SUSE-SU-2022:3711-1 -- SLES multipath-tools, kpartx, libdmmp-devel, libdmmp0_2_0, libmpath0ID: oval:org.secpod.oval:def:89047700 | Date: (C)2022-10-28 (M)2023-11-30 |
Class: PATCH | Family: unix |
This update for multipath-tools fixes the following issues: - CVE-2022-41973: Fixed a symlink attack in multipathd. - CVE-2022-41974: Fixed an authorization bypass issue in multipathd. - Avoid linking to libreadline to avoid licensing issue - libmultipath: fix find_multipaths_timeout for unknown hardware - multipath-tools: fix 'multipath -ll' for Native NVME Multipath devices - multipathd: don"t switch to DAEMON_IDLE during startup - multipathd: avoid delays during uevent processing - multipathd: Don"t keep starting TUR threads, if they always hang. - Fix busy loop with delayed_reconfigure - multipath.conf: add support for 'protocol' subsection in 'overrides' section to set certain config options by protocol. - Removed the previously deprecated options getuid_callout, config_dir, multipath_dir, pg_timeout - Add disclaimer about vendor support - Change built-in defaults for NVMe: group by prio, and immediate failback - Fixes for minor issues reported by coverity - Fix for memory leak with uid_attrs - Updates for built in hardware db - Logging improvements - multipathd: use remove_map_callback for delayed reconfigure - Fix handling of path addition in read-only arrays on NVMe - Updates of built-in hardware database - libmultipath: only warn once about unsupported dev_loss_tmo
Platform: |
SUSE Linux Enterprise Desktop 15 SP4 |
SUSE Linux Enterprise Server 15 SP4 |
Product: |
multipath-tools |
kpartx |
libdmmp-devel |
libdmmp0_2_0 |
libmpath0 |