An update that solves 5 vulnerabilities and has two fixes
is now available.
Description:
This update for kafka, kafka-kit fixes following issues:
Remove JDBCAppender, JMSSink, chainsaw from log4j jars during build to
prevent bsc#1194842, CVE-2022-23302, bsc#1194843, CVE-2022-23305,
bsc#1194844, CVE-2022-23307
Rebuild with kafka-kit change to Remove JMSAppender from log4j jars
during build to prevent bsc#1193662, CVE-2021-4104
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or âzypper patchâ.
Alternatively you can run the command listed for your product:
openSUSE Leap 15.3:
zypper in -t patch openSUSE-SLE-15.3-2022-40=1
openSUSE Backports SLE-15-SP2:
zypper in -t patch openSUSE-2022-40=1
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
openSUSE Leap | 15.3 | x86_64 | <Â - openSUSE Leap 15.3 (x86_64): | - openSUSE Leap 15.3 (x86_64):.x86_64.rpm | |
openSUSE Backports SLE | 15-SP2 | aarch64 | - opensuse backports sle | <Â 15-SP2 (aarch64 ppc64le s390x x86_64): | - openSUSE Backports SLE-15-SP2 (aarch64 ppc64le s390x x86_64):.aarch64.rpm |
openSUSE Backports SLE | 15-SP2 | ppc64le | - opensuse backports sle | <Â 15-SP2 (aarch64 ppc64le s390x x86_64): | - openSUSE Backports SLE-15-SP2 (aarch64 ppc64le s390x x86_64):.ppc64le.rpm |
openSUSE Backports SLE | 15-SP2 | s390x | - opensuse backports sle | <Â 15-SP2 (aarch64 ppc64le s390x x86_64): | - openSUSE Backports SLE-15-SP2 (aarch64 ppc64le s390x x86_64):.s390x.rpm |
openSUSE Backports SLE | 15-SP2 | x86_64 | - opensuse backports sle | <Â 15-SP2 (aarch64 ppc64le s390x x86_64): | - openSUSE Backports SLE-15-SP2 (aarch64 ppc64le s390x x86_64):.x86_64.rpm |
openSUSE Backports SLE | 15-SP2 | x86_64 | - opensuse backports sle | <Â 15-SP2 (x86_64): | - openSUSE Backports SLE-15-SP2 (x86_64):.x86_64.rpm |