Bug 1156920 - wpa_supplicant-2.9 is broken with wicked
Summary: wpa_supplicant-2.9 is broken with wicked
Status: RESOLVED FIXED
: 1144670 1157394 1167325 (view as bug list)
Alias: None
Product: openSUSE Tumbleweed
Classification: openSUSE
Component: Network (show other bugs)
Version: Current
Hardware: Other Other
: P2 - High : Major with 15 votes (vote)
Target Milestone: ---
Assignee: wicked maintainers
QA Contact: E-mail List
URL:
Whiteboard:
Keywords:
Depends on:
Blocks: 1160654
  Show dependency treegraph
 
Reported: 2019-11-15 17:47 UTC by Roger Whittaker
Modified: 2023-05-11 06:48 UTC (History)
22 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Roger Whittaker 2019-11-15 17:47:07 UTC 
Unable to connect to wireless with wpa_supplicant-2.9-1.1.x86_64.

Downgrade to wpa_supplicant-2.6-9.1.x86_64.rpm solved the problem.

With 2.9-1.1, in /var/log/wpa_supplicant.log

1573837618.431976: wlp59s0: SME: Trying to authenticate with e4:95:6e:40:df:9d (SSID='rogeroffice' freq=2462 MHz)
1573837618.512991: wlp59s0: CTRL-EVENT-AUTH-REJECT e4:95:6e:40:df:9d auth_type=0 auth_transaction=2 status_code=1
1573837619.360496: wlp59s0: SME: Trying to authenticate with e4:95:6e:40:df:9d (SSID='rogeroffice' freq=2462 MHz)
1573837619.431234: wlp59s0: CTRL-EVENT-AUTH-REJECT e4:95:6e:40:df:9d auth_type=0 auth_transaction=2 status_code=1
1573837622.973427: wlp59s0: SME: Trying to authenticate with e4:95:6e:40:df:9d (SSID='rogeroffice' freq=2462 MHz)
1573837623.047145: wlp59s0: CTRL-EVENT-AUTH-REJECT e4:95:6e:40:df:9d auth_type=0 auth_transaction=2 status_code=1
1573837624.903588: wlp59s0: SME: Trying to authenticate with e4:95:6e:40:df:9d (SSID='rogeroffice' freq=2462 MHz)
1573837624.987293: wlp59s0: CTRL-EVENT-AUTH-REJECT e4:95:6e:40:df:9d auth_type=0 auth_transaction=2 status_code=1
1573837624.987338: wlp59s0: CTRL-EVENT-SSID-TEMP-DISABLED id=0 ssid="rogeroffice" auth_failures=1 duration=10 reason=CONN_FAILED
1573837634.854847: wlp59s0: CTRL-EVENT-SSID-REENABLED id=0 ssid="rogeroffice"
1573837634.854985: wlp59s0: SME: Trying to authenticate with e4:95:6e:40:df:9d (SSID='rogeroffice' freq=2462 MHz)
1573837634.935453: wlp59s0: CTRL-EVENT-AUTH-REJECT e4:95:6e:40:df:9d auth_type=0 auth_transaction=2 status_code=1
1573837634.935488: wlp59s0: CTRL-EVENT-SSID-TEMP-DISABLED id=0 ssid="rogeroffice" auth_failures=2 duration=20 reason=CONN_FAILED
1573837636.533619: wlp59s0: Reject scan trigger since one is already pending
1573837729.947335: nl80211: deinit ifname=p2p-dev-wlp59s0 disabled_11b_rates=0
1573837730.103068: nl80211: deinit ifname=wlp59s0 disabled_11b_rates=0

After downgrade:

