Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.SUSE_SU-2024-0573-1.NASL
HistoryFeb 22, 2024 - 12:00 a.m.

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : abseil-cpp, grpc, opencensus-proto, protobuf, python-abseil, python-grpcio, re2 (SUSE-SU-2024:0573-1)

2024-02-2200:00:00
This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
11
suse sled15
sles15
opensuse 15
grpc
hpack table
http/2
denial of service
tcp server

8.3 High

AI Score

Confidence

High

JSON

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0573-1 advisory.

  • When gRPC HTTP2 stack raised a header size exceeded error, it skipped parsing the rest of the HPACK frame.
    This caused any HPACK table mutations to also be skipped, resulting in a desynchronization of HPACK tables between sender and receiver. If leveraged, say, between a proxy and a backend, this could lead to requests from the proxy being interpreted as containing headers from different proxy clients - leading to an information leak that can be used for privilege escalation or data exfiltration. We recommend upgrading beyond the commit contained in https://github.com/grpc/grpc/pull/33005 https://github.com/grpc/grpc/pull/33005 (CVE-2023-32731)

  • gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for -bin suffixed headers will result in a disconnection by the gRPC server, but is typically allowed by HTTP2 proxies. We recommend upgrading beyond the commit in https://github.com/grpc/grpc/pull/32309 https://www.google.com/url (CVE-2023-32732)

  • gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption in the HPACK parser The unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client. The unbounded memory buffering bugs: - The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb. - HPACK varints have an encoding quirk whereby an infinite number of 0’s can be added at the start of an integer. gRPC’s hpack parser needed to read all of them before concluding a parse. - gRPC’s metadata overflow check was performed per frame, so that the following sequence of frames could cause infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3 etc (CVE-2023-33953)

  • The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. (CVE-2023-44487)

  • Lack of error handling in the TCP server in Google’s gRPC starting version 1.23 on posix-compatible platforms (ex. Linux) allows an attacker to cause a denial of service by initiating a significant number of connections with the server. Note that gRPC C++ Python, and Ruby are affected, but gRPC Java, and Go are NOT affected. (CVE-2023-4785)

Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.

#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# SUSE update advisory SUSE-SU-2024:0573-1. The text itself
# is copyright (C) SUSE.
##

include('compat.inc');

if (description)
{
  script_id(190881);
  script_version("1.3");
  script_set_attribute(attribute:"plugin_modification_date", value:"2024/02/23");

  script_cve_id(
    "CVE-2023-4785",
    "CVE-2023-32731",
    "CVE-2023-32732",
    "CVE-2023-33953",
    "CVE-2023-44487"
  );
  script_xref(name:"CISA-KNOWN-EXPLOITED", value:"2023/10/31");
  script_xref(name:"SuSE", value:"SUSE-SU-2024:0573-1");
  script_xref(name:"CEA-ID", value:"CEA-2024-0004");

  script_name(english:"SUSE SLED15 / SLES15 / openSUSE 15 Security Update : abseil-cpp, grpc, opencensus-proto, protobuf, python-abseil, python-grpcio, re2 (SUSE-SU-2024:0573-1)");

  script_set_attribute(attribute:"synopsis", value:
"The remote SUSE host is missing one or more security updates.");
  script_set_attribute(attribute:"description", value:
"The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are
affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0573-1 advisory.

  - When gRPC HTTP2 stack raised a header size exceeded error, it skipped parsing the rest of the HPACK frame.
    This caused any HPACK table mutations to also be skipped, resulting in a desynchronization of HPACK tables
    between sender and receiver. If leveraged, say, between a proxy and a backend, this could lead to requests
    from the proxy being interpreted as containing headers from different proxy clients - leading to an
    information leak that can be used for privilege escalation or data exfiltration. We recommend upgrading
    beyond the commit contained in https://github.com/grpc/grpc/pull/33005
    https://github.com/grpc/grpc/pull/33005 (CVE-2023-32731)

  - gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy
    and a gRPC server: a base64 encoding error for `-bin` suffixed headers will result in a disconnection by
    the gRPC server, but is typically allowed by HTTP2 proxies. We recommend upgrading beyond the commit in
    https://github.com/grpc/grpc/pull/32309 https://www.google.com/url (CVE-2023-32732)

  - gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects
    between clients and servers in exceptional cases/ Three vectors were found that allow the following DOS
    attacks: - Unbounded memory buffering in the HPACK parser - Unbounded CPU consumption in the HPACK parser
    The unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because
    that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected
    by the client. The unbounded memory buffering bugs: - The header size limit check was behind the string
    reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8
    or 16kb. - HPACK varints have an encoding quirk whereby an infinite number of 0's can be added at the
    start of an integer. gRPC's hpack parser needed to read all of them before concluding a parse. - gRPC's
    metadata overflow check was performed per frame, so that the following sequence of frames could cause
    infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3
    etc (CVE-2023-33953)

  - The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation
    can reset many streams quickly, as exploited in the wild in August through October 2023. (CVE-2023-44487)

  - Lack of error handling in the TCP server in Google's gRPC starting version 1.23 on posix-compatible
    platforms (ex. Linux) allows an attacker to cause a denial of service by initiating a significant number
    of connections with the server. Note that gRPC C++ Python, and Ruby are affected, but gRPC Java, and Go
    are NOT affected. (CVE-2023-4785)

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1133277");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1182659");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1203378");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1208794");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1212180");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1212182");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1214148");
  script_set_attribute(attribute:"see_also", value:"https://bugzilla.suse.com/1215334");
  # https://lists.suse.com/pipermail/sle-security-updates/2024-February/017985.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?e9d34831");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-32731");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-32732");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-33953");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-44487");
  script_set_attribute(attribute:"see_also", value:"https://www.suse.com/security/cve/CVE-2023-4785");
  script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:F/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:F/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-32731");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");

  script_set_attribute(attribute:"vuln_publication_date", value:"2023/06/09");
  script_set_attribute(attribute:"patch_publication_date", value:"2024/02/21");
  script_set_attribute(attribute:"plugin_publication_date", value:"2024/02/22");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:abseil-cpp-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libabsl2308_0_0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libgrpc++1_60");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libgrpc1_60");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libgrpc37");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libprotobuf-lite25_1_0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libprotobuf25_1_0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libprotoc25_1_0");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libre2-11");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libupb37");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:protobuf-devel");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python311-abseil");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python311-grpcio");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:python311-protobuf");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:15");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"SuSE Local Security Checks");

  script_copyright(english:"This script is Copyright (C) 2024 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include('rpm.inc');

if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item("Host/SuSE/release");
if (isnull(os_release) || os_release !~ "^(SLED|SLES|SUSE)") audit(AUDIT_OS_NOT, "SUSE / openSUSE");
var os_ver = pregmatch(pattern: "^(SLE(S|D)(?:_SAP)?\d+|SUSE([\d.]+))", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE / openSUSE');
os_ver = os_ver[1];
if (! preg(pattern:"^(SLED15|SLED_SAP15|SLES15|SLES_SAP15|SUSE15\.5)$", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15', 'SUSE / openSUSE (' + os_ver + ')');

if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE / openSUSE (' + os_ver + ')', cpu);

var service_pack = get_kb_item("Host/SuSE/patchlevel");
if (isnull(service_pack)) service_pack = "0";
if (os_ver == "SLED15" && (! preg(pattern:"^(4|5)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLED15 SP4/5", os_ver + " SP" + service_pack);
if (os_ver == "SLED_SAP15" && (! preg(pattern:"^(4|5)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLED_SAP15 SP4/5", os_ver + " SP" + service_pack);
if (os_ver == "SLES15" && (! preg(pattern:"^(4|5)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES15 SP4/5", os_ver + " SP" + service_pack);
if (os_ver == "SLES_SAP15" && (! preg(pattern:"^(4|5)$", string:service_pack))) audit(AUDIT_OS_NOT, "SLES_SAP15 SP4/5", os_ver + " SP" + service_pack);

