{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"important"},"category":"csaf_security_advisory","csaf_version":"2.0","distribution":{"text":"Copyright 2024 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"Feature update for tcl and tk","title":"Title of the patch"},{"category":"description","text":"This feature update for tcl and tk fix the following issues:\n\nUpdate tcl and tk to version 8.6.12 (jsc#SLE-21015, jsc#SLE-23283):\n\n- Move tcl.macros to /usr/lib/rpm/macros.d (bsc#1185662) \n- Use FAT LTO objects in order to provide proper static library (bsc#1138797)\n- Fix tcl build issues on s390 architecture (bnc#1085480)\n- Fix tcl build issues caused by deprecated libieee in tcl configs (bsc#1179615, bsc#1181840)\n- Whitelist PowerPC tests that are not needed  (bsc#1072657)\n- Add [combobox current] support 'end' index\n- Add fixes in [text] bindings\n- Add missing 'deferred clear code' support to GIF photo images\n- Add new virtual event <<TkWorldChanged>> \n- Add new keycodes: CodeInput, SingleCandidate, MultipleCandidate, PreviousCandidate\n- Add new support for POSIX error: EILSEQ\n- Add new command [tcl::unsupported::corotype]\n- Add new command [tcl::unsupported::timerate] for performance testing\n- Add new option -state to [ttk::scale]\n- Add portable keycodes: OE, oe, Ydiaeresis\n- Add support for backrefs in [array names -regexp]\n- Add support for Unicode 14\n- Disfavor Master/Slave terminology\n- Enhance [oo::object] to acquire or lose a class identity dynamically\n- Fix canvas rotated text overlap detection\n- Fix canvas closed polylines yo fully honor -joinstyle\n- Fix display of Long non-wrapped lines in text\n- Fix display treeview focus ring when -selectmode none\n- Fix focus events not to break entry validation\n- Fix [package prefer stable] failing case\n- Fix auto_path initialization by Safe Base interps\n- Fix bad interaction between grab and mouse pointer warp\n- Fix borderwidth calculations on menu items\n- Fix cascade tearoff menu redraw artifacts\n- Fix coords rounding when drawing canvas items\n- Fix corrupt result from [$c postscript] with -file or -channel\n- Fix errno management in socket full close\n- Fix failure when a [proc] argument name is computed, not literal\n- Fix focus on unmapped windows\n- Fix handling of duplicates in spinbox -values list\n- Fix incomplete read of multi-image GIF\n- Fix initialization order of static package in wish \n- Fix issue when trying to display angled text without Xft\n- Fix issue with font initialization when no font is installed\n- Fix problems with Noto Color Emoji font\n- Fix race conditions in [file delete] and [file mkdir]\n- Fix Std channel initialization for multi-thread operations\n- Fix tearoff menu redraw artifacts\n- Fix up arrow key in [text] to correctly move cursor to index 1.0\n- Fix various cursor issues\n- Fix various encoding issues\n- Fix various fontchooser issues\n- Fix various issues causing crashes and hang in\n- Fix various memory issues\n- Fix various scrolling bugs and add improvements\n- Fix 32/64-bit confusion of FS DIR operations reported for AIX\n- Improve appearance of text selection in [*entry] widgets\n- Improve checkbutton handling of -selectcolor\n- Improve handling of resolution changes\n- Improve multi-thread safety when Xft is in use \n- Improve ttk high-contrast-mode support\n- Improve emoji support\n- Improve legacy support for [tk_setPalette]\n- Make combobox -postoffset option work with default style\n- Make spinbox use proper names in query of option database\n- Menu flaws when empty menubar clicked\n- New index argument in [$menubutton post x y index]\n- Preserve canvas tag list order during add/delete\n- Prevent cross-manager loops of geom management\n- Rewrite of