SUSE/OpenSUSE: PCP and Tumbleweed

posted by Roy Schestowitz on Sep 21, 2024

• LWN ☛ pcp: pmcd network daemon review (SUSE Security Team Blog)

  The SUSE Security Team Blog has a detailed review of the Performance Co-Pilot (PCP) 6.2.1 release:

  The rather complex PCP software suite was difficult to judge just from a cursory look, so we decided to take a closer look especially at PCP's networking logic at a later time. This report contains two CVEs and some non-CVE related findings we also gathered during the follow-up review.

• pcp: pmcd network daemon review (CVE-2024-45769), (CVE-2024-45770) | SUSE Security Team Blog

  Performance Co-Pilot (PCP) is a system for collecting system performance data and sharing it over the network. We performed a review of its main networking daemon component pmcd, which resulted in the finding of two CVEs and a couple of other noticeable aspects.

• Dominique Leuenberger ☛ Tumbleweed – Review of the week 2024/38

  Dear Tumbleweed users and hackers,

  The main task completed this week was bisecting/testing Mesa 24.1.7 together with Stefan Dirsch. Getting things tested was a bit nasty, but at least we managed to work through it and update Tumbleweed to Mesa 24.1.7 as part of snapshot 0915. Of course, that’s only one update picked out and it’s not the biggest one, just the one that consumed the most attention. In total, we have released six snapshots during this week (0912, 0913, 0915, 0916, 0917, and 0918).

  The most relevant changes were: [...]