var pkgs = [
    {'reference':'abseil-cpp-devel-20230802.1-150400.10.4.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
    {'reference':'libabsl2308_0_0-20230802.1-150400.10.4.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
    {'reference':'libabsl2308_0_0-20230802.1-150400.10.4.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
    {'reference':'libabsl2308_0_0-20230802.1-150400.10.4.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
    {'reference':'libgrpc++1_60-1.60.0-150400.8.3.2', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
    {'reference':'libgrpc1_60-1.60.0-150400.8.3.2', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
    {'reference':'libgrpc37-1.60.0-150400.8.3.2', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
    {'reference':'libprotobuf-lite25_1_0-25.1-150400.9.3.1', 'sp':'4', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
    {'reference':'libprotobuf-lite25_1_0-25.1-150400.9.3.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
    {'reference':'libprotobuf-lite25_1_0-25.1-150400.9.3.1', 'sp':'4', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
    {'reference':'libprotobuf25_1_0-25.1-150400.9.3.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
    {'reference':'libprotoc25_1_0-25.1-150400.9.3.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
    {'reference':'libre2-11-20240201-150400.9.3.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
    {'reference':'libupb37-1.60.0-150400.8.3.2', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
    {'reference':'protobuf-devel-25.1-150400.9.3.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4']},
    {'reference':'abseil-cpp-devel-20230802.1-150400.10.4.1', 'sp':'5', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
    {'reference':'abseil-cpp-devel-20230802.1-150400.10.4.1', 'sp':'5', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
    {'reference':'libabsl2308_0_0-20230802.1-150400.10.4.1', 'sp':'5', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
    {'reference':'libabsl2308_0_0-20230802.1-150400.10.4.1', 'sp':'5', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
    {'reference':'libgrpc++1_60-1.60.0-150400.8.3.2', 'sp':'5', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
    {'reference':'libgrpc++1_60-1.60.0-150400.8.3.2', 'sp':'5', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
    {'reference':'libgrpc1_60-1.60.0-150400.8.3.2', 'sp':'5', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
    {'reference':'libgrpc1_60-1.60.0-150400.8.3.2', 'sp':'5', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
    {'reference':'libgrpc37-1.60.0-150400.8.3.2', 'sp':'5', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
    {'reference':'libgrpc37-1.60.0-150400.8.3.2', 'sp':'5', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
    {'reference':'libprotobuf-lite25_1_0-25.1-150400.9.3.1', 'sp':'5', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
    {'reference':'libprotobuf-lite25_1_0-25.1-150400.9.3.1', 'sp':'5', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
    {'reference':'libprotobuf25_1_0-25.1-150400.9.3.1', 'sp':'5', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
    {'reference':'libprotobuf25_1_0-25.1-150400.9.3.1', 'sp':'5', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
    {'reference':'libprotoc25_1_0-25.1-150400.9.3.1', 'sp':'5', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
    {'reference':'libprotoc25_1_0-25.1-150400.9.3.1', 'sp':'5', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
    {'reference':'libre2-11-20240201-150400.9.3.1', 'sp':'5', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
    {'reference':'libre2-11-20240201-150400.9.3.1', 'sp':'5', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
    {'reference':'libupb37-1.60.0-150400.8.3.2', 'sp':'5', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
    {'reference':'libupb37-1.60.0-150400.8.3.2', 'sp':'5', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
    {'reference':'protobuf-devel-25.1-150400.9.3.1', 'sp':'5', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
    {'reference':'protobuf-devel-25.1-150400.9.3.1', 'sp':'5', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
    {'reference':'python311-abseil-1.4.0-150400.9.3.1', 'sp':'5', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
    {'reference':'python311-abseil-1.4.0-150400.9.3.1', 'sp':'5', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
    {'reference':'python311-grpcio-1.60.0-150400.9.3.2', 'sp':'5', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
    {'reference':'python311-grpcio-1.60.0-150400.9.3.2', 'sp':'5', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
    {'reference':'python311-protobuf-4.25.1-150400.9.3.1', 'sp':'5', 'release':'SLED_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
    {'reference':'python311-protobuf-4.25.1-150400.9.3.1', 'sp':'5', 'release':'SLES_SAP15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.5']},