zlib inflation for multi-stream and completeness\n- Run fileevents in proper thread after [thread::attach $channel]\n- Stop [unload] corruption of list of loaded packages\n- Stop app switching exposing withdrawn windows as zombies\n- Tk now denied access to PRIMARY selection from safe interps\n- TkpDrawAngledCharsInContext leaked a CGColor\n- Try to restore Tcl's [update] command when Tk is unloaded\n- Changed [info * methods] to include mixins\n- [package require] is now NR-enabled\n\nThe following fixes might show some potential incompatibilities with existing software:\n\n- Revised [binary (en|de)code base64] for RFC compliance and roundtrip\n- Fix precision of Tcl_DStringAppendElement quoting of #\n- Extended [clock scan] ISO format and time zone support\n- Allow for select/copy from disabled text widget on all platforms\n- Revised case of [info loaded] module names\n- [info hostname] reports DNS name, not NetBIOS name\n- Force -eofchar \\032 when evaluating library scripts\n- Revised error messages: 'too few' => 'not enough'\n- Performed rewrite of Tk event loop to prevent ring overflow\n- Refactored all MouseWheel bindings\n- Revised precision of ::scale widget tick mark values\n- Prevent transient window cycles (crashed on Aqua)\n- Builds no longer use -lieee\n- Quoting of command line arguments by [exec] on Windows revised. Prior\n  quoting rules left holes where some values would not pass through, but\n  could trigger substitutions or program execution. See\n  https://core.tcl-lang.org/tcl/info/21b0629c81 \n- [lreplace] accepts all out-of-range index values\n","title":"Description of the patch"},{"category":"details","text":"SUSE-2022-484,SUSE-SLE-SDK-12-SP5-2022-484,SUSE-SLE-SERVER-12-SP5-2022-484","title":"Patchnames"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"SUSE ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"self","summary":"URL of this CSAF notice","url":"https://ftp.suse.com/pub/projects/security/csaf/suse-fu-2022_0484-1.json"},{"category":"self","summary":"URL for SUSE-FU-2022:0484-1","url":"https://www.suse.com/support/update/announcement//suse-fu-20220484-1/"},{"category":"self","summary":"E-Mail link for SUSE-FU-2022:0484-1","url":"https://lists.suse.com/pipermail/sle-updates/2022-February/021757.html"},{"category":"self","summary":"SUSE Bug 1072657","url":"https://bugzilla.suse.com/1072657"},{"category":"self","summary":"SUSE Bug 1085480","url":"https://bugzilla.suse.com/1085480"},{"category":"self","summary":"SUSE Bug 1138797","url":"https://bugzilla.suse.com/1138797"},{"category":"self","summary":"SUSE Bug 1179615","url":"https://bugzilla.suse.com/1179615"},{"category":"self","summary":"SUSE Bug 1181840","url":"https://bugzilla.suse.com/1181840"},{"category":"self","summary":"SUSE Bug 1185662","url":"https://bugzilla.suse.com/1185662"},{"category":"self","summary":"SUSE Bug 1195257","url":"https://bugzilla.suse.com/1195257"},{"category":"self","summary":"SUSE CVE CVE-2021-35331 page","url":"https://www.suse.com/security/cve/CVE-2021-35331/"}],"title":"Feature update for tcl and tk","tracking":{"current_release_date":"2022-02-18T03:29:03Z","generator":{"date":"2022-02-18T03:29:03Z","engine":{"name":"cve-database.git:bin/generate-csaf.pl","version":"1"}},"id":"SUSE-FU-2022:0484-1","initial_release_date":"2022-02-18T03:29:03Z","revision_history":[{"date":"2022-02-18T03:29:03Z","number":"1","summary":"Current