18750 moderate openSUSE Backports SLE-15-SP6 Update This update for velociraptor fixes the following issues: - Use llvm17 for Leap - Update to version 0.7.0.4.git142.862ef23: * github: fix deprecated upload artifact again * Update npm packages Includes fixes for the following vulnerabilities: CVE-2023-45133 CVE-2023-46234 CVE-2024-55565 CVE-2024-45296 CVE-2023-44270 CVE-2024-47068 CVE-2024-23331 CVE-2024-31207 CVE-2024-45812 CVE-2024-45811 * Update go dependencies Includes fixes for the following vulnerabilities: CVE-2024-45338 CVE-2024-37298 CVE-2024-24786 CVE-2023-45683 (boo#1216310) CVE-2023-1732 * Update jwt to 4.5.1 Fixes CVE-2024-51744 (boo#1232944) * Update go-retryablehttp to 0.7.7 Fixes CVE-2024-6104 (boo#1227061) * Update go-oidc and go-jose Fixes CVE-2024-28180 (boo#1235168) * Update dompurify to 3.1.3 Fixes CVE-2024-47875 (boo#1231574) * Update package-lock.json * Update micromatch to 4.0.8 Partial fix for CVE-2024-4067 (boo#1224367) Partial fix for CVE-2024-4068 (boo#1224296) * Update axios to 1.7.9 Fixes CVE-2024-39338 (boo#1229424) * Update cross-spawn to 7.0.6 Fixes CVE-2024-21538 (boo#1233845) * Update elliptic to 6.6.1 Update contains fixes for: CVE-2024-48949 (boo#1231558) CVE-2024-48948 (boo#1231685) CVE-2024-42459 (boo#1232543) CVE-2024-42460 (boo#1232543) CVE-2024-42461 (boo#1232543) * Update follow-redirects to 1.15.6 Fixes CVE-2024-28849 (boo#1221456) * fix: gui/velociraptor/package.json to reduce vulnerabilities Fixes CVE-2022-25883 (boo#1212572) * and many more changes - Update node modules with security fixes. * Fixes CVE-2024-39338 (boo#1229424) * Remove CVE-2024-28849-follow-redirects-drop-proxy-authorization.patch as the update is included. - Obsolete old velociraptor-kafka-humio-gateway package - Update to version 0.6.7.5~git81.01be570: * libbpfgo: pull fix for double-free * logscale: add documentation for plugin * bpf: fix path to vmlinux.h * file_store/test_utils/server_config.go: update test certificate * Update bluemonday dependency. * vql/functions/hash: cache results on Linux * libbpfgo: update to velociraptor-branch-v0.4.8-libbpf-1.2.0 * logscale/backport: don't use networking.GetHttpTransport * vql/tools/logscale: add plugin to post events to LogScale ingestion endpoint * file_store/directory: add ability to report pending size * libbpfgo: update submodule to require libzstd for newer libelf * utils/time.js: fix handling of nanosecond-resolution timestamps * libbpfgo: switch to using regular static builds * Create a new 0.6.7-5 release (#2385) - Verify FILESYSTEM_WRITE permission on copy() function (#2384) (boo#1207936, CVE-2023-0242) - Also ensure client id is considered unsafe (boo#1207937, CVE-2023-0290) * github/workflows/linux: do apt-get update to refresh package lists - Tightening the security of the services a bit: - tmp files are now moved to /var/lib/velociraptor{,-client}/tmp from /tmp - run velociraptor server as user velociraptor instead of root we do not really need root permissions here - introduce /var/lib/velociraptor/filestore to make it easier to split out large file upload - change permissions for the data directory and subdirectories to /var/lib/velociraptor/ u=rwX,go= velociraptor:velociraptor /var/lib/velociraptor-client/ u=rwX,go= root:root - change permissions of config directory to: /etc/velociraptor/ u=rwX,g=rX,o= root:velociraptor /etc/velociraptor/server.config u=rw,g=r,o= root:velociraptor /etc/velociraptor/client.config u=rw,go= root:root velociraptor-0.7.0.4.git142.862ef23-bp156.3.3.1.src.rpm velociraptor-0.7.0.4.git142.862ef23-bp156.3.3.1.x86_64.rpm system-user-velociraptor-1.0.0-bp156.3.3.1.noarch.rpm velociraptor-client-0.7.0.4.git142.862ef23-bp156.3.3.1.src.rpm velociraptor-client-0.7.0.4.git142.862ef23-bp156.3.3.1.x86_64.rpm velociraptor-client-0.7.0.4.git142.862ef23-bp156.3.3.1.aarch64.rpm velociraptor-client-0.7.0.4.git142.862ef23-bp156.3.3.1.ppc64le.rpm velociraptor-client-0.7.0.4.git142.862ef23-bp156.3.3.1.s390x.rpm