    {'reference':'abseil-cpp-devel-20230802.1-150400.10.4.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-4']},
    {'reference':'abseil-cpp-devel-20230802.1-150400.10.4.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-4']},
    {'reference':'libabsl2308_0_0-20230802.1-150400.10.4.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-4']},
    {'reference':'libabsl2308_0_0-20230802.1-150400.10.4.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-4', 'SUSE-Manager-Proxy-release-4.3']},
    {'reference':'libgrpc++1_60-1.60.0-150400.8.3.2', 'sp':'4', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-4']},
    {'reference':'libgrpc++1_60-1.60.0-150400.8.3.2', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-4', 'SUSE-Manager-Proxy-release-4.3']},
    {'reference':'libgrpc1_60-1.60.0-150400.8.3.2', 'sp':'4', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-4']},
    {'reference':'libgrpc1_60-1.60.0-150400.8.3.2', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-4', 'SUSE-Manager-Proxy-release-4.3']},
    {'reference':'libgrpc37-1.60.0-150400.8.3.2', 'sp':'4', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-4']},
    {'reference':'libgrpc37-1.60.0-150400.8.3.2', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-4', 'SUSE-Manager-Proxy-release-4.3']},
    {'reference':'libprotobuf-lite25_1_0-25.1-150400.9.3.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-4']},
    {'reference':'libprotobuf-lite25_1_0-25.1-150400.9.3.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-4', 'SUSE-Manager-Proxy-release-4.3']},
    {'reference':'libprotobuf25_1_0-25.1-150400.9.3.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-4']},
    {'reference':'libprotobuf25_1_0-25.1-150400.9.3.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-4', 'SUSE-Manager-Proxy-release-4.3']},
    {'reference':'libprotoc25_1_0-25.1-150400.9.3.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-4']},
    {'reference':'libprotoc25_1_0-25.1-150400.9.3.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-4', 'SUSE-Manager-Proxy-release-4.3']},
    {'reference':'libre2-11-20240201-150400.9.3.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-4']},
    {'reference':'libre2-11-20240201-150400.9.3.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-4', 'SUSE-Manager-Proxy-release-4.3']},
    {'reference':'libupb37-1.60.0-150400.8.3.2', 'sp':'4', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-4']},
    {'reference':'libupb37-1.60.0-150400.8.3.2', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-4', 'SUSE-Manager-Proxy-release-4.3']},
    {'reference':'protobuf-devel-25.1-150400.9.3.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-4']},
    {'reference':'protobuf-devel-25.1-150400.9.3.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-4']},
    {'reference':'abseil-cpp-devel-20230802.1-150400.10.4.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.4']},
    {'reference':'abseil-cpp-devel-20230802.1-150400.10.4.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.4']},
    {'reference':'libabsl2308_0_0-20230802.1-150400.10.4.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.4']},
    {'reference':'libabsl2308_0_0-20230802.1-150400.10.4.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.4']},
    {'reference':'libgrpc++1_60-1.60.0-150400.8.3.2', 'sp':'4', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.4']},
    {'reference':'libgrpc++1_60-1.60.0-150400.8.3.2', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.4']},
    {'reference':'libgrpc1_60-1.60.0-150400.8.3.2', 'sp':'4', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.4']},
    {'reference':'libgrpc1_60-1.60.0-150400.8.3.2', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.4']},
    {'reference':'libgrpc37-1.60.0-150400.8.3.2', 'sp':'4', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.4']},
    {'reference':'libgrpc37-1.60.0-150400.8.3.2', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.4']},
    {'reference':'libprotobuf-lite25_1_0-25.1-150400.9.3.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.4']},
    {'reference':'libprotobuf-lite25_1_0-25.1-150400.9.3.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.4']},
    {'reference':'libprotobuf25_1_0-25.1-150400.9.3.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.4']},
    {'reference':'libprotobuf25_1_0-25.1-150400.9.3.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.4']},
    {'reference':'libprotoc25_1_0-25.1-150400.9.3.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.4']},
    {'reference':'libprotoc25_1_0-25.1-150400.9.3.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.4']},
    {'reference':'libre2-11-20240201-150400.9.3.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.4']},
    {'reference':'libre2-11-20240201-150400.9.3.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.4']},
