SUSE-SU-2022:3709-1

See a problem?

Import Source

https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2022:3709-1.json

JSON Data

https://api.osv.dev/v1/vulns/SUSE-SU-2022:3709-1

Related

Published

2022-10-24T14:23:06Z

Modified

2022-10-24T14:23:06Z

Summary

Security update for multipath-tools

Details

This update for multipath-tools fixes the following issues:

CVE-2022-41973: Fixed a symlink attack in multipathd. (bsc#1202739)
CVE-2022-41974: Fixed an authorization bypass issue in multipathd. (bsc#1202739)
Avoid linking to libreadline to avoid licensing issue (bsc#1202616)
multipathd: add 'forcereconfigure' option (bsc#1189551) The command 'multipathd -kreconfigure' changes behavior: instead of reloading every map, it checks map configuration and reloads only modified maps. This speeds up the reconfigure operation substantially. The old behavior can be reinstated by setting 'forcereconfigure yes' in multipath.conf (not recommended). Note: 'force_reconfigure yes' is not supported in SLE15-SP4 and beyond, which provide the command 'multipathd -k'reconfigure all''
multipathd: avoid stalled clients during reconfigure (bsc#1189551)
multipathd: handle client disconnect correctly (bsc#1189551)

References

Affected packages

SUSE:Linux Enterprise High Performance Computing 15 SP2-ESPOS / multipath-tools

Package

Name: multipath-tools
Purl: purl:rpm/suse/multipath-tools&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-ESPOS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.8.2+182.6d41865-150200.4.14.1

Ecosystem specific

{
    "binaries": [
        {
            "libdmmp0_2_0": "0.8.2+182.6d41865-150200.4.14.1",
            "multipath-tools-devel": "0.8.2+182.6d41865-150200.4.14.1",
            "libdmmp-devel": "0.8.2+182.6d41865-150200.4.14.1",
            "multipath-tools": "0.8.2+182.6d41865-150200.4.14.1",
            "kpartx": "0.8.2+182.6d41865-150200.4.14.1"
        }
    ]
}

SUSE:Linux Enterprise High Performance Computing 15 SP2-LTSS / multipath-tools

Package

Name: multipath-tools
Purl: purl:rpm/suse/multipath-tools&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.8.2+182.6d41865-150200.4.14.1

Ecosystem specific

{
    "binaries": [
        {
            "libdmmp0_2_0": "0.8.2+182.6d41865-150200.4.14.1",
            "multipath-tools-devel": "0.8.2+182.6d41865-150200.4.14.1",
            "libdmmp-devel": "0.8.2+182.6d41865-150200.4.14.1",
            "multipath-tools": "0.8.2+182.6d41865-150200.4.14.1",
            "kpartx": "0.8.2+182.6d41865-150200.4.14.1"
        }
    ]
}

SUSE:Linux Enterprise Server 15 SP2-BCL / multipath-tools

Package

Name: multipath-tools
Purl: purl:rpm/suse/multipath-tools&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-BCL

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.8.2+182.6d41865-150200.4.14.1

Ecosystem specific

{
    "binaries": [
        {
            "libdmmp0_2_0": "0.8.2+182.6d41865-150200.4.14.1",
            "multipath-tools-devel": "0.8.2+182.6d41865-150200.4.14.1",
            "libdmmp-devel": "0.8.2+182.6d41865-150200.4.14.1",
            "multipath-tools": "0.8.2+182.6d41865-150200.4.14.1",
            "kpartx": "0.8.2+182.6d41865-150200.4.14.1"
        }
    ]
}

SUSE:Linux Enterprise Server 15 SP2-LTSS / multipath-tools

Package

Name: multipath-tools
Purl: purl:rpm/suse/multipath-tools&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.8.2+182.6d41865-150200.4.14.1