version"}],"status":"final","version":"1"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_version","name":"tcl-8.6.12-11.3.1.aarch64","product":{"name":"tcl-8.6.12-11.3.1.aarch64","product_id":"tcl-8.6.12-11.3.1.aarch64"}},{"category":"product_version","name":"tcl-devel-8.6.12-11.3.1.aarch64","product":{"name":"tcl-devel-8.6.12-11.3.1.aarch64","product_id":"tcl-devel-8.6.12-11.3.1.aarch64"}},{"category":"product_version","name":"tk-8.6.12-11.3.1.aarch64","product":{"name":"tk-8.6.12-11.3.1.aarch64","product_id":"tk-8.6.12-11.3.1.aarch64"}},{"category":"product_version","name":"tk-devel-8.6.12-11.3.1.aarch64","product":{"name":"tk-devel-8.6.12-11.3.1.aarch64","product_id":"tk-devel-8.6.12-11.3.1.aarch64"}}],"category":"architecture","name":"aarch64"},{"branches":[{"category":"product_version","name":"tcl-64bit-8.6.12-11.3.1.aarch64_ilp32","product":{"name":"tcl-64bit-8.6.12-11.3.1.aarch64_ilp32","product_id":"tcl-64bit-8.6.12-11.3.1.aarch64_ilp32"}},{"category":"product_version","name":"tk-64bit-8.6.12-11.3.1.aarch64_ilp32","product":{"name":"tk-64bit-8.6.12-11.3.1.aarch64_ilp32","product_id":"tk-64bit-8.6.12-11.3.1.aarch64_ilp32"}}],"category":"architecture","name":"aarch64_ilp32"},{"branches":[{"category":"product_version","name":"tcl-8.6.12-11.3.1.i586","product":{"name":"tcl-8.6.12-11.3.1.i586","product_id":"tcl-8.6.12-11.3.1.i586"}},{"category":"product_version","name":"tcl-devel-8.6.12-11.3.1.i586","product":{"name":"tcl-devel-8.6.12-11.3.1.i586","product_id":"tcl-devel-8.6.12-11.3.1.i586"}},{"category":"product_version","name":"tk-8.6.12-11.3.1.i586","product":{"name":"tk-8.6.12-11.3.1.i586","product_id":"tk-8.6.12-11.3.1.i586"}},{"category":"product_version","name":"tk-devel-8.6.12-11.3.1.i586","product":{"name":"tk-devel-8.6.12-11.3.1.i586","product_id":"tk-devel-8.6.12-11.3.1.i586"}}],"category":"architecture","name":"i586"},{"branches":[{"category":"product_version","name":"tcl-8.6.12-11.3.1.ppc64le","product":{"name":"tcl-8.6.12-11.3.1.ppc64le","product_id":"tcl-8.6.12-11.3.1.ppc64le"}},{"category":"product_version","name":"tcl-devel-8.6.12-11.3.1.ppc64le","product":{"name":"tcl-devel-8.6.12-11.3.1.ppc64le","product_id":"tcl-devel-8.6.12-11.3.1.ppc64le"}},{"category":"product_version","name":"tk-8.6.12-11.3.1.ppc64le","product":{"name":"tk-8.6.12-11.3.1.ppc64le","product_id":"tk-8.6.12-11.3.1.ppc64le"}},{"category":"product_version","name":"tk-devel-8.6.12-11.3.1.ppc64le","product":{"name":"tk-devel-8.6.12-11.3.1.ppc64le","product_id":"tk-devel-8.6.12-11.3.1.ppc64le"}}],"category":"architecture","name":"ppc64le"},{"branches":[{"category":"product_version","name":"tcl-8.6.12-11.3.1.s390","product":{"name":"tcl-8.6.12-11.3.1.s390","product_id":"tcl-8.6.12-11.3.1.s390"}},{"category":"product_version","name":"tcl-devel-8.6.12-11.3.1.s390","product":{"name":"tcl-devel-8.6.12-11.3.1.s390","product_id":"tcl-devel-8.6.12-11.3.1.s390"}},{"category":"product_version","name":"tk-8.6.12-11.3.1.s390","product":{"name":"tk-8.6.12-11.3.1.s390","product_id":"tk-8.6.12-11.3.1.s390"}},{"category":"product_version","name":"tk-devel-8.6.12-11.3.1.s390","product":{"name":"tk-devel-8.6.12-11.3.1.s390","product_id":"tk-devel-8.6.12-11.3.1.s390"}}],"category":"architecture","name":"s390"},{"branches":[{"category":"product_version","name":"tcl-8.6.12-11.3.1.s390x","product":{"name":"tcl-8.6.12-11.3.1.s390x","product_id":"tcl-8.6.12-11.3.1.s390x"}},{"category":"product_version","name":"tcl-32bit-8.6.12-11.3.1.s390x","product":{"name":"tcl-32bit-8.6.12-11.3.1.s390x","product_id":"tcl-32bit-8.6.12-11.3.1.s390x"}},{"category":"product_version","name":"tcl-devel-8.6.12-11.3.1.s390x","product":{"name":"tcl-devel-8.6.12-11.3.1.s390x","product_id":"tcl-devel-8.6.12-11.3.1.s390x"}},{"category":"product_version","name":"tk-8.6.12-11.3.1.s390x","product":{"name":"tk-8.6.12-11.3.1.s390x","product_id":"tk-8.6.12-11.3.1.s390x"}},{"category":"product_version","name":"tk-32bit-8.6.12-11.3.1.s390x","product":{"name":"tk-32bit-8.6.12-11.3.1.s390x","product_id":"tk-32bit-8.6.12-11.3.1.s390x"}},{"category":"product_version","name":"tk-devel-8.6.12-11.3.1.s390x","product