    {'reference':'libupb37-1.60.0-150400.8.3.2', 'sp':'4', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.4']},
    {'reference':'libupb37-1.60.0-150400.8.3.2', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.4']},
    {'reference':'protobuf-devel-25.1-150400.9.3.1', 'sp':'4', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.4']},
    {'reference':'protobuf-devel-25.1-150400.9.3.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.4']},
    {'reference':'libabsl2308_0_0-20230802.1-150400.10.4.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'SUSE-Manager-Proxy-release-4.3', 'SUSE-Manager-Server-release-4.3', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4', 'suse-manager-server-release-4.3']},
    {'reference':'libabsl2308_0_0-20230802.1-150400.10.4.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'SUSE-Manager-Proxy-release-4.3', 'SUSE-Manager-Server-release-4.3', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4', 'suse-manager-server-release-4.3']},
    {'reference':'libprotobuf-lite25_1_0-25.1-150400.9.3.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'SUSE-Manager-Proxy-release-4.3', 'SUSE-Manager-Server-release-4.3', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4', 'suse-manager-server-release-4.3']},
    {'reference':'libprotobuf-lite25_1_0-25.1-150400.9.3.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.4', 'SUSE-Manager-Proxy-release-4.3', 'SUSE-Manager-Server-release-4.3', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4', 'suse-manager-server-release-4.3']},
    {'reference':'abseil-cpp-devel-20230802.1-150400.10.4.1', 'sp':'5', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-development-tools-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
    {'reference':'abseil-cpp-devel-20230802.1-150400.10.4.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-development-tools-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
    {'reference':'libabsl2308_0_0-20230802.1-150400.10.4.1', 'sp':'5', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
    {'reference':'libabsl2308_0_0-20230802.1-150400.10.4.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
    {'reference':'libgrpc++1_60-1.60.0-150400.8.3.2', 'sp':'5', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
    {'reference':'libgrpc++1_60-1.60.0-150400.8.3.2', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
    {'reference':'libgrpc1_60-1.60.0-150400.8.3.2', 'sp':'5', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
    {'reference':'libgrpc1_60-1.60.0-150400.8.3.2', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sle-module-public-cloud-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
    {'reference':'libgrpc37-1.60.0-150400.8.3.2', 'sp':'5', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
    {'reference':'libgrpc37-1.60.0-150400.8.3.2', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sle-module-public-cloud-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
    {'reference':'libprotobuf-lite25_1_0-25.1-150400.9.3.1', 'sp':'5', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
    {'reference':'libprotobuf-lite25_1_0-25.1-150400.9.3.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
    {'reference':'libprotobuf25_1_0-25.1-150400.9.3.1', 'sp':'5', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
    {'reference':'libprotobuf25_1_0-25.1-150400.9.3.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
    {'reference':'libprotoc25_1_0-25.1-150400.9.3.1', 'sp':'5', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sle-module-development-tools-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
    {'reference':'libprotoc25_1_0-25.1-150400.9.3.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sle-module-development-tools-release-15.5', 'sle-module-public-cloud-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
    {'reference':'libre2-11-20240201-150400.9.3.1', 'sp':'5', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
    {'reference':'libre2-11-20240201-150400.9.3.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sle-module-public-cloud-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
    {'reference':'libupb37-1.60.0-150400.8.3.2', 'sp':'5', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
    {'reference':'libupb37-1.60.0-150400.8.3.2', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-basesystem-release-15.5', 'sle-module-public-cloud-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
    {'reference':'protobuf-devel-25.1-150400.9.3.1', 'sp':'5', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-development-tools-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
    {'reference':'protobuf-devel-25.1-150400.9.3.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-development-tools-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
    {'reference':'python311-abseil-1.4.0-150400.9.3.1', 'sp':'5', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-python3-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
