Rocky Linux: RLSA-2023:1067 pesign security update
Summary
An update is available for pesign. This update affects Rocky Linux 9. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
The pesign packages provide the pesign utility for signing UEFI binaries as well as other associated tools. Security Fix(es): * pesign: Local privilege escalation on pesign systemd service (CVE-2022-3560) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
RPMs
pesign-0:115-6.el9_1.rocky.2.aarch64.rpm
pesign-0:115-6.el9_1.rocky.2.src.rpm
pesign-0:115-6.el9_1.rocky.2.x86_64.rpm
pesign-debuginfo-0:115-6.el9_1.rocky.2.aarch64.rpm
pesign-debuginfo-0:115-6.el9_1.rocky.2.x86_64.rpm
pesign-debugsource-0:115-6.el9_1.rocky.2.aarch64.rpm
pesign-debugsource-0:115-6.el9_1.rocky.2.x86_64.rpm
References
No References
CVEs
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3560
Fixes
https://bugzilla.redhat.com/show_bug.cgi?id=2135420