Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 620
Alerts This Week
Warning Icon 1 620

openSUSE: 2023:0070-1 Critical: SystemD Security Updates Released

opensuse
Calendar Grey March 14, 2023
Dist Opensuse Esm H88
The latest update for Fedora tackles significant vulnerabilities in OpenSSH, bolstering defenses against unauthorized access threats.
An update that fixes two vulnerabilities is now available

Description

This update for amanda fixes the following issues:

- CVE-2022-37704: fix privilege escalation via rundump (boo#1208033,

gh#zmanda/amanda#195)

- CVE-2022-37705: fix privilege escalation via runtar suid binary

(boo#1208032, gh#zmanda/amanda#194)

Patch

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods

like YaST online_update or "zypper patch".

Alternatively you can run the command listed for your product:

- openSUSE Backports SLE-15-SP4:

zypper in -t patch openSUSE-2023-69=1

Package List

- openSUSE Backports SLE-15-SP4 (aarch64 ppc64le s390x x86_64):

amanda-3.5.1-bp154.3.3.1

References

https://www.suse.com/security/cve/CVE-2022-37704.html

https://www.suse.com/security/cve/CVE-2022-37705.html

https://bugzilla.suse.com/1208032

https://bugzilla.suse.com/1208033

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: openSUSE-SU-2023:0069-1
Rating: important
Affected Products: openSUSE Backports SLE-15-SP4 .

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.