    {'reference':'python311-abseil-1.4.0-150400.9.3.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-python3-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
    {'reference':'python311-grpcio-1.60.0-150400.9.3.2', 'sp':'5', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-python3-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
    {'reference':'python311-grpcio-1.60.0-150400.9.3.2', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-python3-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
    {'reference':'python311-protobuf-4.25.1-150400.9.3.1', 'sp':'5', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-python3-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
    {'reference':'python311-protobuf-4.25.1-150400.9.3.1', 'sp':'5', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-release-15.5', 'sle-module-python3-release-15.5', 'sled-release-15.5', 'sles-release-15.5']},
    {'reference':'abseil-cpp-devel-20230802.1-150400.10.4.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
    {'reference':'grpc-devel-1.60.0-150400.8.3.2', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
    {'reference':'grpc-source-1.60.0-150400.8.3.2', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
    {'reference':'libabsl2308_0_0-20230802.1-150400.10.4.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
    {'reference':'libabsl2308_0_0-32bit-20230802.1-150400.10.4.1', 'cpu':'x86_64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
    {'reference':'libgrpc++1_60-1.60.0-150400.8.3.2', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
    {'reference':'libgrpc1_60-1.60.0-150400.8.3.2', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
    {'reference':'libgrpc37-1.60.0-150400.8.3.2', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
    {'reference':'libprotobuf-lite25_1_0-25.1-150400.9.3.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
    {'reference':'libprotobuf-lite25_1_0-32bit-25.1-150400.9.3.1', 'cpu':'x86_64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
    {'reference':'libprotobuf25_1_0-25.1-150400.9.3.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
    {'reference':'libprotobuf25_1_0-32bit-25.1-150400.9.3.1', 'cpu':'x86_64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
    {'reference':'libprotoc25_1_0-25.1-150400.9.3.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
    {'reference':'libprotoc25_1_0-32bit-25.1-150400.9.3.1', 'cpu':'x86_64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
    {'reference':'libre2-11-20240201-150400.9.3.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
    {'reference':'libre2-11-32bit-20240201-150400.9.3.1', 'cpu':'x86_64', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
    {'reference':'libupb37-1.60.0-150400.8.3.2', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
    {'reference':'opencensus-proto-source-0.3.0+git.20200721-150400.9.3.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
    {'reference':'protobuf-devel-25.1-150400.9.3.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
    {'reference':'protobuf-java-25.1-150400.9.3.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
    {'reference':'python311-abseil-1.4.0-150400.9.3.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
    {'reference':'python311-grpcio-1.60.0-150400.9.3.2', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
    {'reference':'python311-protobuf-4.25.1-150400.9.3.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
    {'reference':'re2-devel-20240201-150400.9.3.1', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
    {'reference':'upb-devel-1.60.0-150400.8.3.2', 'release':'SUSE15.5', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.5']},
    {'reference':'abseil-cpp-devel-20230802.1-150400.10.4.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.4']},
    {'reference':'libabsl2308_0_0-20230802.1-150400.10.4.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.4']},
    {'reference':'libgrpc++1_60-1.60.0-150400.8.3.2', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.4']},
    {'reference':'libgrpc1_60-1.60.0-150400.8.3.2', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.4']},
    {'reference':'libgrpc37-1.60.0-150400.8.3.2', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.4']},
    {'reference':'libprotobuf-lite25_1_0-25.1-150400.9.3.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.4']},
    {'reference':'libprotobuf25_1_0-25.1-150400.9.3.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.4']},
    {'reference':'libprotoc25_1_0-25.1-150400.9.3.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.4']},
    {'reference':'libre2-11-20240201-150400.9.3.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.4']},
    {'reference':'libupb37-1.60.0-150400.8.3.2', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.4']},
    {'reference':'protobuf-devel-25.1-150400.9.3.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.4']}
];