1573839996.915081: wlp59s0: Trying to associate with e4:95:6e:40:df:9d (SSID='rogeroffice' freq=2462 MHz)
1573839996.973165: wlp59s0: Associated with e4:95:6e:40:df:9d
1573839996.990751: wlp59s0: WPA: Key negotiation completed with e4:95:6e:40:df:9d [PTK=CCMP GTK=CCMP]
1573839996.990876: wlp59s0: CTRL-EVENT-CONNECTED - Connection to e4:95:6e:40:df:9d completed [id=0 id_str=]
Comment 1 Roger Whittaker 2019-11-15 17:58:18 UTC 
hardware:

09: PCI 3b00.0: 0282 WLAN controller
  [Created at pci.386]
  Unique ID: 6MEi.0DCdC8nLf09
  Parent ID: z8Q3.q4o8LX05eKA
  SysFS ID: /devices/pci0000:00/0000:00:1c.0/0000:3b:00.0
  SysFS BusID: 0000:3b:00.0
  Hardware Class: network
  Model: "Intel Wireless-AC 9260"
  Vendor: pci 0x8086 "Intel Corporation"
  Device: pci 0x2526 "Wireless-AC 9260"
  SubVendor: pci 0x8086 "Intel Corporation"
  SubDevice: pci 0x4010 
  Revision: 0x29
  Driver: "iwlwifi"
  Driver Modules: "iwlwifi"
  Device File: wlp59s0
  Features: WLAN
  Memory Range: 0xed400000-0xed403fff (rw,non-prefetchable)
  IRQ: 16 (no events)
  HW Address: fc:77:74:22:4f:8e
  Permanent HW Address: fc:77:74:22:4f:8e
  Link detected: yes
  WLAN channels: 1 2 3 4 5 6 7 8 9 10 11 12 13 36 40 44 48 52 56 60 64 100 104 108 112 116 120 124 128 132 136 140
  WLAN frequencies: 2.412 2.417 2.422 2.427 2.432 2.437 2.442 2.447 2.452 2.457 2.462 2.467 2.472 5.18 5.2 5.22 5.24 5.26 5.28 5.3 5.32 5.5 5.52 5.54 5.56 5.58 5.6 5.62 5.64 5.66 5.68 5.7
  WLAN encryption modes: WEP40 WEP104 TKIP CCMP
  WLAN authentication modes: open sharedkey wpa-psk wpa-eap
  Module Alias: "pci:v00008086d00002526sv00008086sd00004010bc02sc80i00"
  Driver Info #0:
    Driver Status: iwlwifi is active
    Driver Activation Cmd: "modprobe iwlwifi"
  Config Status: cfg=no, avail=yes, need=no, active=unknown
  Attached to: #10 (PCI bridge)
Comment 2 Roger Whittaker 2019-11-15 18:03:36 UTC 
$ cat /etc/os-release 
NAME="openSUSE Tumbleweed"
# VERSION="20191112"
ID="opensuse-tumbleweed"
ID_LIKE="opensuse suse"
VERSION_ID="20191112"
PRETTY_NAME="openSUSE Tumbleweed"
ANSI_COLOR="0;32"
CPE_NAME="cpe:/o:opensuse:tumbleweed:20191112"
BUG_REPORT_URL="https://bugs.opensuse.org"
HOME_URL="https://www.opensuse.org/"
LOGO="distributor-logo"

$ uname -r
5.3.9-1-default
Comment 3 Roger Whittaker 2019-11-15 20:19:09 UTC 
Also in /var/log/messages the following type of messages were seen:

2019-11-15T17:10:40.973707+00:00 tweedledum wickedd[9213]: ni_wpa_interface_bind(wlp59s0): Interrupted system call
2019-11-15T17:10:40.973897+00:00 tweedledum wickedd[9213]: wpa_supplicant doesn't know interface wlp59s0

This is with wicked networking, but it was also impossible to connect using NetworkManager.
Comment 4 Bernhard Wiedemann 2019-11-28 04:58:44 UTC 
I also experienced this bug with wicked after the wpa_supplicant-2.9 update.