":{"name":"tk-devel-8.6.12-11.3.1.s390x","product_id":"tk-devel-8.6.12-11.3.1.s390x"}}],"category":"architecture","name":"s390x"},{"branches":[{"category":"product_version","name":"tcl-8.6.12-11.3.1.x86_64","product":{"name":"tcl-8.6.12-11.3.1.x86_64","product_id":"tcl-8.6.12-11.3.1.x86_64"}},{"category":"product_version","name":"tcl-32bit-8.6.12-11.3.1.x86_64","product":{"name":"tcl-32bit-8.6.12-11.3.1.x86_64","product_id":"tcl-32bit-8.6.12-11.3.1.x86_64"}},{"category":"product_version","name":"tcl-devel-8.6.12-11.3.1.x86_64","product":{"name":"tcl-devel-8.6.12-11.3.1.x86_64","product_id":"tcl-devel-8.6.12-11.3.1.x86_64"}},{"category":"product_version","name":"tk-8.6.12-11.3.1.x86_64","product":{"name":"tk-8.6.12-11.3.1.x86_64","product_id":"tk-8.6.12-11.3.1.x86_64"}},{"category":"product_version","name":"tk-32bit-8.6.12-11.3.1.x86_64","product":{"name":"tk-32bit-8.6.12-11.3.1.x86_64","product_id":"tk-32bit-8.6.12-11.3.1.x86_64"}},{"category":"product_version","name":"tk-devel-8.6.12-11.3.1.x86_64","product":{"name":"tk-devel-8.6.12-11.3.1.x86_64","product_id":"tk-devel-8.6.12-11.3.1.x86_64"}}],"category":"architecture","name":"x86_64"},{"branches":[{"category":"product_name","name":"SUSE Linux Enterprise Software Development Kit 12 SP5","product":{"name":"SUSE Linux Enterprise Software Development Kit 12 SP5","product_id":"SUSE Linux Enterprise Software Development Kit 12 SP5","product_identification_helper":{"cpe":"cpe:/o:suse:sle-sdk:12:sp5"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server 12 SP5","product":{"name":"SUSE Linux Enterprise Server 12 SP5","product_id":"SUSE Linux Enterprise Server 12 SP5","product_identification_helper":{"cpe":"cpe:/o:suse:sles:12:sp5"}}},{"category":"product_name","name":"SUSE Linux Enterprise Server for SAP Applications 12 SP5","product":{"name":"SUSE Linux Enterprise Server for SAP Applications 12 SP5","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP5","product_identification_helper":{"cpe":"cpe:/o:suse:sles_sap:12:sp5"}}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"tcl-devel-8.6.12-11.3.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5","product_id":"SUSE Linux Enterprise Software Development Kit 12 SP5:tcl-devel-8.6.12-11.3.1.aarch64"},"product_reference":"tcl-devel-8.6.12-11.3.1.aarch64","relates_to_product_reference":"SUSE Linux Enterprise Software Development Kit 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"tcl-devel-8.6.12-11.3.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP5","product_id":"SUSE Linux Enterprise Software Development Kit 12 SP5:tcl-devel-8.6.12-11.3.1.ppc64le"},"product_reference":"tcl-devel-8.6.12-11.3.1.ppc64le","relates_to_product_reference":"SUSE Linux Enterprise Software Development Kit 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"tcl-devel-8.6.12-11.3.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP5","product_id":"SUSE Linux Enterprise Software Development Kit 12 SP5:tcl-devel-8.6.12-11.3.1.s390x"},"product_reference":"tcl-devel-8.6.12-11.3.1.s390x","relates_to_product_reference":"SUSE Linux Enterprise Software Development Kit 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"tcl-devel-8.6.12-11.3.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5","product_id":"SUSE Linux Enterprise Software Development Kit 12 SP5:tcl-devel-8.6.12-11.3.1.x86_64"},"product_reference":"tcl-devel-8.6.12-11.3.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Software Development Kit 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"tk-devel-8.6.12-11.3.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5","product_id":"SUSE Linux Enterprise Software Development Kit 12 SP5:tk-devel-8.6.12-11.3.1.aarch64"},"product_reference":"tk-devel-8.6.12-11.3.1.aarch64","relates_to_product_reference":"SUSE Linux Enterprise Software Development Kit 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"tk-devel-8.6.12-11.3.