var ltss_caveat_required = FALSE;
var flag = 0;
foreach var package_array ( pkgs ) {
  var reference = NULL;
  var _release = NULL;
  var sp = NULL;
  var _cpu = NULL;
  var exists_check = NULL;
  var rpm_spec_vers_cmp = NULL;
  if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
  if (!empty_or_null(package_array['release'])) _release = package_array['release'];
  if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
  if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
  if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
  if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
  if (reference && _release) {
    if (exists_check) {
      var check_flag = 0;
      foreach var check (exists_check) {
        if (!rpm_exists(release:_release, rpm:check)) continue;
        if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;
        check_flag++;
      }
      if (!check_flag) continue;
    }
    if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;
  }
}

if (flag)
{
  var ltss_plugin_caveat = NULL;
  if(ltss_caveat_required) ltss_plugin_caveat = '\n' +
    'NOTE: This vulnerability check contains fixes that apply to\n' +
    'packages only available in SUSE Enterprise Linux Server LTSS\n' +
    'repositories. Access to these package security updates require\n' +
    'a paid SUSE LTSS subscription.\n';
  security_report_v4(
      port       : 0,
      severity   : SECURITY_HOLE,
      extra      : rpm_report_get() + ltss_plugin_caveat
  );
  exit(0);
}
else
{
  var tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'abseil-cpp-devel / grpc-devel / grpc-source / libabsl2308_0_0 / etc');
}
VendorProductVersionCPE
novellsuse_linuxabseil-cpp-develp-cpe:/a:novell:suse_linux:abseil-cpp-devel
novellsuse_linuxlibabsl2308_0_0p-cpe:/a:novell:suse_linux:libabsl2308_0_0
novellsuse_linuxlibgrpc%2b%2b1_60p-cpe:/a:novell:suse_linux:libgrpc%2b%2b1_60
novellsuse_linuxlibgrpc1_60p-cpe:/a:novell:suse_linux:libgrpc1_60
novellsuse_linuxlibgrpc37p-cpe:/a:novell:suse_linux:libgrpc37
novellsuse_linuxlibprotobuf-lite25_1_0p-cpe:/a:novell:suse_linux:libprotobuf-lite25_1_0
novellsuse_linuxlibprotobuf25_1_0p-cpe:/a:novell:suse_linux:libprotobuf25_1_0
novellsuse_linuxlibprotoc25_1_0p-cpe:/a:novell:suse_linux:libprotoc25_1_0
novellsuse_linuxlibre2-11p-cpe:/a:novell:suse_linux:libre2-11
novellsuse_linuxlibupb37p-cpe:/a:novell:suse_linux:libupb37
Rows per page:
1-10 of 151

