Alerts This Week
Warning Icon 1 692
Alerts This Week
Warning Icon 1 692

Fedora 38: 2024-3fd1bc9276 Critical Prometheus Exporter SSH Issue

fedora
Calendar Grey January 29, 2024
Dist Fedora Esm H88
The Fedora 38 release addresses a vulnerability in the prometheus-podman-exporter associated with CVE-2023-48795 to enhance overall security.
Security fix for CVE-2023-48795

Summary

Prometheus exporter for podman environments exposing containers, pods, images,

volumes and networks information.

Update Information:

Security fix for CVE-2023-48795

Topics%20covered

Topics Covered

security advisory fedora critical security fix ssh issue prometheus exporter binary packet protocol

Change Log

* Sun Jan 21 2024 Navid Yaghoobi - 1.7.0-1 - release v1.7.0

References


[ 1 ] Bug #2255105 - CVE-2023-48795 prometheus-podman-exporter: ssh: Prefix truncation attack on Binary Packet Protocol (BPP) [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2255105

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-3fd1bc9276' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
critical
Lowest
Low
Medium
High
Critical

Name: prometheus-podman-exporter
Product: Fedora 38
Version: 1.7.0
Release: 1.fc38
URL: https://github.com/containers/prometheus-podman-exporter
Summary: Prometheus exporter for podman environment

Topics%20covered

Topics Covered

security advisory fedora critical security fix ssh issue prometheus exporter binary packet protocol

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here