journalctl -b had an interesting extra information (that I cannot copy-paste for lack of WLAN) about dbus rejecting a getInterface access from wicked.
Comment 5 Roger Whittaker 2019-11-28 09:52:20 UTC 
Yes - I see this also:

Nov 28 09:41:05 tweedledum dbus-daemon[1859]: [system] Rejected send message, 1 matched rules; type="method_call", sender=":1.13" (uid=0 pid=2000 comm="/usr/sbin/wickedd --systemd --foreground ") interface="fi.epitest.hostap.WPASupplicant" member="getInterface" error name="(unset)" requested_reply="0" destination="fi.epitest.hostap.WPASupplicant" (bus)
Comment 6 Bernhard Wiedemann 2019-11-29 09:07:38 UTC 
I did
git clone git://w1.fi/hostap.git
git diff hostap_2_6..hostap_2_9

and it showed a deleted file
wpa_supplicant/dbus/dbus_old_handlers.c

- * Handler function for "getInterface" method call. Handles requests
- * by dbus clients for the object path of an specific network interface.
- */
-DBusMessage * wpas_dbus_global_get_interface(DBusMessage *message,
-                                            struct wpa_global *global)

Maybe this was a dropped deprecated method and wicked is still using it?
Comment 7 Roger Whittaker 2019-11-29 09:45:31 UTC 
In comment#3 I wrote: "This is with wicked networking, but it was also impossible to connect using NetworkManager."

After testing again, I see that this is FALSE - I CAN connect with NetworkManager,  but not with wicked.  

In the light of Bernhard's comment#6 above, this makes perfect sense and also explains why this issue has not been more widely reported, as not many people configure wireless using a static configuration in wicked.
Comment 8 Tomáš Chvátal 2019-12-02 09:40:44 UTC 
I tested it with networkmanager so only wicked is impacted really.
Now the question is if we should revert the removal of the dbus interface in wpa_supplicant or if we should fix the wicked to not rely on removed feature...
Comment 9 Karol Babioch 2019-12-02 09:47:48 UTC 
Hm, the wicked maintainers are actually very competent and responsive, so we could ask them to adjust accordingly. I haven't looked into the details yet, but in general I would rather stick with upstream and to keep some untested / unmaintained interfaces ...

However, I won't have time to work on this in the upcoming days / weeks :-/
Comment 10 Marius Tomaschewski 2019-12-11 13:22:54 UTC 
It's already on our TODO.

Wicked is still using the old dbus API, we need to migrate it to use the new one... in January.
Comment 11 Marius Tomaschewski 2019-12-11 13:24:23 UTC 
BTW: Workaround is to downgrade wpa_supplicant to < 2.8 AFAIK.
Comment 13 Bernhard Wiedemann 2020-01-31 02:08:51 UTC 
This probably also breaks NET installs over WLAN
Comment 14 Victor Zhestkov 2020-02-03 12:03:41 UTC 
Yes, it breaks NET installation over WIFI
Comment 15 Anatol Belski 2020-02-03 13:15:26 UTC 
Based on the previous suggestion from Bernhard, i was able to fix this issue on the current Tumbleweed aarch64 as well. Eg.

zypper in libopenssl1_0_0
rpm -U --oldpackage https://rpmfind.net/linux/opensuse/ports/update/leap/42.3/oss/aarch64/wpa_supplicant-2.6-16.1.aarch64.rpm
zypper al --type package wpa_supplicant 

Using the latest leap package seems to be suitable for now, so it seems to be a worky trick.

Thanks.
Comment 16 Martin Dornblüth 2020-02-14 19:44:36 UTC 
(In reply to Marius Tomaschewski from comment #10)
> It's already on our TODO.
> 
> Wicked is still using the old dbus API, we need to migrate it to use the new
> one... in January.

Dear Marius,
is there a schedule for the fix? I very much appreciate the "wicked" way to connect to the network, so I'm keen on the solution...
Comment 17 Marius Tomaschewski 2020-02-25 15:18:04 UTC 
We'll make a release tomorrow, but it will not include the new wpa API support.

