Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Fedora 38 podman-tui 0.15.0 critical: ssh truncation attack fix

fedora
Calendar Grey December 29, 2023
Dist Fedora Esm H88
Fedora podman-tui release 0.15.0 is now available, patching a critical SSH data loss issue. Update using dnf without delay!
release v0.15.0 includes security fix for [CVE-2023-48795]

Summary

podman-tui is a terminal user interface for Podman v4.

podman-tui is using podman.socket service to communicate with podman environment

and SSH to connect to remote podman machines.

Update Information:

release v0.15.0 includes security fix for [CVE-2023-48795]

Change Log

* Wed Dec 20 2023 Navid Yaghoobi - 0.15.0-1 - release v0.15.0

References


[ 1 ] Bug #2255104 - CVE-2023-48795 podman-tui: ssh: Prefix truncation attack on Binary Packet Protocol (BPP) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2255104

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-cb8c606fbb' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
critical
Lowest
Low
Medium
High
Critical

Name: podman-tui
Product: Fedora 38
Version: 0.15.0
Release: 1.fc38
Summary: Podman Terminal User Interface

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here