swamp Workflow Management 2021-02-08 15:27:47 UTC
SUSE-SU-2021:0316-1: An update that solves 14 vulnerabilities and has 218 fixes is now available.

Category: security (moderate)
Bug References: 1002529,1004047,1004260,1004723,1008933,1011304,1011800,1012398,1012999,1017078,1019386,1020831,1022562,1022841,1023535,1025896,1027044,1027240,1027722,1030009,1030073,1032213,1032452,1032931,1035914,1036125,1038855,1039370,1040886,1041993,1042749,1043111,1050003,1051948,1052264,1053376,1053955,1057635,1059291,1059758,1060230,1061407,1062462,1062464,1063419,1064520,1065792,1068446,1068566,1071322,1072599,1075950,1079048,1081592,1083110,1087055,1087278,1087581,1087891,1088888,1089112,1089362,1089526,1091371,1092161,1092373,1094055,1095507,1095651,1095942,1096514,1097174,1097413,1098394,1099323,1099460,1099887,1099945,1100142,1100225,1100697,1101780,1101812,1101880,1102013,1102218,1102248,1102265,1102819,1103530,1104154,1104491,1106164,1107333,1108557,1108834,1108969,1108995,1109893,1110938,1112874,1113698,1113699,1113784,1114029,1114197,1114474,1114824,1116343,1116837,1117995,1121091,1121439,1122663,1122680,1123044,1123512,1123865,1124277,1125015,1128061,1128554,1129079,1130588,1130784,1131114,1132076,1133523,1133647,1134860,1135360,1135507,1135567,1135656,1135732,1137642,1138952,1139761,1140193,1140912,1143301,1146192,1146382,1148714,1150447,1151650,1151947,1152366,1153611,1154620,1157465,1157479,1158441,1158940,1159118,1159284,1159670,1160931,1162327,1162504,1165425,1165572,1167437,1167556,1168340,1169604,1169800,1170042,1170104,1170288,1170595,1171461,1171906,1172075,1172211,1173072,1173909,1173911,1173936,1174165,1175549,1175987,1176024,1176294,1176397,1176480,1177867,1178319,1178361,1178362,1178485,849184,849204,849205,955373,958350,959572,963322,965403,967803,969320,970669,971372,972311,972490,975093,975303,975306,975733,975757,976148,978150,978833,979448,979676,980313,983017,983512,985112,985661,986019,988506,989193,989798,990029,990439,990440,991048,993039,993549,996455,999852
CVE References: CVE-2016-1866,CVE-2016-9639,CVE-2017-12791,CVE-2017-14695,CVE-2017-14696,CVE-2018-15750,CVE-2018-15751,CVE-2019-17361,CVE-2019-18897,CVE-2020-11651,CVE-2020-11652,CVE-2020-16846,CVE-2020-17490,CVE-2020-25592
JIRA References: 
Sources used:

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 59 OBSbugzilla Bot 2022-03-29 09:50:22 UTC
This is an autogenerated message for OBS integration:
This bug (1130588) was mentioned in
https://build.opensuse.org/request/show/965588 Backports:SLE-12-SP4 / pdns-recursor