It is not yet ready due to other high-prio issues (and more changed needed
than expected), sorry!
We continue to work on it, but because of the same reasons it is hard to
estimate when we can release it.

Once we're done so far with most use-cases and start the final testing,
the github pull request will be merged into testing branch with Test-RPMs
available at:
  https://build.opensuse.org/project/show/network:wicked:testing

We'll notify you about in this bug report then, so you can try it out before
it gets submitted to factory.
Comment 18 Martin Dornblüth 2020-03-09 11:37:30 UTC 
(In reply to Marius Tomaschewski from comment #17)
> We'll make a release tomorrow, but it will not include the new wpa API
> support.
> 
> It is not yet ready due to other high-prio issues (and more changed needed
> than expected), sorry!
> We continue to work on it, but because of the same reasons it is hard to
> estimate when we can release it.
> 
> Once we're done so far with most use-cases and start the final testing,
> the github pull request will be merged into testing branch with Test-RPMs
> available at:
>   https://build.opensuse.org/project/show/network:wicked:testing
> 
> We'll notify you about in this bug report then, so you can try it out before
> it gets submitted to factory.

Thank you for the reply and your commitment for the project!
Comment 19 Rubén Torrero Marijnissen 2020-03-23 13:53:52 UTC 
*** Bug 1157394 has been marked as a duplicate of this bug. ***
Comment 20 Rubén Torrero Marijnissen 2020-03-26 09:38:59 UTC 
*** Bug 1167325 has been marked as a duplicate of this bug. ***
Comment 21 Roger Whittaker 2020-04-08 15:35:28 UTC 
Just for the record, following a mention on the opensuse-factory list this problem does not seem to have been fixed by 2.9-2.1.
Comment 22 Roger Whittaker 2020-04-08 16:02:22 UTC 
Because a wicked fix is needed.
Comment 23 Bernhard Wiedemann 2020-04-17 14:48:11 UTC 
(In reply to Roger Whittaker from comment #22)
> Because a wicked fix is needed.

That is only 1 of the possible solutions.

I just submitted a fix to wpa_supplicant:
https://build.opensuse.org/request/show/794935

It is a plain revert of the "Drop the old D-BUS interface" commit
and a 2-line patch ontop to compensate for API changes since 2019.

Not sure why we didnt try that earlier...

P.S.
I am submitting this comment from my Tumbleweed laptop with wpa_supplicant-2.9
Comment 24 Roger Whittaker 2020-04-28 10:18:27 UTC 
# grep VERSION_ID /etc/os-release
VERSION_ID="20200425"

# rpm -q wpa_supplicant
wpa_supplicant-2.9-3.1.x86_64

And it works as expected.  Thanks very much Bernhard for your work.
Comment 28 Swamp Workflow Management 2020-11-19 14:28:41 UTC 
SUSE-SU-2020:3380-1: An update that fixes 22 vulnerabilities, contains one feature is now available.

Category: security (moderate)
Bug References: 1131644,1131868,1131870,1131871,1131872,1131874,1133640,1144443,1150934,1156920,1166933,1167331,930077,930078,930079
CVE References: CVE-2015-4141,CVE-2015-4142,CVE-2015-4143,CVE-2015-8041,CVE-2017-13077,CVE-2017-13078,CVE-2017-13079,CVE-2017-13080,CVE-2017-13081,CVE-2017-13082,CVE-2017-13086,CVE-2017-13087,CVE-2017-13088,CVE-2018-14526,CVE-2019-11555,CVE-2019-13377,CVE-2019-16275,CVE-2019-9494,CVE-2019-9495,CVE-2019-9497,CVE-2019-9498,CVE-2019-9499
JIRA References: SLE-14992
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    wpa_supplicant-2.9-4.20.1
SUSE Linux Enterprise Server 15-LTSS (src):    wpa_supplicant-2.9-4.20.1
SUSE Linux Enterprise Module for Basesystem 15-SP2 (src):    wpa_supplicant-2.9-4.20.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    wpa_supplicant-2.9-4.20.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    wpa_supplicant-2.9-4.20.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    wpa_supplicant-2.9-4.20.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 29 Swamp Workflow Management 2020-11-19 20:19:23 UTC 
SUSE-SU-2020:3424-1: An update that fixes 19 vulnerabilities, contains one feature is now available.