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP5","product_id":"SUSE Linux Enterprise Software Development Kit 12 SP5:tk-devel-8.6.12-11.3.1.ppc64le"},"product_reference":"tk-devel-8.6.12-11.3.1.ppc64le","relates_to_product_reference":"SUSE Linux Enterprise Software Development Kit 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"tk-devel-8.6.12-11.3.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP5","product_id":"SUSE Linux Enterprise Software Development Kit 12 SP5:tk-devel-8.6.12-11.3.1.s390x"},"product_reference":"tk-devel-8.6.12-11.3.1.s390x","relates_to_product_reference":"SUSE Linux Enterprise Software Development Kit 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"tk-devel-8.6.12-11.3.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5","product_id":"SUSE Linux Enterprise Software Development Kit 12 SP5:tk-devel-8.6.12-11.3.1.x86_64"},"product_reference":"tk-devel-8.6.12-11.3.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Software Development Kit 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"tcl-8.6.12-11.3.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5","product_id":"SUSE Linux Enterprise Server 12 SP5:tcl-8.6.12-11.3.1.aarch64"},"product_reference":"tcl-8.6.12-11.3.1.aarch64","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"tcl-8.6.12-11.3.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5","product_id":"SUSE Linux Enterprise Server 12 SP5:tcl-8.6.12-11.3.1.ppc64le"},"product_reference":"tcl-8.6.12-11.3.1.ppc64le","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"tcl-8.6.12-11.3.1.s390x as component of SUSE Linux Enterprise Server 12 SP5","product_id":"SUSE Linux Enterprise Server 12 SP5:tcl-8.6.12-11.3.1.s390x"},"product_reference":"tcl-8.6.12-11.3.1.s390x","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"tcl-8.6.12-11.3.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5","product_id":"SUSE Linux Enterprise Server 12 SP5:tcl-8.6.12-11.3.1.x86_64"},"product_reference":"tcl-8.6.12-11.3.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"tcl-32bit-8.6.12-11.3.1.s390x as component of SUSE Linux Enterprise Server 12 SP5","product_id":"SUSE Linux Enterprise Server 12 SP5:tcl-32bit-8.6.12-11.3.1.s390x"},"product_reference":"tcl-32bit-8.6.12-11.3.1.s390x","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"tcl-32bit-8.6.12-11.3.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5","product_id":"SUSE Linux Enterprise Server 12 SP5:tcl-32bit-8.6.12-11.3.1.x86_64"},"product_reference":"tcl-32bit-8.6.12-11.3.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"tk-8.6.12-11.3.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5","product_id":"SUSE Linux Enterprise Server 12 SP5:tk-8.6.12-11.3.1.aarch64"},"product_reference":"tk-8.6.12-11.3.1.aarch64","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"tk-8.6.12-11.3.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5","product_id":"SUSE Linux Enterprise Server 12 SP5:tk-8.6.12-11.3.1.ppc64le"},"product_reference":"tk-8.6.12-11.3.1.ppc64le","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"tk-8.6.12-11.3.1.s390x as component of SUSE Linux Enterprise Server 12 SP5","product_id":"SUSE Linux Enterprise Server 12 SP5:tk-8.6.12-11.3.1.s390x"},"product_reference":"tk-8.6.12-11.3.1.s390x","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"tk-8.6.12-11.3.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5","product_id":"SUSE Linux Enterprise Server 12 SP5:tk-8.6.12-11.3.1.x86_64"},"product_reference":"tk-8.6.12-11.3.