Security update for powerpc-utils SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2025:21067-1 Final 1 1 2025-11-10T14:24:22Z current 2025-11-10T14:24:22Z 2025-11-10T14:24:22Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for powerpc-utils This update for powerpc-utils fixes the following issues: - Start SMT service after networking (bsc#1249152 ltc#214730) - Fix inconsistent Core Online/Offline States Observed in lscpu and ppc64_cpu --info Command Outputs During DLPAR Operation (bsc#1246126 ltc#214064) - Fix HNV installation network conflicts across all distributions (jsc#PED-3946) - Fix negative values of idle PURR (bsc#1238322 ltc#210808) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-SLE-Micro-6.1-335 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2025/suse-su-202521067-1/ Link for SUSE-SU-2025:21067-1 https://lists.suse.com/pipermail/sle-security-updates/2025-November/023412.html E-Mail link for SUSE-SU-2025:21067-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1200731 SUSE Bug 1200731 https://bugzilla.suse.com/1238322 SUSE Bug 1238322 https://bugzilla.suse.com/1246126 SUSE Bug 1246126 https://bugzilla.suse.com/1249152 SUSE Bug 1249152 https://bugzilla.suse.com/430790 SUSE Bug 430790 https://bugzilla.suse.com/866675 SUSE Bug 866675 https://bugzilla.suse.com/869852 SUSE Bug 869852 https://bugzilla.suse.com/883174 SUSE Bug 883174 https://bugzilla.suse.com/886123 SUSE Bug 886123 https://bugzilla.suse.com/887275 SUSE Bug 887275 https://bugzilla.suse.com/933651 SUSE Bug 933651 https://www.suse.com/security/cve/CVE-2014-4040/ SUSE CVE CVE-2014-4040 page SUSE Linux Micro 6.1 powerpc-utils-1.3.12-slfo.1.1_5.1 powerpc-utils-1.3.12-slfo.1.1_5.1 as a component of SUSE Linux Micro 6.1 snap in powerpc-utils 1.2.20 produces an archive with fstab and yaboot.conf files potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive information by leveraging access to a technical-support data stream. CVE-2014-4040 SUSE Linux Micro 6.1:powerpc-utils-1.3.12-slfo.1.1_5.1 moderate 5 AV:N/AC:L/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202521067-1/ https://www.suse.com/security/cve/CVE-2014-4040.html CVE-2014-4040 https://bugzilla.suse.com/883174 SUSE Bug 883174