Category: security (moderate)
Bug References: 1131644,1131868,1131870,1131871,1131872,1131874,1133640,1144443,1150934,1156920,1165266,1166933,1167331
CVE References: CVE-2015-8041,CVE-2017-13077,CVE-2017-13078,CVE-2017-13079,CVE-2017-13080,CVE-2017-13081,CVE-2017-13082,CVE-2017-13086,CVE-2017-13087,CVE-2017-13088,CVE-2018-14526,CVE-2019-11555,CVE-2019-13377,CVE-2019-16275,CVE-2019-9494,CVE-2019-9495,CVE-2019-9497,CVE-2019-9498,CVE-2019-9499
JIRA References: SLE-14992
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    wpa_supplicant-2.9-23.3.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 30 Marius Tomaschewski 2020-11-23 10:55:19 UTC 
*** Bug 1144670 has been marked as a duplicate of this bug. ***
Comment 31 Swamp Workflow Management 2020-11-26 20:40:46 UTC 
openSUSE-SU-2020:2053-1: An update that fixes 22 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1131644,1131868,1131870,1131871,1131872,1131874,1133640,1144443,1150934,1156920,1166933,1167331,930077,930078,930079
CVE References: CVE-2015-4141,CVE-2015-4142,CVE-2015-4143,CVE-2015-8041,CVE-2017-13077,CVE-2017-13078,CVE-2017-13079,CVE-2017-13080,CVE-2017-13081,CVE-2017-13082,CVE-2017-13086,CVE-2017-13087,CVE-2017-13088,CVE-2018-14526,CVE-2019-11555,CVE-2019-13377,CVE-2019-16275,CVE-2019-9494,CVE-2019-9495,CVE-2019-9497,CVE-2019-9498,CVE-2019-9499
JIRA References: 
Sources used:
openSUSE Leap 15.1 (src):    wpa_supplicant-2.9-lp151.5.10.1
Comment 32 Swamp Workflow Management 2020-11-27 11:18:21 UTC 
openSUSE-SU-2020:2059-1: An update that fixes 22 vulnerabilities is now available.

Category: security (moderate)
Bug References: 1131644,1131868,1131870,1131871,1131872,1131874,1133640,1144443,1150934,1156920,1166933,1167331,930077,930078,930079
CVE References: CVE-2015-4141,CVE-2015-4142,CVE-2015-4143,CVE-2015-8041,CVE-2017-13077,CVE-2017-13078,CVE-2017-13079,CVE-2017-13080,CVE-2017-13081,CVE-2017-13082,CVE-2017-13086,CVE-2017-13087,CVE-2017-13088,CVE-2018-14526,CVE-2019-11555,CVE-2019-13377,CVE-2019-16275,CVE-2019-9494,CVE-2019-9495,CVE-2019-9497,CVE-2019-9498,CVE-2019-9499
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    wpa_supplicant-2.9-lp152.8.3.1
Comment 33 OBSbugzilla Bot 2021-06-15 19:00:12 UTC 
This is an autogenerated message for OBS integration:
This bug (1156920) was mentioned in
https://build.opensuse.org/request/show/900218 Factory / wicked
Comment 37 Swamp Workflow Management 2022-02-03 14:18:38 UTC 
SUSE-RU-2022:0317-1: An update that has 15 recommended fixes and contains one feature can now be installed.