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"tk-32bit-8.6.12-11.3.1.s390x as component of SUSE Linux Enterprise Server 12 SP5","product_id":"SUSE Linux Enterprise Server 12 SP5:tk-32bit-8.6.12-11.3.1.s390x"},"product_reference":"tk-32bit-8.6.12-11.3.1.s390x","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"tk-32bit-8.6.12-11.3.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5","product_id":"SUSE Linux Enterprise Server 12 SP5:tk-32bit-8.6.12-11.3.1.x86_64"},"product_reference":"tk-32bit-8.6.12-11.3.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"tcl-8.6.12-11.3.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcl-8.6.12-11.3.1.aarch64"},"product_reference":"tcl-8.6.12-11.3.1.aarch64","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"tcl-8.6.12-11.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcl-8.6.12-11.3.1.ppc64le"},"product_reference":"tcl-8.6.12-11.3.1.ppc64le","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"tcl-8.6.12-11.3.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcl-8.6.12-11.3.1.s390x"},"product_reference":"tcl-8.6.12-11.3.1.s390x","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"tcl-8.6.12-11.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcl-8.6.12-11.3.1.x86_64"},"product_reference":"tcl-8.6.12-11.3.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"tcl-32bit-8.6.12-11.3.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcl-32bit-8.6.12-11.3.1.s390x"},"product_reference":"tcl-32bit-8.6.12-11.3.1.s390x","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"tcl-32bit-8.6.12-11.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcl-32bit-8.6.12-11.3.1.x86_64"},"product_reference":"tcl-32bit-8.6.12-11.3.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"tk-8.6.12-11.3.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tk-8.6.12-11.3.1.aarch64"},"product_reference":"tk-8.6.12-11.3.1.aarch64","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"tk-8.6.12-11.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tk-8.6.12-11.3.1.ppc64le"},"product_reference":"tk-8.6.12-11.3.1.ppc64le","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"tk-8.6.12-11.3.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tk-8.6.12-11.3.1.s390x"},"product_reference":"tk-8.6.12-11.3.1.s390x","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"tk-8.6.12-11.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tk-8.6.12-11.3.1.x86_64"},"product_reference":"tk-8.6.12-11.3.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"tk-32bit-8.6.12-11.3.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tk-32bit-8.6.12-11.3.1.s390x"},"product_reference":"tk-32bit-8.6.12-11.3.1.s390x","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP5"},{"category":"default_component_of","full_product_name":{"name":"tk-32bit-8.6.12-11.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5","product_id":"SUSE Linux Enterprise Server for SAP Applications 12 SP5:tk-32bit-8.6.12-11.3.1.x86_64"},"product_reference":"tk-32bit-8.6.12-11.3.1.x86_64","relates_to_product_reference":"SUSE Linux Enterprise Server for SAP Applications 12 SP5"}]},"vulnerabilities":[{"cve":"CVE-2021-35331","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2021-35331"}],"notes":[{"category":"general","text":"In Tcl 8.6.11, a format string vulnerability in nmakehlp.c might allow code execution via a crafted file. NOTE: multiple third parties dispute the significance of this finding","title":"CVE description"}],"product_status":{"recommended":["SUSE Linux Enterprise Server 12 SP5:tcl-32bit-8.6.12-11.3.1.s390x","SUSE Linux Enterprise Server 12 SP5:tcl-32bit-8.6.12-11.3.1.x86_64","SUSE Linux Enterprise Server 12 SP5:tcl-8.6.12-11.3.1.aarch64","SUSE Linux Enterprise Server 12 SP5:tcl-8.6.12-11.3.1.ppc64le","SUSE Linux Enterprise Server 12 SP5:tcl-8.6.12-11.3.1.s390x","SUSE Linux Enterprise Server 12 SP5:tcl-8.6.12-11.3.1.x86_64","SUSE Linux Enterprise Server 12 SP5:tk-32bit-8.6.12-11.3.1.s390x","SUSE Linux Enterprise Server 12 SP5:tk-32bit-8.6.12-11.3.1.x86_64","SUSE Linux Enterprise Server 12 SP5:tk-8.6.12-11.3.1.aarch64","SUSE Linux Enterprise Server 12 SP5:tk-8.6.12-11.3.1.ppc64le","SUSE Linux Enterprise Server 12 SP5:tk-8.6.12-11.3.1.s390x","SUSE Linux Enterprise Server 12 SP5:tk-8.6.12-11.3.