openSUSE: 2023:0163-1 Important: Keepass Memory Protection Update
opensuse
June 30, 2023
An update that fixes one vulnerability is now available
Description
This update for keepass fixes the following issues:
- Update to 2.54
* Security:
+ Improved process memory protection of secure edit controls
(CVE-2023-32784, boo#1211397).
* New Features:
+ Triggers, global URL overrides, password generator profiles and a
few more settings are now stored in the enforced configuration file.
+ Added dialog 'Enforce Options (All Users)' (menu 'Tools' â
'Advanced Tools' â 'Enforce Options'), which facilitates storing
certain options in the enforced configuration file.
+ In report dialogs, passwords (and other sensitive data) are now
hidden using asterisks by default (if hiding is activated in the
main window); the hiding can be toggled using the new '***' button
in the toolbar.
+ The 'Print' command in most report dialogs now requires the 'Print'
application policy flag, and the master key must be entered if the
...
Read the Full Advisory
Topics Covered
Patch
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
- openSUSE Backports SLE-15-SP5:
zypper in -t patch openSUSE-2023-163=1
Package List
- openSUSE Backports SLE-15-SP5 (noarch):
keepass-2.54-bp155.2.3.1
References
https://www.suse.com/security/cve/CVE-2023-32784.html
https://bugzilla.suse.com/1211397
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Announcement ID: openSUSE-SU-2023:0163-1
Rating: important
Affected Products:
openSUSE Backports SLE-15-SP5
.
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!