Category: recommended (moderate)
Bug References: 1057592,1156920,1160654,1178357,1181163,1181812,1182227,1183407,1183495,1188019,1189560,1192164,1192311,1192353,1194392
CVE References: 
JIRA References: SLE-9750
Sources used:
SUSE Linux Enterprise Module for Basesystem 15-SP3 (src):    wicked-0.6.68-150300.4.5.1
SUSE Linux Enterprise Micro 5.1 (src):    wicked-0.6.68-150300.4.5.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 38 Swamp Workflow Management 2022-02-03 14:22:22 UTC 
SUSE-RU-2022:0318-1: An update that has 19 recommended fixes and contains one feature can now be installed.

Category: recommended (moderate)
Bug References: 1029961,1057592,1156920,1160654,1177215,1178357,1181163,1181186,1181812,1182227,1183407,1183495,1188019,1189560,1192164,1192311,1192353,1194392,954329
CVE References: 
JIRA References: SLE-9750
Sources used:
SUSE OpenStack Cloud Crowbar 8 (src):    wicked-0.6.68-38.45.1
SUSE OpenStack Cloud 8 (src):    wicked-0.6.68-38.45.1
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    wicked-0.6.68-38.45.1
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    wicked-0.6.68-38.45.1
SUSE Linux Enterprise Server 12-SP3-BCL (src):    wicked-0.6.68-38.45.1
SUSE Linux Enterprise Server 12-SP2-BCL (src):    wicked-0.6.68-38.45.1
HPE Helion Openstack 8 (src):    wicked-0.6.68-38.45.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 39 Swamp Workflow Management 2022-02-03 14:24:47 UTC 
openSUSE-RU-2022:0317-1: An update that has 15 recommended fixes and contains one feature can now be installed.

Category: recommended (moderate)
Bug References: 1057592,1156920,1160654,1178357,1181163,1181812,1182227,1183407,1183495,1188019,1189560,1192164,1192311,1192353,1194392
CVE References: 
JIRA References: SLE-9750
Sources used:
openSUSE Leap 15.3 (src):    wicked-0.6.68-150300.4.5.1
Comment 40 Swamp Workflow Management 2022-02-03 14:26:39 UTC 
SUSE-RU-2022:0315-1: An update that has 19 recommended fixes and contains one feature can now be installed.

Category: recommended (moderate)
Bug References: 1029961,1057592,1156920,1160654,1177215,1178357,1181163,1181186,1181812,1182227,1183407,1183495,1188019,1189560,1192164,1192311,1192353,1194392,954329
CVE References: 
JIRA References: SLE-9750
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    wicked-0.6.68-3.16.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 41 Marius Tomaschewski 2022-02-07 11:06:17 UTC 
wicked-0.6.68 (https://github.com/openSUSE/wicked/releases/tag/version-0.6.68)
submitted + accepted to all code streams, migration to the new DBUS API in
wicked-0.6.66 (https://github.com/openSUSE/wicked/releases/tag/version-0.6.66)
Comment 42 Swamp Workflow Management 2022-02-08 08:17:44 UTC 
SUSE-RU-2022:0345-1: An update that has 19 recommended fixes and contains one feature can now be installed.

Category: recommended (moderate)
Bug References: 1029961,1057592,1156920,1160654,1177215,1178357,1181163,1181186,1181812,1182227,1183407,1183495,1188019,1189560,1192164,1192311,1192353,1194392,954329
CVE References: 
JIRA References: SLE-9750
Sources used:
SUSE Linux Enterprise Server for SAP 15-SP1 (src):    wicked-0.6.68-3.24.1
SUSE Linux Enterprise Server 15-SP1-LTSS (src):    wicked-0.6.68-3.24.1
SUSE Linux Enterprise Server 15-SP1-BCL (src):    wicked-0.6.68-3.24.1
SUSE Linux Enterprise High Performance Computing 15-SP1-LTSS (src):    wicked-0.6.68-3.24.1
SUSE Linux Enterprise High Performance Computing 15-SP1-ESPOS (src):    wicked-0.6.68-3.24.1
SUSE Enterprise Storage 6 (src):    wicked-0.6.68-3.24.1
SUSE CaaS Platform 4.0 (src):    wicked-0.6.68-3.24.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 43 Swamp Workflow Management 2022-02-08 17:20:54 UTC 
SUSE-RU-2022:0346-1: An update that has 19 recommended fixes and contains one feature can now be installed.