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcl-32bit-8.6.12-11.3.1.s390x","SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcl-32bit-8.6.12-11.3.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcl-8.6.12-11.3.1.aarch64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcl-8.6.12-11.3.1.ppc64le","SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcl-8.6.12-11.3.1.s390x","SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcl-8.6.12-11.3.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:tk-32bit-8.6.12-11.3.1.s390x","SUSE Linux Enterprise Server for SAP Applications 12 SP5:tk-32bit-8.6.12-11.3.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:tk-8.6.12-11.3.1.aarch64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:tk-8.6.12-11.3.1.ppc64le","SUSE Linux Enterprise Server for SAP Applications 12 SP5:tk-8.6.12-11.3.1.s390x","SUSE Linux Enterprise Server for SAP Applications 12 SP5:tk-8.6.12-11.3.1.x86_64","SUSE Linux Enterprise Software Development Kit 12 SP5:tcl-devel-8.6.12-11.3.1.aarch64","SUSE Linux Enterprise Software Development Kit 12 SP5:tcl-devel-8.6.12-11.3.1.ppc64le","SUSE Linux Enterprise Software Development Kit 12 SP5:tcl-devel-8.6.12-11.3.1.s390x","SUSE Linux Enterprise Software Development Kit 12 SP5:tcl-devel-8.6.12-11.3.1.x86_64","SUSE Linux Enterprise Software Development Kit 12 SP5:tk-devel-8.6.12-11.3.1.aarch64","SUSE Linux Enterprise Software Development Kit 12 SP5:tk-devel-8.6.12-11.3.1.ppc64le","SUSE Linux Enterprise Software Development Kit 12 SP5:tk-devel-8.6.12-11.3.1.s390x","SUSE Linux Enterprise Software Development Kit 12 SP5:tk-devel-8.6.12-11.3.1.x86_64"]},"references":[{"category":"external","summary":"CVE-2021-35331","url":"https://www.suse.com/security/cve/CVE-2021-35331"},{"category":"external","summary":"SUSE Bug 1195257 for CVE-2021-35331","url":"https://bugzilla.suse.com/1195257"}],"remediations":[{"category":"vendor_fix","details":"To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n","product_ids":["SUSE Linux Enterprise Server 12 SP5:tcl-32bit-8.6.12-11.3.1.s390x","SUSE Linux Enterprise Server 12 SP5:tcl-32bit-8.6.12-11.3.1.x86_64","SUSE Linux Enterprise Server 12 SP5:tcl-8.6.12-11.3.1.aarch64","SUSE Linux Enterprise Server 12 SP5:tcl-8.6.12-11.3.1.ppc64le","SUSE Linux Enterprise Server 12 SP5:tcl-8.6.12-11.3.1.s390x","SUSE Linux Enterprise Server 12 SP5:tcl-8.6.12-11.3.1.x86_64","SUSE Linux Enterprise Server 12 SP5:tk-32bit-8.6.12-11.3.1.s390x","SUSE Linux Enterprise Server 12 SP5:tk-32bit-8.6.12-11.3.1.x86_64","SUSE Linux Enterprise Server 12 SP5:tk-8.6.12-11.3.1.aarch64","SUSE Linux Enterprise Server 12 SP5:tk-8.6.12-11.3.1.ppc64le","SUSE Linux Enterprise Server 12 SP5:tk-8.6.12-11.3.1.s390x","SUSE Linux Enterprise Server 12 SP5:tk-8.6.12-11.3.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcl-32bit-8.6.12-11.3.1.s390x","SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcl-32bit-8.6.12-11.3.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcl-8.6.12-11.3.1.aarch64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcl-8.6.12-11.3.1.ppc64le","SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcl-8.6.12-11.3.1.s390x","SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcl-8.6.12-11.3.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:tk-32bit-8.6.12-11.3.1.s390x","SUSE Linux Enterprise Server for SAP Applications 12 SP5:tk-32bit-8.6.12-11.3.