Ecosystem specific

{
    "binaries": [
        {
            "libdmmp0_2_0": "0.8.2+182.6d41865-150200.4.14.1",
            "multipath-tools-devel": "0.8.2+182.6d41865-150200.4.14.1",
            "libdmmp-devel": "0.8.2+182.6d41865-150200.4.14.1",
            "multipath-tools": "0.8.2+182.6d41865-150200.4.14.1",
            "kpartx": "0.8.2+182.6d41865-150200.4.14.1"
        }
    ]
}

SUSE:Linux Enterprise Server for SAP Applications 15 SP2 / multipath-tools

Package

Name: multipath-tools
Purl: purl:rpm/suse/multipath-tools&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.8.2+182.6d41865-150200.4.14.1

Ecosystem specific

{
    "binaries": [
        {
            "libdmmp0_2_0": "0.8.2+182.6d41865-150200.4.14.1",
            "multipath-tools-devel": "0.8.2+182.6d41865-150200.4.14.1",
            "libdmmp-devel": "0.8.2+182.6d41865-150200.4.14.1",
            "multipath-tools": "0.8.2+182.6d41865-150200.4.14.1",
            "kpartx": "0.8.2+182.6d41865-150200.4.14.1"
        }
    ]
}

SUSE:Manager Proxy 4.1 / multipath-tools

Package

Name: multipath-tools
Purl: purl:rpm/suse/multipath-tools&distro=SUSE%20Manager%20Proxy%204.1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.8.2+182.6d41865-150200.4.14.1

Ecosystem specific

{
    "binaries": [
        {
            "libdmmp0_2_0": "0.8.2+182.6d41865-150200.4.14.1",
            "multipath-tools-devel": "0.8.2+182.6d41865-150200.4.14.1",
            "libdmmp-devel": "0.8.2+182.6d41865-150200.4.14.1",
            "multipath-tools": "0.8.2+182.6d41865-150200.4.14.1",
            "kpartx": "0.8.2+182.6d41865-150200.4.14.1"
        }
    ]
}

SUSE:Manager Retail Branch Server 4.1 / multipath-tools

Package

Name: multipath-tools
Purl: purl:rpm/suse/multipath-tools&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.8.2+182.6d41865-150200.4.14.1

Ecosystem specific

{
    "binaries": [
        {
            "libdmmp0_2_0": "0.8.2+182.6d41865-150200.4.14.1",
            "multipath-tools-devel": "0.8.2+182.6d41865-150200.4.14.1",
            "libdmmp-devel": "0.8.2+182.6d41865-150200.4.14.1",
            "multipath-tools": "0.8.2+182.6d41865-150200.4.14.1",
            "kpartx": "0.8.2+182.6d41865-150200.4.14.1"
        }
    ]
}

SUSE:Manager Server 4.1 / multipath-tools

Package

Name: multipath-tools
Purl: purl:rpm/suse/multipath-tools&distro=SUSE%20Manager%20Server%204.1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.8.2+182.6d41865-150200.4.14.1

Ecosystem specific

{
    "binaries": [
        {
            "libdmmp0_2_0": "0.8.2+182.6d41865-150200.4.14.1",
            "multipath-tools-devel": "0.8.2+182.6d41865-150200.4.14.1",
            "libdmmp-devel": "0.8.2+182.6d41865-150200.4.14.1",
            "multipath-tools": "0.8.2+182.6d41865-150200.4.14.1",
            "kpartx": "0.8.2+182.6d41865-150200.4.14.1"
        }
    ]
}

SUSE:Enterprise Storage 7 / multipath-tools

Package

Name: multipath-tools
Purl: purl:rpm/suse/multipath-tools&distro=SUSE%20Enterprise%20Storage%207

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.8.2+182.6d41865-150200.4.14.1

Ecosystem specific

{
    "binaries": [
        {
            "libdmmp0_2_0": "0.8.2+182.6d41865-150200.4.14.1",
            "multipath-tools-devel": "0.8.2+182.6d41865-150200.4.14.1",
            "libdmmp-devel": "0.8.2+182.6d41865-150200.4.14.1",
            "multipath-tools": "0.8.2+182.6d41865-150200.4.14.1",
            "kpartx": "0.8.2+182.6d41865-150200.4.14.1"
        }
    ]
}