Category: recommended (moderate)
Bug References: 1029961,1057592,1156920,1160654,1177215,1178357,1181163,1181186,1181812,1182227,1183407,1183495,1188019,1189560,1192164,1192311,1192353,1194392,954329
CVE References: 
JIRA References: SLE-9750
Sources used:
SUSE Manager Server 4.1 (src):    wicked-0.6.68-3.8.1
SUSE Manager Retail Branch Server 4.1 (src):    wicked-0.6.68-3.8.1
SUSE Manager Proxy 4.1 (src):    wicked-0.6.68-3.8.1
SUSE Linux Enterprise Server for SAP 15-SP2 (src):    wicked-0.6.68-3.8.1
SUSE Linux Enterprise Server 15-SP2-LTSS (src):    wicked-0.6.68-3.8.1
SUSE Linux Enterprise Server 15-SP2-BCL (src):    wicked-0.6.68-3.8.1
SUSE Linux Enterprise Micro 5.0 (src):    wicked-0.6.68-3.8.1
SUSE Linux Enterprise High Performance Computing 15-SP2-LTSS (src):    wicked-0.6.68-3.8.1
SUSE Linux Enterprise High Performance Computing 15-SP2-ESPOS (src):    wicked-0.6.68-3.8.1
SUSE Enterprise Storage 7 (src):    wicked-0.6.68-3.8.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 46 Swamp Workflow Management 2022-05-26 10:18:35 UTC 
SUSE-SU-2022:1853-1: An update that fixes 20 vulnerabilities, contains one feature is now available.

Category: security (important)
Bug References: 1131644,1131868,1131870,1131871,1131872,1131874,1133640,1144443,1156920,1165266,1166933,1167331,1182805,1194732,1194733
CVE References: CVE-2015-8041,CVE-2017-13077,CVE-2017-13078,CVE-2017-13079,CVE-2017-13080,CVE-2017-13081,CVE-2017-13082,CVE-2017-13086,CVE-2017-13087,CVE-2017-13088,CVE-2018-14526,CVE-2019-11555,CVE-2019-13377,CVE-2019-9494,CVE-2019-9495,CVE-2019-9497,CVE-2019-9498,CVE-2019-9499,CVE-2022-23303,CVE-2022-23304
JIRA References: SLE-14992
Sources used:
SUSE OpenStack Cloud Crowbar 9 (src):    wpa_supplicant-2.9-15.22.1
SUSE OpenStack Cloud Crowbar 8 (src):    wpa_supplicant-2.9-15.22.1
SUSE OpenStack Cloud 9 (src):    wpa_supplicant-2.9-15.22.1
SUSE OpenStack Cloud 8 (src):    wpa_supplicant-2.9-15.22.1
SUSE Linux Enterprise Server for SAP 12-SP4 (src):    wpa_supplicant-2.9-15.22.1
SUSE Linux Enterprise Server for SAP 12-SP3 (src):    wpa_supplicant-2.9-15.22.1
SUSE Linux Enterprise Server 12-SP4-LTSS (src):    wpa_supplicant-2.9-15.22.1
SUSE Linux Enterprise Server 12-SP3-LTSS (src):    wpa_supplicant-2.9-15.22.1
SUSE Linux Enterprise Server 12-SP3-BCL (src):    wpa_supplicant-2.9-15.22.1
SUSE Linux Enterprise Server 12-SP2-BCL (src):    wpa_supplicant-2.9-15.22.1
HPE Helion Openstack 8 (src):    wpa_supplicant-2.9-15.22.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.