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:tk-8.6.12-11.3.1.aarch64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:tk-8.6.12-11.3.1.ppc64le","SUSE Linux Enterprise Server for SAP Applications 12 SP5:tk-8.6.12-11.3.1.s390x","SUSE Linux Enterprise Server for SAP Applications 12 SP5:tk-8.6.12-11.3.1.x86_64","SUSE Linux Enterprise Software Development Kit 12 SP5:tcl-devel-8.6.12-11.3.1.aarch64","SUSE Linux Enterprise Software Development Kit 12 SP5:tcl-devel-8.6.12-11.3.1.ppc64le","SUSE Linux Enterprise Software Development Kit 12 SP5:tcl-devel-8.6.12-11.3.1.s390x","SUSE Linux Enterprise Software Development Kit 12 SP5:tcl-devel-8.6.12-11.3.1.x86_64","SUSE Linux Enterprise Software Development Kit 12 SP5:tk-devel-8.6.12-11.3.1.aarch64","SUSE Linux Enterprise Software Development Kit 12 SP5:tk-devel-8.6.12-11.3.1.ppc64le","SUSE Linux Enterprise Software Development Kit 12 SP5:tk-devel-8.6.12-11.3.1.s390x","SUSE Linux Enterprise Software Development Kit 12 SP5:tk-devel-8.6.12-11.3.1.x86_64"]}],"scores":[{"cvss_v3":{"baseScore":7.8,"baseSeverity":"HIGH","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"products":["SUSE Linux Enterprise Server 12 SP5:tcl-32bit-8.6.12-11.3.1.s390x","SUSE Linux Enterprise Server 12 SP5:tcl-32bit-8.6.12-11.3.1.x86_64","SUSE Linux Enterprise Server 12 SP5:tcl-8.6.12-11.3.1.aarch64","SUSE Linux Enterprise Server 12 SP5:tcl-8.6.12-11.3.1.ppc64le","SUSE Linux Enterprise Server 12 SP5:tcl-8.6.12-11.3.1.s390x","SUSE Linux Enterprise Server 12 SP5:tcl-8.6.12-11.3.1.x86_64","SUSE Linux Enterprise Server 12 SP5:tk-32bit-8.6.12-11.3.1.s390x","SUSE Linux Enterprise Server 12 SP5:tk-32bit-8.6.12-11.3.1.x86_64","SUSE Linux Enterprise Server 12 SP5:tk-8.6.12-11.3.1.aarch64","SUSE Linux Enterprise Server 12 SP5:tk-8.6.12-11.3.1.ppc64le","SUSE Linux Enterprise Server 12 SP5:tk-8.6.12-11.3.1.s390x","SUSE Linux Enterprise Server 12 SP5:tk-8.6.12-11.3.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcl-32bit-8.6.12-11.3.1.s390x","SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcl-32bit-8.6.12-11.3.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcl-8.6.12-11.3.1.aarch64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcl-8.6.12-11.3.1.ppc64le","SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcl-8.6.12-11.3.1.s390x","SUSE Linux Enterprise Server for SAP Applications 12 SP5:tcl-8.6.12-11.3.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:tk-32bit-8.6.12-11.3.1.s390x","SUSE Linux Enterprise Server for SAP Applications 12 SP5:tk-32bit-8.6.12-11.3.1.x86_64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:tk-8.6.12-11.3.1.aarch64","SUSE Linux Enterprise Server for SAP Applications 12 SP5:tk-8.6.12-11.3.1.ppc64le","SUSE Linux Enterprise Server for SAP Applications 12 SP5:tk-8.6.12-11.3.1.s390x","SUSE Linux Enterprise Server for SAP Applications 12 SP5:tk-8.6.12-11.3.1.x86_64","SUSE Linux Enterprise Software Development Kit 12 SP5:tcl-devel-8.6.12-11.3.1.aarch64","SUSE Linux Enterprise Software Development Kit 12 SP5:tcl-devel-8.6.12-11.3.1.ppc64le","SUSE Linux Enterprise Software Development Kit 12 SP5:tcl-devel-8.6.12-11.3.1.s390x","SUSE Linux Enterprise Software Development Kit 12 SP5:tcl-devel-8.6.12-11.3.1.x86_64","SUSE Linux Enterprise Software Development Kit 12 SP5:tk-devel-8.6.12-11.3.1.aarch64","SUSE Linux Enterprise Software Development Kit 12 SP5:tk-devel-8.6.12-11.3.1.ppc64le","SUSE Linux Enterprise Software Development Kit 12 SP5:tk-devel-8.6.12-11.3.1.s390x","SUSE Linux Enterprise Software Development Kit 12 SP5:tk-devel-8.6.12-11.3.1.x86_64"]}],"threats":[{"category":"impact","date":"2022-02-18T03:29:03Z","details":"important"}],"title":"CVE-2021-35331"}]}