Related

openvas 30
nessus 43
ibm 15
prion 4
cvelist 4
debiancve 5
fedora 13
cbl_mariner 10
osv 18
ubuntucve 4
cgr 3
wolfi 3
veracode 4
cve 4
redhatcve 4
github 4
alpinelinux 4
photon 1
talosblog 1
hivepro 1
cnvd 1
redhat 9
atlassian 2
oraclelinux 4
cisa_kev 1
almalinux 4
rocky 2
cisco 1
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2024:0573-1)
2024-02-22 00:00:00
openSUSE: Security Advisory for abseil (SUSE-SU-2024:0573-1)
2024-03-04 00:00:00
Huawei EulerOS: Security Advisory for grpc (EulerOS-SA-2023-3300)
2023-12-12 00:00:00
nessus
nessus
Amazon Linux 2023 : grpc, grpc-cpp, grpc-data (ALAS2023-2023-282)
2023-08-14 00:00:00
EulerOS 2.0 SP9 : grpc (EulerOS-SA-2023-3332)
2024-01-16 00:00:00
EulerOS 2.0 SP9 : grpc (EulerOS-SA-2023-3300)
2024-01-16 00:00:00
ibm
ibm
Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in gRPC
2023-07-27 22:11:35
Security Bulletin: Multiple vulnerabilities present in IBM Answer Retrieval for Watson Discovery versions 2.11 and earlier
2023-06-20 15:24:05
Security Bulletin: IBM Watson Discovery Cartridge for IBM Cloud Pak for Data affected by vulnerability in gRPC
2023-09-27 21:12:22
prion
prion
Design/Logic Flaw
2023-08-09 13:15:00
Design/Logic Flaw
2023-06-09 11:15:00
Design/Logic Flaw
2023-06-09 11:15:00
cvelist
cvelist
CVE-2023-33953 Denial-of-Service in gRPC
2023-08-09 12:54:47
CVE-2023-32732 Denial-of-Service in gRPC
2023-06-09 10:48:15
CVE-2023-32731 Information leak in gRPC
2023-06-09 10:54:08
debiancve
debiancve
CVE-2023-33953
2023-08-09 13:15:09
CVE-2023-32732
2023-06-09 11:15:09
CVE-2023-32731
2023-06-09 11:15:09
fedora
fedora
[SECURITY] Fedora 38 Update: grpc-1.48.4-8.fc38
2023-07-23 01:29:39
[SECURITY] Fedora 37 Update: grpc-1.48.4-8.fc37
2023-07-23 01:24:39
[SECURITY] Fedora 39 Update: mcrouter-0.41.0.20231016-1.fc39
2023-11-03 19:01:54
cbl_mariner
cbl_mariner
CVE-2023-33953 affecting package grpc for versions less than 1.62.0-2
2024-04-17 22:02:46
CVE-2023-4785 affecting package grpc for versions less than 1.62.0-2
2024-04-17 22:02:46
CVE-2023-44487 affecting package grpc for versions less than 1.42.0-7
2024-03-21 08:27:20
osv
osv
CVE-2023-33953
2023-08-09 13:15:09
gRPC connection termination issue
2023-07-06 21:15:08
CVE-2023-32732
2023-06-09 11:15:09
ubuntucve
ubuntucve
CVE-2023-32732
2023-06-09 00:00:00
CVE-2023-33953
2023-08-09 00:00:00
CVE-2023-32731
2023-06-09 00:00:00
cgr
cgr
CVE-2023-32732 vulnerabilities
2024-05-18 15:53:42
CVE-2023-32731 vulnerabilities
2024-05-18 15:53:42
CVE-2023-4785 vulnerabilities
2024-05-18 15:53:42
wolfi
wolfi
CVE-2023-32732 vulnerabilities
2024-05-18 15:56:03
CVE-2023-32731 vulnerabilities
2024-05-18 15:56:03
CVE-2023-4785 vulnerabilities
2024-05-18 15:56:03
veracode
veracode
Connection Termination
2023-07-13 10:09:03
Denial Of Service (DoS)
2023-08-14 03:44:29
Connection Confusion
2023-07-07 03:56:21
cve
cve
CVE-2023-33953
2023-08-09 13:15:09
CVE-2023-32732
2023-06-09 11:15:09
CVE-2023-32731
2023-06-09 11:15:09
redhatcve
redhatcve
CVE-2023-33953
2023-08-11 04:48:47
CVE-2023-32732
2023-06-13 06:35:42
CVE-2023-32731
2023-06-13 06:05:34
github
github
gRPC connection termination issue
2023-07-06 21:15:08
Connection confusion in gRPC
2023-07-05 19:12:51
Denial of Service Vulnerability in gRPC TCP Server (Posix-compatible platforms)
2023-09-13 18:31:26
alpinelinux
alpinelinux
CVE-2023-33953
2023-08-09 13:15:09
CVE-2023-32731
2023-06-09 11:15:00
CVE-2023-4785
2023-09-13 17:15:10
photon
photon
Moderate Photon OS Security Update - PHSA-2023-5.0-0068
2023-08-08 00:00:00
talosblog
talosblog
Year in Malware 2023: Recapping the major cybersecurity stories of the past year
2023-12-19 13:00:18
hivepro
hivepro
Attacks, Vulnerabilities and Actors 9 October to 15 October 2023
2023-10-17 09:10:10
cnvd
cnvd
F5 BIG-IP Denial of Service Vulnerability (CNVD-2023-75597)
2023-10-11 00:00:00
redhat
redhat
(RHSA-2023:5989) Important: varnish security update
2023-10-23 08:39:49
(RHSA-2023:6023) Important: varnish:6 security update
2023-10-23 11:39:17
(RHSA-2023:6020) Important: varnish:6 security update
2023-10-23 11:37:18
atlassian
atlassian
DoS (Denial of Service) org.apache.tomcat:tomcat-coyote in Bamboo Data Center and Server
2023-11-10 01:44:55
DoS (Denial of Service) org.apache.tomcat:tomcat-coyote Vulnerability in Crowd Data Center and Server
2023-11-22 06:44:58
oraclelinux
oraclelinux
nghttp2 security update
2023-10-19 00:00:00
nodejs:16 security update
2023-10-20 00:00:00
nghttp2 security update
2023-11-16 00:00:00
cisa_kev
cisa_kev
HTTP/2 Rapid Reset Attack Vulnerability
2023-10-10 00:00:00
almalinux
almalinux
Important: dotnet7.0 security update
2023-10-16 00:00:00
Important: nodejs security update
2023-10-17 00:00:00
Moderate: nginx:1.22 security update
2023-10-25 00:00:00
rocky
rocky
.NET 7.0 security update
2023-10-24 18:36:50
nghttp2 security update
2023-11-11 23:00:24
cisco
cisco
HTTP/2 Rapid Reset Attack Affecting Cisco Products: October 2023
2023-10-16 16:00:00

8.3 High

AI Score

Confidence

High

JSON
Related for SUSE_SU-2024-0573-1.NASL
openvas30nessus43ibm15prion4cvelist4debiancve5fedora13cbl_mariner10osv18ubuntucve4cgr3wolfi3veracode4cve4redhatcve4github4alpinelinux4photon1talosblog1hivepro1cnvd1redhat9atlassian2oraclelinux4cisa_kev1almalinux4rocky2cisco1