{"affected":[{"ecosystem_specific":{"binaries":[{"supportutils":"3.1.26-150300.7.35.21.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Micro 5.5","name":"supportutils","purl":"pkg:rpm/suse/supportutils&distro=SUSE%20Linux%20Enterprise%20Micro%205.5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.1.26-150300.7.35.21.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for supportutils fixes the following issues:\n\nSecurity fixes:\n\n- CVE-2022-45154: Removed iSCSI passwords (bsc#1207598).\n\nOther Fixes:\n\n- Changes in version 3.1.26\n  + powerpc plugin to collect the slots and active memory (bsc#1210950)\n  + A Cleartext Storage of Sensitive Information vulnerability CVE-2022-45154\n  + supportconfig: collect BPF information (pr#154)\n  + Added additional iscsi information (pr#155)\n\n- Added run time detection (bsc#1213127)\n\n- Changes for supportutils version 3.1.25\n  + Removed iSCSI passwords CVE-2022-45154 (bsc#1207598)\n  + powerpc: Collect lsslot,amsstat, and opal elogs (pr#149)\n  + powerpc: collect invscout logs (pr#150)\n  + powerpc: collect RMC status logs (pr#151)\n  + Added missing nvme nbft commands (bsc#1211599)\n  + Fixed invalid nvme commands (bsc#1211598)\n  + Added missing podman information (PED-1703, bsc#1181477)\n  + Removed dependency on sysfstools\n  + Check for systool use (bsc#1210015)\n  + Added selinux checking (bsc#1209979)\n  + Updated SLES_VER matrix\n\n- Fixed missing status detail for apparmor (bsc#1196933)\n- Corrected invalid argument list in docker.txt (bsc#1206608)\n- Applies limit equally to sar data and text files (bsc#1207543)\n- Collects hwinfo hardware logs (bsc#1208928)\n- Collects lparnumascore logs (issue#148)\n\n- Add dependency to `numactl` on ppc64le and `s390x`, this enforces\n  that `numactl --hardware` data is provided in supportconfigs\n\n- Changes to supportconfig.rc version 3.1.11-35\n  + Corrected _sanitize_file to include iscsi.conf and others (bsc#1206402)\n\n- Changes to supportconfig version 3.1.11-46.4\n  + Added plymouth_info \n\n- Changes to getappcore version 1.53.02\n  + The location of chkbin was updated earlier. This documents that\n    change (bsc#1205533, bsc#1204942)\n","id":"SUSE-SU-2023:3822-2","modified":"2023-10-18T19:05:42Z","published":"2023-10-18T19:05:42Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2023/suse-su-20233822-2/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1181477"},{"type":"REPORT","url":"https://bugzilla.suse.com/1196933"},{"type":"REPORT","url":"https://bugzilla.suse.com/1204942"},{"type":"REPORT","url":"https://bugzilla.suse.com/1205533"},{"type":"REPORT","url":"https://bugzilla.suse.com/1206402"},{"type":"REPORT","url":"https://bugzilla.suse.com/1206608"},{"type":"REPORT","url":"https://bugzilla.suse.com/1207543"},{"type":"REPORT","url":"https://bugzilla.suse.com/1207598"},{"type":"REPORT","url":"https://bugzilla.suse.com/1208928"},{"type":"REPORT","url":"https://bugzilla.suse.com/1209979"},{"type":"REPORT","url":"https://bugzilla.suse.com/1210015"},{"type":"REPORT","url":"https://bugzilla.suse.com/1210950"},{"type":"REPORT","url":"https://bugzilla.suse.com/1211598"},{"type":"REPORT","url":"https://bugzilla.suse.com/1211599"},{"type":"REPORT","url":"https://bugzilla.suse.com/1213127"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-45154"}],"related":["CVE-2022-45154"],"summary":"Security update for supportutils","upstream":["CVE-2022-45154"]}